Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10994 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-08-24 | 9.3 HIGH | 7.3 HIGH |
| Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document. | |||||
| CVE-2017-9655 | 1 Osisoft | 3 Pi Integrator For Business Analystics, Pi Integrator For Microsoft Azure, Pi Integrator For Sap Hana | 2017-08-23 | 3.5 LOW | 5.4 MEDIUM |
| A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a malicious web site. | |||||
| CVE-2017-9661 | 1 Simplight | 1 Scada | 2017-08-23 | 5.1 MEDIUM | 7.0 HIGH |
| An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in execution of arbitrary code. | |||||
| CVE-2015-9034 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow. | |||||
| CVE-2015-9035 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion. | |||||
| CVE-2015-9036 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted. | |||||
| CVE-2015-9037 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message. | |||||
| CVE-2017-10663 | 1 Linux | 1 Linux Kernel | 2017-08-23 | 7.2 HIGH | 7.8 HIGH |
| The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2017-8262 | 1 Google | 1 Android | 2017-08-23 | 7.6 HIGH | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition. | |||||
| CVE-2015-9041 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning. | |||||
| CVE-2015-9044 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list. | |||||
| CVE-2015-9045 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements. | |||||
| CVE-2015-9042 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message. | |||||
| CVE-2015-9043 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer. | |||||
| CVE-2015-9038 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end. | |||||
| CVE-2015-9039 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages. | |||||
| CVE-2015-9040 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API. | |||||
| CVE-2017-8255 | 1 Google | 1 Android | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. | |||||
| CVE-2017-8254 | 1 Google | 1 Android | 2017-08-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid. | |||||
| CVE-2016-5871 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file. | |||||
| CVE-2015-8595 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in digital television/digital radio DRM. | |||||
| CVE-2015-8592 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption. | |||||
| CVE-2014-9975 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption. | |||||
| CVE-2014-9973 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine. | |||||
| CVE-2014-9969 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm. | |||||
| CVE-2014-9968 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface. | |||||
| CVE-2017-10820 | 1 Ipa | 1 Ip Messenger | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2221 | 1 Baidu | 1 Baidu Ime | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2287 | 1 Sony | 1 Nfc Port Software Remover | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2288 | 1 Lhaforge Project | 1 Lhaforge | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-10391 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity. | |||||
| CVE-2017-2286 | 1 Sony | 12 Nfc Net Installer, Nfc Port Firmware, Pc\/sc Activator For Type B and 9 more | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-10388 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application. | |||||
| CVE-2016-10389 | 1 Google | 1 Android | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition. | |||||
| CVE-2016-10383 | 1 Google | 1 Android | 2017-08-23 | 9.3 HIGH | 8.1 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. | |||||
| CVE-2016-10382 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient. | |||||
| CVE-2016-10344 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE. | |||||
| CVE-2016-10346 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | |||||
| CVE-2016-10347 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated. | |||||
| CVE-2014-9411 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection. | |||||
| CVE-2015-9069 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted. | |||||
| CVE-2015-9071 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | |||||
| CVE-2015-9072 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2015-9073 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2016-10343 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak. | |||||
| CVE-2015-9067 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed. | |||||
| CVE-2015-9068 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated. | |||||
| CVE-2015-9070 | 1 Google | 1 Android | 2017-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | |||||
| CVE-2017-12441 | 1 Minidjvu Project | 1 Minidjvu | 2017-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-12442 | 1 Minidjvu Project | 1 Minidjvu | 2017-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||