|
253171
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in whi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14901
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253172
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI vendor command, in which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14900
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253173
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14899
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253174
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in whi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14898
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253175
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver w…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14896
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253176
|
6.5 |
MEDIUM
Adjacent
|
hikvision
|
ds-2cd2432f-iw_firmware
|
HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi en…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-14953
|
2024-11-21 12:13 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253177
|
7.5 |
HIGH
Network
|
restlet
|
restlet
|
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not paramete…
|
CWE-611
XXE
|
CVE-2017-14949
|
2024-11-21 12:13 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253178
|
7.5 |
HIGH
Network
|
restlet
|
restlet
|
Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.
|
CWE-611
XXE
|
CVE-2017-14868
|
2024-11-21 12:13 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253179
|
9.0 |
CRITICAL
Network
|
atlassian
|
crucible
fisheye
|
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing attackers to execute arbitrary cod…
|
CWE-88
Argument Injection
|
CVE-2017-14591
|
2024-11-21 12:13 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253180
|
9.8 |
CRITICAL
Network
|
samba
redhat
debian
canonical
|
samba
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
debian_linux
ubuntu_linux
|
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
|
CWE-416
Use After Free
|
CVE-2017-14746
|
2024-11-21 12:13 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
