Skip to main content
CVE-2017-7546 CRITICAL Emergency

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 33.1% and no vendor patch available.

PostgreSQL Authentication Bypass Debian Linux
NVD
CVSS 3.0
9.8
EPSS
33.1%
CVE-2017-7551 CRITICAL POC Act Now

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 389 Directory Server
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-8248 CRITICAL Act Now

A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apple Iphone Os
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-7547 HIGH This Week

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Information Disclosure
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2017-6421 HIGH PATCH This Week

In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Google Mozilla Android
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-5861 HIGH PATCH This Week

In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations,. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Mozilla Privilege Escalation Android
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-12892 HIGH This Week

Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pdf Compressor
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2016-5864 HIGH PATCH This Week

In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Google Qualcomm Mozilla Privilege Escalation +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-5863 HIGH PATCH This Week

In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Mozilla Privilege Escalation Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8243 HIGH PATCH This Week

A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Qualcomm Google Mozilla Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-7548 HIGH This Week

PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PostgreSQL Authentication Bypass Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2016-5853 HIGH PATCH This Week

In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed,. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux RCE Google Qualcomm Privilege Escalation +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5867 HIGH PATCH This Week

In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Google Mozilla Privilege Escalation Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5860 HIGH PATCH This Week

In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Buffer Overflow Google Qualcomm Mozilla Privilege Escalation +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5859 HIGH PATCH This Week

In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Buffer Overflow Google Qualcomm Mozilla Privilege Escalation +1
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5862 HIGH PATCH This Week

When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Google Mozilla Privilege Escalation Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-5858 MEDIUM PATCH This Month

In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Buffer Overflow Google Qualcomm Information Disclosure Mozilla +1
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-5347 MEDIUM PATCH This Month

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Linux Information Disclosure Android
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-5855 MEDIUM PATCH This Month

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Mozilla Information Disclosure Android
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-5854 MEDIUM PATCH This Month

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Mozilla Information Disclosure Android
NVD
CVSS 3.0
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy