|
248111
|
6.1 |
MEDIUM
Network
|
vmware
|
single_sign-on_for_pivotal_cloud_foundry
|
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, a user can execute a XSS attack on certain Single Sign-On service UI pages by inputt…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8041
|
2024-11-21 12:33 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248112
|
6.5 |
MEDIUM
Network
|
vmware
|
single_sign-on_for_pivotal_cloud_foundry
|
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, an XXE (XML External Entity) attack was discovered in the Single Sign-On service das…
|
CWE-611
XXE
|
CVE-2017-8040
|
2024-11-21 12:33 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248113
|
9.8 |
CRITICAL
Network
|
qemu
|
qemu
|
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8380
|
2024-11-21 12:33 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248114
|
7.5 |
HIGH
Network
|
cloudfoundry
|
capi-release
cf-release
|
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took ste…
|
CWE-200
Information Exposure
|
CVE-2017-8037
|
2024-11-21 12:33 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248115
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap wri…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-8272
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248116
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2017-8270
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248117
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver p…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8268
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248118
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.
|
CWE-362
CWE-190
Race Condition
Integer Overflow or Wraparound
|
CVE-2017-8267
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248119
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2017-8266
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248120
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.
|
CWE-362
CWE-415
Race Condition
Double Free
|
CVE-2017-8265
|
2024-11-21 12:33 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
