|
250991
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocat…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17765
|
2024-11-21 12:18 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250992
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an in…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17764
|
2024-11-21 12:18 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250993
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17725
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250994
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17724
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250995
|
8.1 |
HIGH
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17723
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250996
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
|
CWE-617
Reachable Assertion
|
CVE-2017-17722
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250997
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17659
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250998
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17658
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250999
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17657
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251000
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17656
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
