Skip to main content
CVE-2017-2550 HIGH POC This Week

Vulnerability in Easy Joomla Backup v3.2.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Easy Joomla Backup
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-11161 CRITICAL Act Now

Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php;. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Synology SQLi PHP Photo Station
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-11611 MEDIUM POC This Month

Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wolf Cms
NVD GitHub
CVSS 3.0
5.4
EPSS
1.3%
CVE-2017-9095 MEDIUM POC This Month

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Diving Log
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.8%
CVE-2017-0786 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-14167 HIGH PATCH This Week

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Buffer Overflow Qemu Debian Linux
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2017-0791 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0790 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0789 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0788 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0787 HIGH This Week

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0784 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android system (nfc). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-0764 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libvorbis). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0761 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0760 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0758 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0766 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libjhead). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0765 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0763 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0762 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0759 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0757 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0753 HIGH PATCH This Week

A remote code execution vulnerability in the Android libraries (libgdx). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0756 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0801 HIGH This Week

A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0800 HIGH This Week

A elevation of privilege vulnerability in the MediaTek teei. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0799 HIGH This Week

A elevation of privilege vulnerability in the MediaTek lastbus. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0798 HIGH This Week

A elevation of privilege vulnerability in the MediaTek kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0804 HIGH This Week

A elevation of privilege vulnerability in the MediaTek mmc driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0803 HIGH This Week

A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0802 HIGH This Week

A elevation of privilege vulnerability in the MediaTek kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0752 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android framework (windowmanager). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0794 HIGH This Week

A elevation of privilege vulnerability in the Upstream kernel scsi driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0769 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0797 HIGH This Week

A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0796 HIGH This Week

A elevation of privilege vulnerability in the MediaTek auxadc driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0795 HIGH This Week

A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0770 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0768 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (libeffects). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0767 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android media framework (libeffects). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0755 HIGH PATCH This Week

A elevation of privilege vulnerability in the Android libraries (libminikin). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-5759 HIGH This Week

The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Suse Linux Enterprise Desktop Suse Linux Enterprise Server Leap
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0778 HIGH PATCH This Week

A information disclosure vulnerability in the Android media framework (n/a). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-12146 HIGH PATCH This Week

The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
7.0
EPSS
0.1%
CVE-2017-11162 MEDIUM This Month

Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Synology Photo Station
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-12071 MEDIUM This Month

Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Synology PHP Photo Station
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-0792 MEDIUM This Month

A information disclosure vulnerability in the Broadcom wi-fi driver. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-0779 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android media framework (audioflinger). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0793 MEDIUM This Month

A information disclosure vulnerability in the N/A memory subsystem. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0777 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android media framework (n/a). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy