Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18186 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. | |||||
| CVE-2017-18185 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter. | |||||
| CVE-2017-18184 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. | |||||
| CVE-2017-18183 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. | |||||
| CVE-2017-18179 | 1 Progress | 1 Sitefinity | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1. | |||||
| CVE-2017-18178 | 1 Progress | 1 Sitefinity | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1. | |||||
| CVE-2017-18177 | 1 Progress | 1 Sitefinity | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1. | |||||
| CVE-2017-18176 | 1 Progress | 1 Sitefinity | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1. | |||||
| CVE-2017-18175 | 1 Progress | 1 Sitefinity | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1. | |||||
| CVE-2017-18174 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free. | |||||
| CVE-2017-18173 | 1 Qualcomm | 26 Sd 425, Sd 425 Firmware, Sd 427 and 23 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | |||||
| CVE-2017-18172 | 1 Qualcomm | 48 Mdm9635m, Mdm9635m Firmware, Sd 400 and 45 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | |||||
| CVE-2017-18171 | 1 Qualcomm | 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2017-18170 | 1 Qualcomm | 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2017-18169 | 1 Google | 1 Android | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | |||||
| CVE-2017-18160 | 1 Qualcomm | 16 Mdm9635m, Mdm9635m Firmware, Mdm9645 and 13 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850 | |||||
| CVE-2017-18159 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur. | |||||
| CVE-2017-18158 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images. | |||||
| CVE-2017-18157 | 1 Qualcomm | 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. | |||||
| CVE-2017-18156 | 1 Qualcomm | 24 Mdm9206, Mdm9206 Firmware, Mdm9607 and 21 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20. | |||||