|
256311
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen. This issue is rated as Moderate du…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2017-0493
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256312
|
7.0 |
HIGH
Local
|
linux
google
|
linux_kernel
android
|
An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-0465
|
2024-11-21 12:03 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256313
|
3.5 |
LOW
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been…
|
CWE-200
Information Exposure
|
CVE-2017-0895
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256314
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars…
|
CWE-863
Incorrect Authorization
|
CVE-2017-0894
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256315
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vulnerable JavaScript library for sanitizing untrusted user-input which suffered from a XSS vulnerability caused by a behaviour cha…
|
CWE-79
Cross-site Scripting
|
CVE-2017-0893
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256316
|
3.5 |
LOW
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.
|
CWE-384
Session Fixation
|
CVE-2017-0892
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256317
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.
|
CWE-79
Cross-site Scripting
|
CVE-2017-0891
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256318
|
5.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the s…
|
CWE-79
Cross-site Scripting
|
CVE-2017-0890
|
2024-11-21 12:03 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256319
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus…
|
CWE-200
Information Exposure
|
CVE-2017-0586
|
2024-11-21 12:03 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256320
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus…
|
CWE-200
Information Exposure
|
CVE-2017-0585
|
2024-11-21 12:03 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
