Total
6281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17450 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces. | |||||
| CVE-2017-0611 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35393841. References: QC-CR#1084210. | |||||
| CVE-2017-0648 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-36101220. | |||||
| CVE-2018-10938 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-03 | 7.1 HIGH | 5.9 MEDIUM |
| A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | |||||
| CVE-2017-0519 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32372915. References: QC-CR#1086530. | |||||
| CVE-2017-0325 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10 and Kernel 3.18. Android ID: A-33040280. References: N-CVE-2017-0325. | |||||
| CVE-2017-0574 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34624457. References: B-RB#113189. | |||||
| CVE-2017-0428 | 2 Google, Linux | 2 Android, Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32401526. References: N-CVE-2017-0428. | |||||
| CVE-2017-0524 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33002026. | |||||
| CVE-2018-15967 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-12547 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2019-10-03 | 5.5 MEDIUM | 5.6 MEDIUM |
| A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | |||||
| CVE-2017-0338 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. References: N-CVE-2017-0338. | |||||
| CVE-2017-0563 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32089409. | |||||
| CVE-2018-12825 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. | |||||
| CVE-2017-0575 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32658595. References: QC-CR#1103099. | |||||
| CVE-2017-0576 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33544431. References: QC-CR#1103089. | |||||
| CVE-2017-0573 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34469904. References: B-RB#91539. | |||||
| CVE-2017-0525 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33139056. References: QC-CR#1097714. | |||||
| CVE-2017-1452 | 3 Ibm, Linux, Microsoft | 4 Db2, Db2 Connect, Linux Kernel and 1 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180. | |||||
| CVE-2017-0612 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-34389303. References: QC-CR#1061845. | |||||