|
198651
|
7.5 |
HIGH
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the VIDIOC_G_SDE_ROTATOR_FENCE ioctl command can be used to cause a Use After Free cond…
|
CWE-200
CWE-416
Information Exposure
Use After Free
|
CVE-2017-11031
|
2024-11-21 12:06 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198652
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver function hdmi_edid_sysfs_rda_res_info(), userspace can perform…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11030
|
2024-11-21 12:06 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198653
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the get_metadata was not closed even though the buffer allocate…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11019
|
2024-11-21 12:06 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198654
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block sta…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-11016
|
2024-11-21 12:06 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198655
|
9.8 |
CRITICAL
Network
|
princeton
|
ptw-wms1_firmware
|
Improper authentication issue in PTW-WMS1 firmware version 2.000.012 allows remote attackers to log in to the device with root privileges and conduct arbitrary operations via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2017-10903
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198656
|
9.8 |
CRITICAL
Network
|
princeton
|
ptw-wms1_firmware
|
PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2017-10902
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198657
|
7.5 |
HIGH
Network
|
princeton
|
ptw-wms1_firmware
|
Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote attackers to conduct denial-of-service attacks via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10901
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198658
|
9.8 |
CRITICAL
Network
|
princeton
|
ptw-wms1_firmware
|
PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass access restrictions to obtain or delete data on the disk via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2017-10900
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198659
|
9.8 |
CRITICAL
Network
|
ark-web
|
a-reserve
|
SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10899
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198660
|
9.8 |
CRITICAL
Network
|
ark-web
|
a-member
|
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10898
|
2024-11-21 12:06 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
