CVEs from 2017
Total
11,657
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2132 | high | 7.5 | 7.5 | 9y ago | Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. | |||
| CVE-2017-15650 | high | 7.5 | 7.5 | 9y ago | musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide a… | |||
| CVE-2017-10933 | high | 7.5 | 7.5 | 9y ago | All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary file… | |||
| CVE-2017-5635 | high | 7.5 | 7.5 | 9y ago | Improper Authentication In Apache NiFi | |||
| CVE-2017-15639 | medium | 6.5 | 7.5 | 9y ago | tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable feeds" feature. | |||
| CVE-2017-10388 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u… | |||
| CVE-2017-10373 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Health Center). Supported versions that are affected are 8.55 and 8.56. Easily exploit… | |||
| CVE-2017-10369 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Diffi… | |||
| CVE-2017-10335 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Elastic Search). Supported versions that are affected are 8.55 and 8.56. Easily exploi… | |||
| CVE-2017-10332 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, … | |||
| CVE-2017-10328 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.… | |||
| CVE-2017-10310 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1.2. Easily exploitable vulnerabili… | |||
| CVE-2017-10260 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3… | |||
| CVE-2017-10259 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerabil… | |||
| CVE-2017-10155 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploita… | |||
| CVE-2017-10037 | high | 7.5 | 7.5 | 9y ago | Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Service API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable … | |||
| CVE-2017-15609 | high | 7.5 | 7.5 | 9y ago | Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variable JSON file in certain situations involving Offline Drop Targets. | |||
| CVE-2017-12260 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote att… | |||
| CVE-2017-12259 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an af… | |||
| CVE-2017-15602 | high | 7.5 | 7.5 | 9y ago | In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted s… | |||
| CVE-2017-15601 | high | 7.5 | 7.5 | 9y ago | In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. | |||
| CVE-2017-15600 | high | 7.5 | 7.5 | 9y ago | In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. | |||
| CVE-2017-15359 | medium | 6.5 | 7.5 | 9y ago | In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInf… | |||
| CVE-2017-15577 | high | 7.5 | 7.5 | 9y ago | Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information. | |||
| CVE-2017-15576 | high | 7.5 | 7.5 | 9y ago | Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information. | |||
| CVE-2017-15572 | high | 7.5 | 7.5 | 9y ago | In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redire… | |||
| CVE-2017-9368 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific f… | |||
| CVE-2017-15297 | high | 7.5 | 7.5 | 9y ago | SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP Security Note 2442993. | |||
| CVE-2017-15363 | high | 7.5 | 7.5 | 9y ago | Luracast Restler directory traversal vulnerability | |||
| CVE-2017-10624 | high | 7.5 | 7.5 | 9y ago | Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affect… | |||
| CVE-2017-10619 | high | 7.5 | 7.5 | 9y ago | When Express Path (formerly known as service offloading) is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certai… | |||
| CVE-2017-10614 | high | 7.5 | 7.5 | 9y ago | A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack. This issue was found during internal product securit… | |||
| CVE-2017-10608 | high | 7.5 | 7.5 | 9y ago | Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services c… | |||
| CVE-2017-10607 | high | 7.5 | 7.5 | 9y ago | Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the R… | |||
| CVE-2017-8727 | high | 7.5 | 7.5 | 9y ago | Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execut… | |||
| CVE-2017-11822 | high | 7.5 | 7.5 | 9y ago | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201… | |||
| CVE-2017-11821 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11819 | high | 7.5 | 7.5 | 9y ago | Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Executi… | |||
| CVE-2017-11813 | high | 7.5 | 7.5 | 9y ago | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the… | |||
| CVE-2017-11812 | high | 7.5 | 7.5 | 9y ago | ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripti… | |||
| CVE-2017-11808 | high | 7.5 | 7.5 | 9y ago | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s… | |||
| CVE-2017-11807 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11806 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11805 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11804 | high | 7.5 | 7.5 | 9y ago | ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the s… | |||
| CVE-2017-11801 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11800 | high | 7.5 | 7.5 | 9y ago | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handl… | |||
| CVE-2017-11798 | high | 7.5 | 7.5 | 9y ago | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine… | |||
| CVE-2017-11797 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11796 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11792 | high | 7.5 | 7.5 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-11781 | high | 7.5 | 7.5 | 9y ago | The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and… | |||
| CVE-2017-11776 | high | 7.5 | 7.5 | 9y ago | Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user email content, aka "Microsoft Outlook Information Disclosure Vulnerability." | |||
| CVE-2017-11772 | high | 7.5 | 7.5 | 9y ago | The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1… | |||
| CVE-2017-15290 | high | 7.5 | 7.5 | 9y ago | Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data… | |||
| CVE-2017-15268 | high | 7.5 | 7.5 | 9y ago | Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | |||
| CVE-2017-15286 | high | 7.5 | 7.5 | 9y ago | SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never in… | |||
| CVE-2017-15267 | high | 7.5 | 7.5 | 9y ago | In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. | |||
| CVE-2017-5722 | high | 7.5 | 7.5 | 9y ago | Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enfo… | |||
| CVE-2017-5721 | high | 7.5 | 7.5 | 9y ago | Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipul… | |||
| CVE-2017-15193 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. | |||
| CVE-2017-15192 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have th… | |||
| CVE-2017-15191 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | |||
| CVE-2017-15190 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. | |||
| CVE-2017-15189 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. | |||
| CVE-2017-9717 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur. | |||
| CVE-2017-9715 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur. | |||
| CVE-2017-11064 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PN… | |||
| CVE-2017-11062 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentia… | |||
| CVE-2017-11061 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer o… | |||
| CVE-2017-11060 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PN… | |||
| CVE-2017-11055 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION c… | |||
| CVE-2017-11054 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can oc… | |||
| CVE-2017-11052 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor comm… | |||
| CVE-2017-11051 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffe… | |||
| CVE-2017-14943 | high | 7.5 | 7.5 | 9y ago | Trapeze TransitMaster is vulnerable to information disclosure (emails / hashed passwords) via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is indep… | |||
| CVE-2017-14603 | high | 7.5 | 7.5 | 9y ago | In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allo… | |||
| CVE-2017-14972 | high | 7.5 | 7.5 | 9y ago | InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file. | |||
| CVE-2017-15084 | medium | 6.5 | 7.5 | 9y ago | The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22. | |||
| CVE-2017-15079 | high | 7.5 | 7.5 | 9y ago | The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal. | |||
| CVE-2017-9272 | high | 7.5 | 7.5 | 9y ago | The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. | |||
| CVE-2017-1002153 | high | 7.5 | 7.5 | 9y ago | Koji blacklisted paths workaround | |||
| CVE-2017-1000254 | high | 7.5 | 7.5 | 9y ago | libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory wi… | |||
| CVE-2017-13998 | high | 7.5 | 7.5 | 9y ago | An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access. | |||
| CVE-2017-15033 | high | 7.5 | 7.5 | 9y ago | ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | |||
| CVE-2017-12270 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (… | |||
| CVE-2017-12263 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka… | |||
| CVE-2017-1000118 | high | 7.5 | 7.5 | 9y ago | Improper Restriction of Operations within the Bounds of a Memory Buffer in akka-http-core | |||
| CVE-2017-1000115 | high | 7.5 | 7.5 | 9y ago | Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | |||
| CVE-2017-1000108 | high | 7.5 | 7.5 | 9y ago | Jenkins Pipeline: Input Step Plugin | |||
| CVE-2017-1000098 | high | 7.5 | 7.5 | 9y ago | Denial of service when parsing large forms in mime/multipart | |||
| CVE-2017-1000097 | high | 7.5 | 7.5 | 9y ago | Mishandled trust preferences for root certificates on Darwin in crypto/x509 | |||
| CVE-2017-1000092 | high | 7.5 | 7.5 | 9y ago | Cross-Site Request Forgery in Jenkins Git Plugin | |||
| CVE-2017-15011 | high | 7.5 | 7.5 | 9y ago | The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an uns… | |||
| CVE-2017-15010 | high | 7.5 | 7.5 | 9y ago | A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie ma… | |||
| CVE-2017-12820 | high | 7.5 | 7.5 | 9y ago | Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |||
| CVE-2017-12818 | high | 7.5 | 7.5 | 9y ago | Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |||
| CVE-2017-11122 | high | 7.5 | 7.5 | 9y ago | On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. | |||
| CVE-2017-0825 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002. | |||
| CVE-2017-0823 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655. |