|
250311
|
8.1 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6,x) and N(7.0) software. The TA Scrypto v1.0 implementation in Secure Driver has a race condition with a resultant buffer overflow. The Samsu…
|
CWE-362
Race Condition
|
CVE-2017-18647
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250312
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18696
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250313
|
6.5 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-18695
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250314
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with software through 2016-10-25 (Exynos5 chipsets). Attackers can read kernel addresses in the log because an incorrect format specifier is used. Th…
|
CWE-200
Information Exposure
|
CVE-2017-18694
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250315
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 20…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-18693
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250316
|
8.1 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a result…
|
CWE-362
Race Condition
|
CVE-2017-18692
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250317
|
6.5 |
MEDIUM
Adjacent
|
syska
|
smartlight_rainbow_led_smart_bulb_firmware
|
Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.
|
CWE-200
Information Exposure
|
CVE-2017-18642
|
2024-11-21 12:20 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250318
|
8.1 |
HIGH
Network
|
linuxcontainers
|
lxc
|
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
|
CWE-287
Improper Authentication
|
CVE-2017-18641
|
2024-11-21 12:20 |
2020-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250319
|
7.5 |
HIGH
Network
|
snakeyaml_project
fedoraproject
quarkus
oracle
|
snakeyaml
fedora
quarkus
peoplesoft_enterprise_pt_peopletools
|
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
|
CWE-776
XML Entity Expansion
|
CVE-2017-18640
|
2024-11-21 12:20 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250320
|
6.1 |
MEDIUM
Network
|
progress
|
sitefinity_cms
|
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incid…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18639
|
2024-11-21 12:20 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
