|
256141
|
7.8 |
HIGH
Local
|
google
|
android
|
A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-0588
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256142
|
7.8 |
HIGH
Local
|
google
|
android
|
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-0587
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256143
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen. This issue is rated as Moderate du…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2017-0493
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256144
|
7.0 |
HIGH
Local
|
linux
google
|
linux_kernel
android
|
An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-0465
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256145
|
3.5 |
LOW
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been…
|
CWE-200
Information Exposure
|
CVE-2017-0895
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256146
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars…
|
CWE-863
Incorrect Authorization
|
CVE-2017-0894
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256147
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vulnerable JavaScript library for sanitizing untrusted user-input which suffered from a XSS vulnerability caused by a behaviour cha…
|
CWE-79
Cross-site Scripting
|
CVE-2017-0893
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256148
|
3.5 |
LOW
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.
|
CWE-384
Session Fixation
|
CVE-2017-0892
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256149
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.
|
CWE-79
Cross-site Scripting
|
CVE-2017-0891
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256150
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the s…
|
CWE-79
Cross-site Scripting
|
CVE-2017-0890
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
