Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8774 | 1 Huawei | 8 Mate 8, Mate 8 Firmware, Mate S and 5 more | 2017-04-10 | 7.2 HIGH | 6.7 MEDIUM |
| The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. | |||||
| CVE-2016-8797 | 1 Huawei | 18 Ar3200, Ar3200 Firmware, S12700 and 15 more | 2017-04-10 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion. | |||||
| CVE-2015-7847 | 1 Huawei | 2 E3272s, E3272s Firmware | 2017-04-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| Huawei MBB (Mobile Broadband) product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service (DoS) vulnerability. An attacker could send a malicious packet to the Common Gateway Interface (CGI) of a target device and make it fail while setting the port attribute, which causes a DoS attack. | |||||
| CVE-2016-10313 | 1 Jensenofscandinavia | 6 Al3g, Al3g Firmware, Al5000ac and 3 more | 2017-04-10 | 6.8 MEDIUM | 8.8 HIGH |
| Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to conduct CSRF attacks via certain /goform/* pages. | |||||
| CVE-2016-10316 | 1 Jensenofscandinavia | 6 Al3g, Al3g Firmware, Al5000ac and 3 more | 2017-04-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to conduct Open Redirect attacks via the return-url parameter to /goform/formLogout. | |||||
| CVE-2014-9825 | 1 Imagemagick | 1 Imagemagick | 2017-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. | |||||
| CVE-2017-7380 | 1 Podofo Project | 1 Podofo | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
| CVE-2017-7383 | 1 Podofo Project | 1 Podofo | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
| CVE-2016-2379 | 1 Pidgin | 1 Mxit | 2017-04-10 | 3.3 LOW | 8.8 HIGH |
| The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords. | |||||
| CVE-2016-10314 | 1 Jensenofscandinavia | 6 Al3g, Al3g Firmware, Al5000ac and 3 more | 2017-04-10 | 4.0 MEDIUM | 8.8 HIGH |
| Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to read passwords via a direct request to the x.asp page. | |||||
| CVE-2017-6194 | 1 Radare | 1 Radare2 | 2017-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | |||||
| CVE-2016-10218 | 1 Artifex | 1 Ghostscript | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
| CVE-2017-7382 | 1 Podofo Project | 1 Podofo | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
| CVE-2017-6448 | 1 Radare | 1 Radare2 | 2017-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | |||||
| CVE-2014-3927 | 1 Mrlg4php Project | 1 Mrlg4php | 2017-04-10 | 7.5 HIGH | 9.8 CRITICAL |
| mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code. | |||||
| CVE-2016-8776 | 1 Huawei | 4 P9, P9 Firmware, P9 Lite and 1 more | 2017-04-10 | 2.1 LOW | 4.6 MEDIUM |
| Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. | |||||
| CVE-2014-8570 | 1 Huawei | 52 5300hi, 5300hi Firmware, 5310ei and 49 more | 2017-04-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping. | |||||
| CVE-2017-7285 | 1 Mikrotik | 1 Routeros | 2017-04-10 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | |||||
| CVE-2016-10312 | 1 Jensenofscandinavia | 6 Al3g, Al3g Firmware, Al5000ac and 3 more | 2017-04-10 | 10.0 HIGH | 9.8 CRITICAL |
| Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages. | |||||
| CVE-2017-4980 | 1 Emc | 1 Isilon Onefs | 2017-04-10 | 5.0 MEDIUM | 7.5 HIGH |
| EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1. | |||||