Skip to main content
CVE-2017-11044 HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Linux Google Race Condition Mozilla +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-14902 HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can. Rated high severity (CVSS 7.0).

Denial Of Service Linux Google Race Condition Mozilla +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-11049 HIGH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Google Mozilla Linux Android
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-9718 HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite. Rated high severity (CVSS 7.0). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Google Mozilla Linux Android
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-9708 HIGH PATCH This Week

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a. Rated high severity (CVSS 7.0).

Linux Google Race Condition Information Disclosure Mozilla +1
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-16856 MEDIUM This Month

The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) vulnerabilities in various rss properties. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Atlassian Confluence
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-4920 MEDIUM This Month

The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service VMware Nsx V Edge
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2017-14905 MEDIUM PATCH This Month

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow Google Information Disclosure Mozilla +1
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-14903 MEDIUM PATCH This Month

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the SENDACTIONFRAME IOCTL, a buffer over-read can occur if the payload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow Google Information Disclosure Mozilla +1
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-14018 MEDIUM This Month

An improper authentication issue was discovered in Johnson & Johnson Ethicon Endo-Surgery Generator Gen11, all versions released before November 29, 2017. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Endo Surgery Generator Gen11 Firmware
NVD
CVSS 3.0
4.8
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy