Skip to main content
CVE-2017-12961 HIGH This Week

There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pspp
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-12958 HIGH This Week

There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Pspp
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-12960 HIGH This Week

There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pspp
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-12959 HIGH This Week

There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pspp
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-9680 HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Linux Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-9679 HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Linux Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-12947 HIGH This Week

classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi PHP Easy Modal
NVD
CVSS 3.0
7.2
EPSS
0.5%
CVE-2017-12946 HIGH This Week

classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi PHP Easy Modal
NVD
CVSS 3.0
7.2
EPSS
0.5%
CVE-2015-0576 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Buffer Overflow Qualcomm Google Linux Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-8270 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm Race Condition Information Disclosure +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-8266 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm Race Condition Information Disclosure +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-8265 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Linux Google Qualcomm Race Condition Information Disclosure +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-9684 HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Linux Google Qualcomm Race Condition +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-8262 HIGH PATCH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Denial Of Service Linux Google Qualcomm Race Condition +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-8267 HIGH This Week

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Linux Buffer Overflow Google Integer Overflow Qualcomm +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy