Latest CVE Feed
-
5.4
MEDIUM- Published: Jun. 05, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18285
The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf ch... Read more
- Published: Jun. 04, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18284
The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root scrip... Read more
- Published: Jun. 04, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2017-18283
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660.... Read more
Affected Products : android sd_625_firmware sd_835_firmware qca9379_firmware sda660_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_845_firmware sd_850_firmware +9 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18282
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.... Read more
Affected Products : android mdm9650_firmware sd210_firmware sd625_firmware sd835_firmware sd205_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd450_firmware +19 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18281
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel... Read more
Affected Products : android- Published: Oct. 29, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18280
In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Tr... Read more
Affected Products : msm8996au_firmware msm8909w_firmware sd210_firmware sd625_firmware sd835_firmware sd205_firmware mdm9607_firmware sd820_firmware sd450_firmware sd212_firmware +32 more products- Published: Sep. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18279
Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA95... Read more
Affected Products : ipq8064_firmware qca9886_firmware qca9980_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_835_firmware mdm9650_firmware +68 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18278
An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Sn... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware sd_212_firmware +24 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18277
When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MD... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware +36 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18276
Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850... Read more
Affected Products : sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_845_firmware sd_850_firmware mdm9206 +8 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18275
A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD ... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware +32 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18274
While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, ... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware sd_212_firmware +22 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18273
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a Get... Read more
- Published: May. 18, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2017-18272
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.... Read more
Affected Products : imagemagick- Published: May. 18, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18271
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.... Read more
- Published: May. 18, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.... Read more
Affected Products : linux_kernel- Published: May. 18, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans t... Read more
- Published: May. 18, 2018
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2017-18268
Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the... Read more
Affected Products : symantec_intelligencecenter- Published: May. 17, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18267
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.... Read more
- Published: May. 10, 2018
- Modified: Nov. 21, 2024