Skip to main content
CVE-2017-0411 HIGH POC This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Google Android
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.5%
CVE-2017-0412 HIGH POC This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Google Android
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.4%
CVE-2016-8418 CRITICAL Act Now

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm RCE Google Authentication Bypass Android
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2017-2765 CRITICAL Act Now

EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Isilon Insightiq
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2016-8954 CRITICAL PATCH Act Now

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Docker IBM Authentication Bypass Dashdb Local
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2016-9005 CRITICAL Act Now

IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass System Storage Ts3100 Ts3200 Tape Library
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-0407 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-0406 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-0405 HIGH This Week

A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-0409 HIGH This Week

A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0408 HIGH This Week

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-0214 HIGH PATCH This Week

IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

IBM Authentication Bypass Bigfix Platform
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0450 HIGH PATCH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0430 HIGH PATCH This Week

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Broadcom Google RCE Android Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0419 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0418 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0417 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0416 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0415 HIGH This Week

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0429 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Nvidia Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0428 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Google Nvidia Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0427 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0410 HIGH This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0422 HIGH This Week

A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-5934 HIGH This Week

IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE IBM Privilege Escalation Tivoli Storage Manager Fastback
NVD
CVSS 3.0
7.3
EPSS
0.9%
CVE-2017-0432 HIGH PATCH This Week

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Mediatek Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0449 HIGH PATCH This Week

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Broadcom Google RCE Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0447 HIGH PATCH This Week

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0446 HIGH PATCH This Week

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0444 HIGH This Week

An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0442 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0440 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0438 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0437 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0436 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0434 HIGH PATCH This Week

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8481 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8480 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8476 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8421 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8420 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-8419 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Privilege Escalation Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0443 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0441 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0439 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow RCE Qualcomm Google Android +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0445 HIGH PATCH This Week

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0433 HIGH PATCH This Week

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0435 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Android Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5902 MEDIUM PATCH This Month

IBM Maximo Asset Management is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Maximo Asset Management Maximo For Aviation Maximo For Energy Optimization +6
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5933 MEDIUM This Month

Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
0.9%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy