Skip to main content
CVE-2017-13156 HIGH POC PATCH THREAT Act Now

An elevation of privilege vulnerability in the Android system (art). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 59.7%.

Google File Upload Android
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
59.7%
Threat
4.9
CVE-2017-17068 HIGH POC PATCH This Week

A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Auth0 Js Auth0
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-13151 HIGH This Week

A remote code execution vulnerability in the Android media framework (libmpeg2). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-0878 HIGH This Week

A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-0877 HIGH This Week

A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-0876 HIGH This Week

A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-0872 HIGH PATCH This Week

A remote code execution vulnerability in the Android media framework (libskia). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-17439 HIGH PATCH This Week

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Debian Linux Heimdal
NVD GitHub
CVSS 3.0
7.5
EPSS
4.0%
CVE-2017-13168 HIGH This Week

An elevation of privilege vulnerability in the kernel scsi driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android Ubuntu Linux
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-17069 HIGH This Week

ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Audible
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13166 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel v4l2 video driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-13167 HIGH This Week

An elevation of privilege vulnerability in the kernel sound timer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-13174 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel edl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13162 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel binder. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-6276 HIGH This Week

NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Google Nvidia +2
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-6263 HIGH PATCH This Week

NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the list_for_each kernel macro which could enable unauthorized code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Use After Free RCE Google Nvidia +2
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13173 HIGH PATCH This Week

An elevation of privilege vulnerability in the MediaTek system server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13172 HIGH This Week

An elevation of privilege vulnerability in the MediaTek bluetooth driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13171 HIGH PATCH This Week

An elevation of privilege vulnerability in the MediaTek performance service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13170 HIGH This Week

An elevation of privilege vulnerability in the MediaTek display driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13163 HIGH This Week

An elevation of privilege vulnerability in the kernel mtp usb driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13161 HIGH This Week

An elevation of privilege vulnerability in the Broadcom wireless driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13153 HIGH PATCH This Week

An elevation of privilege vulnerability in the Android media framework (libaudioservice). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0871 HIGH PATCH This Week

An elevation of privilege vulnerability in the Android framework (framework base). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0870 HIGH This Week

An elevation of privilege vulnerability in the Android framework (libminikin). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0837 HIGH PATCH This Week

An elevation of privilege vulnerability in the Android media framework (libaudiopolicymanager). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-13154 HIGH This Week

An elevation of privilege vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Use After Free Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-17432 HIGH This Week

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openafs Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-13175 HIGH This Week

An information disclosure vulnerability in the NVIDIA libwilhelm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13169 HIGH This Week

An information disclosure vulnerability in the kernel camera server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13164 HIGH PATCH This Week

An information disclosure vulnerability in the kernel binder driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13152 HIGH PATCH This Week

An information disclosure vulnerability in the Android media framework (libmedia drm). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13159 HIGH This Week

An information disclosure vulnerability in the Android system (activitymanagerservice). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13158 HIGH This Week

An information disclosure vulnerability in the Android system (activitymanagerservice). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-13157 HIGH This Week

An information disclosure vulnerability in the Android system (activitymanagerservice). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-6262 HIGH This Week

NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Use After Free RCE Google Nvidia +2
NVD
CVSS 3.0
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy