Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | |||||
| CVE-2017-0325 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10 and Kernel 3.18. Android ID: A-33040280. References: N-CVE-2017-0325. | |||||
| CVE-2017-0332 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33812508. References: N-CVE-2017-0332. | |||||
| CVE-2017-0416 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32886609. | |||||
| CVE-2017-0417 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32705438. | |||||
| CVE-2017-0418 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32703959. | |||||
| CVE-2017-0429 | 2 Google, Linux | 2 Android, Linux Kernel | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32636619. References: N-CVE-2017-0429. | |||||
| CVE-2017-0453 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33979145. References: QC-CR#1105085. | |||||
| CVE-2017-0561 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814. | |||||
| CVE-2017-0608 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35400458. References: QC-CR#1098363. | |||||
| CVE-2017-0638 | 1 Google | 1 Android | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High because it is a remote arbitrary code execution in an unprivileged process. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36368305. | |||||
| CVE-2017-0684 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35421151. | |||||
| CVE-2017-0695 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37094889. | |||||
| CVE-2017-0701 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36385715. | |||||
| CVE-2017-0750 | 1 Google | 1 Android | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013. | |||||
| CVE-2017-0834 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953. | |||||
| CVE-2017-0852 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
| A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506. | |||||
| CVE-2018-6462 | 1 Tracker-software | 2 Pdf-xchange Viewer, Viewer Ax Sdk | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | |||||
| CVE-2017-11012 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 vendor command a stack-based buffer overflow can occur. | |||||
| CVE-2018-7240 | 1 Schneider-electric | 26 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 23 more | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware. | |||||