Skip to main content
CVE-2017-15099 MEDIUM This Month

INSERT ... Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.1% and no vendor patch available.

PostgreSQL Information Disclosure Debian Linux
NVD
CVSS 3.0
6.5
EPSS
27.1%
CVE-2017-2691 MEDIUM This Month

Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei P9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8156 MEDIUM This Month

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass B2338 168 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8151 MEDIUM This Month

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor 5S Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8206 MEDIUM This Month

HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honor 7 Lite Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8166 MEDIUM This Month

Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Honor V9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-2703 MEDIUM This Month

Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mate 9 Firmware P9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-2702 MEDIUM This Month

Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mate 9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-12172 MEDIUM This Month

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE PostgreSQL
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-8190 MEDIUM This Month

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Jwt Attack Fusionsphere Openstack
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-2723 MEDIUM This Month

The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Huawei Information Disclosure Files
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-8162 MEDIUM This Month

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Ar120 S Firmware Ar1200 Firmware Ar1200 S Firmware Ar150 Firmware +13
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-8860 MEDIUM This Month

Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 3960Hd Firmware
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-8201 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an a memory leak vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8200 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8199 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8163 MEDIUM This Month

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Ar120 S Firmware Ar1200 Firmware Ar1200 S Firmware +14
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8130 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-12190 MEDIUM PATCH This Month

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-2717 MEDIUM This Month

honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L09C432B120 and earlier versions,Duke-L09C636B120 and earlier versions has an integer overflow vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Honor 8 Pro Firmware
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-8158 MEDIUM This Month

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fusioncompute
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2017-2728 MEDIUM This Month

Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Huawei Honor 6X Firmware
NVD
CVSS 3.0
6.4
EPSS
0.0%
CVE-2017-8215 MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Honor 8 Firmware Honor V8 Firmware Honor 9 Firmware +6
NVD
CVSS 3.0
6.2
EPSS
0.0%
CVE-2017-8214 MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor 8 Firmware Honor V8 Firmware Honor 9 Firmware +6
NVD
CVSS 3.0
6.2
EPSS
0.0%
CVE-2017-6166 MEDIUM This Month

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Big Ip Afm Big Ip Analytics Big Ip Apm Big Ip Application Acceleration Manager +7
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2017-8127 MEDIUM This Month

The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8125 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uma
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8139 MEDIUM This Month

HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hedex Lite
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8182 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8189 MEDIUM This Month

FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Fusionsphere Openstack
NVD
CVSS 3.0
6.0
EPSS
0.0%
CVE-2017-8157 MEDIUM This Month

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oceanstor 5800 V3 Firmware Oceanstor 6900 V3 Firmware
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-8191 MEDIUM This Month

FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fusionsphere Openstack
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-2711 MEDIUM This Month

P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service P9 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8184 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8183 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2733 MEDIUM This Month

Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Honor 6X Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8136 MEDIUM This Month

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hedex Lite
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2732 MEDIUM This Month

Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Hilink
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8216 MEDIUM This Month

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Google Authentication Bypass P10 Lite Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8146 MEDIUM This Month

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8145 MEDIUM This Month

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2709 MEDIUM This Month

HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Higame Skytone
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8186 MEDIUM This Month

The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mha Al00A
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8175 MEDIUM This Month

The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Vicky Al00A Victoria Al00A Warsaw Al00
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8144 MEDIUM This Month

Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Honor 5A Firmware Honor 8 Lite Firmware Mate 9 Firmware +3
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2734 MEDIUM This Month

P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service P9 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2731 MEDIUM This Month

The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service P9 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8202 MEDIUM This Month

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Prague Al00A Firmware Prague Al00B Firmware Prague Al00C Firmware +2
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-2695 MEDIUM This Month

TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Tit Al00 Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8149 MEDIUM This Month

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Huawei P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy