Total
189 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-11774 | 1 Eclipse | 1 Omr | 2019-10-09 | 5.8 MEDIUM | 7.4 HIGH |
Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems. | |||||
CVE-2018-8584 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | |||||
CVE-2017-15404 | 1 Google | 1 Chrome | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to perform privilege escalation via a crafted HTML page. | |||||
CVE-2018-8449 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2019-10-02 | 2.1 LOW | 3.3 LOW |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | |||||
CVE-2017-0412 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926. | |||||
CVE-2017-0411 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690. | |||||
CVE-2017-0331 | 2 Google, Linux | 2 Android, Linux Kernel | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331. | |||||
CVE-2017-0756 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073. | |||||
CVE-2018-0966 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2019-10-02 | 2.1 LOW | 3.3 LOW |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |