CVEs from 2017
Total
11,681
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17472 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730030. | |||
| CVE-2017-17471 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82732140. | |||
| CVE-2017-17470 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730054. | |||
| CVE-2017-17469 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730008, a differ… | |||
| CVE-2017-17468 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privileges or cause a denial of service (Arbitrary Write) via a \\.\Viragtlt DeviceIoControl request of 0x82730020, a different vulnerab… | |||
| CVE-2017-17467 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730074. | |||
| CVE-2017-17466 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privileges or cause a denial of service (Arbitrary Write) via a \\.\Viragtlt DeviceIoControl request of 0x82730088. | |||
| CVE-2017-11937 | high | 7.8 | 7.8 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Se… | |||
| CVE-2017-17450 | high | 7.8 | 7.8 | 9y ago | net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended ac… | |||
| CVE-2017-17448 | high | 7.8 | 7.8 | 9y ago | net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended acces… | |||
| CVE-2017-6276 | high | 7.8 | 7.8 | 9y ago | NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly le… | |||
| CVE-2017-6263 | high | 7.8 | 7.8 | 9y ago | NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the list_for_each kernel macro which could enable unauthorized code executi… | |||
| CVE-2017-13174 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel edl. Product: Android. Versions: Android kernel. Android ID A-63100473. | |||
| CVE-2017-13173 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek system server. Product: Android. Versions: Android kernel. Android ID A-28067350. References: M-ALPS02672361. | |||
| CVE-2017-13172 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791. | |||
| CVE-2017-13171 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086. | |||
| CVE-2017-13170 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. | |||
| CVE-2017-13168 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. | |||
| CVE-2017-13167 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993. | |||
| CVE-2017-13166 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. | |||
| CVE-2017-13163 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. | |||
| CVE-2017-13162 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. | |||
| CVE-2017-13161 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. | |||
| CVE-2017-13154 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. | |||
| CVE-2017-13153 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product: Android. Versions: 8.0. Android ID A-65280854. | |||
| CVE-2017-0871 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (framework base). Product: Android. Versions: 8.0. Android ID A-65281159. | |||
| CVE-2017-0870 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807. | |||
| CVE-2017-0837 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (libaudiopolicymanager). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64340921. | |||
| CVE-2017-17069 | high | 7.8 | 7.8 | 9y ago | ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already creat… | |||
| CVE-2017-15868 | high | 7.8 | 7.8 | 9y ago | The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a craf… | |||
| CVE-2017-9716 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qbt1000 driver implements an alternative channel for usermode applications to talk … | |||
| CVE-2017-14904 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer. | |||
| CVE-2017-14897 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while handling the QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND, a userspace buffer is directly… | |||
| CVE-2017-14895 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, after a subsystem reset, iwpriv is not giving correct information. | |||
| CVE-2017-11043 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may pote… | |||
| CVE-2017-11007 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name whi… | |||
| CVE-2017-9722 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled b… | |||
| CVE-2017-9710 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts wh… | |||
| CVE-2017-9700 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer overwrite is possible in fw_name_store if image name is 64 characters. | |||
| CVE-2017-9698 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improperly specified offset/size values for a submission command could cause a math ope… | |||
| CVE-2017-14901 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in whi… | |||
| CVE-2017-14900 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI vendor command, in which … | |||
| CVE-2017-14899 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command… | |||
| CVE-2017-14898 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in whi… | |||
| CVE-2017-14896 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver w… | |||
| CVE-2017-11047 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a graphics driver ioctl handler, the lack of copy_from_user() function calls may res… | |||
| CVE-2017-11042 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, ImsService and the IQtiImsExt AIDL APIs are not subject to access control. | |||
| CVE-2017-11033 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the coresight-tmc driver, a simultaneous read and enable of the ETR device after cha… | |||
| CVE-2017-11030 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver function hdmi_edid_sysfs_rda_res_info(), userspace can perform… | |||
| CVE-2017-11019 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the get_metadata was not closed even though the buffer allocate… | |||
| CVE-2017-11016 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block sta… | |||
| CVE-2017-17126 | high | 7.8 | 7.8 | 9y ago | The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified oth… | |||
| CVE-2017-17125 | high | 7.8 | 7.8 | 9y ago | nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and applica… | |||
| CVE-2017-17124 | high | 7.8 | 7.8 | 9y ago | The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the exter… | |||
| CVE-2017-17122 | high | 7.8 | 7.8 | 9y ago | The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory … | |||
| CVE-2017-17121 | high | 7.8 | 7.8 | 9y ago | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecifi… | |||
| CVE-2017-17114 | high | 7.8 | 7.8 | 9y ago | ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request. | |||
| CVE-2017-17112 | high | 7.8 | 7.8 | 9y ago | ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request. | |||
| CVE-2017-17099 | high | 7.8 | 7.8 | 9y ago | There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possi… | |||
| CVE-2017-10892 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-10891 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-17052 | high | 7.8 | 7.8 | 9y ago | The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or po… | |||
| CVE-2017-17050 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoContr… | |||
| CVE-2017-17049 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730010 DeviceIoContr… | |||
| CVE-2017-1000159 | high | 7.8 | 7.8 | 9y ago | Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. | |||
| CVE-2017-16948 | high | 7.8 | 7.8 | 9y ago | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoContr… | |||
| CVE-2017-16938 | high | 7.8 | 7.8 | 9y ago | A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolle… | |||
| CVE-2017-7501 | high | 7.8 | 7.8 | 9y ago | It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed cou… | |||
| CVE-2017-16879 | high | 7.8 | 7.8 | 9y ago | Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code … | |||
| CVE-2017-8212 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the … | |||
| CVE-2017-8211 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the … | |||
| CVE-2017-8210 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the … | |||
| CVE-2017-8209 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the … | |||
| CVE-2017-8208 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the … | |||
| CVE-2017-8207 | high | 7.8 | 7.8 | 9y ago | The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the… | |||
| CVE-2017-8205 | high | 7.8 | 7.8 | 9y ago | The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tr… | |||
| CVE-2017-8204 | high | 7.8 | 7.8 | 9y ago | The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker t… | |||
| CVE-2017-8203 | high | 7.8 | 7.8 | 9y ago | The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An a… | |||
| CVE-2017-8192 | high | 7.8 | 7.8 | 9y ago | FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation au… | |||
| CVE-2017-8185 | high | 7.8 | 7.8 | 9y ago | ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing… | |||
| CVE-2017-8181 | high | 7.8 | 7.8 | 9y ago | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification,… | |||
| CVE-2017-8180 | high | 7.8 | 7.8 | 9y ago | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an att… | |||
| CVE-2017-8179 | high | 7.8 | 7.8 | 9y ago | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an att… | |||
| CVE-2017-8170 | high | 7.8 | 7.8 | 9y ago | Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malici… | |||
| CVE-2017-8169 | high | 7.8 | 7.8 | 9y ago | Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malici… | |||
| CVE-2017-8160 | high | 7.8 | 7.8 | 9y ago | The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC… | |||
| CVE-2017-8159 | high | 7.8 | 7.8 | 9y ago | Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it la… | |||
| CVE-2017-8150 | high | 7.8 | 7.8 | 9y ago | The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 ha… | |||
| CVE-2017-8142 | high | 7.8 | 7.8 | 9y ago | The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use a… | |||
| CVE-2017-8141 | high | 7.8 | 7.8 | 9y ago | The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android sys… | |||
| CVE-2017-8140 | high | 7.8 | 7.8 | 9y ago | The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious appl… | |||
| CVE-2017-8137 | high | 7.8 | 7.8 | 9y ago | HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability… | |||
| CVE-2017-2729 | high | 7.8 | 7.8 | 9y ago | The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulne… | |||
| CVE-2017-2725 | high | 7.8 | 7.8 | 9y ago | Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root priv… | |||
| CVE-2017-2716 | high | 7.8 | 7.8 | 9y ago | The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privileg… | |||
| CVE-2017-2715 | high | 7.8 | 7.8 | 9y ago | The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attack… | |||
| CVE-2017-2699 | high | 7.8 | 7.8 | 9y ago | The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could… | |||
| CVE-2017-2698 | high | 7.8 | 7.8 | 9y ago | The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malici… | |||
| CVE-2017-2697 | high | 7.8 | 7.8 | 9y ago | The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlie… | |||
| CVE-2017-2696 | high | 7.8 | 7.8 | 9y ago | The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can t… |