Uncategorized CVEs — 2017 (Page 20/20)

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0

2017-01-13

Medium

CVE-2016-8883

The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVSS: 5.5CWE: CWE-399

Medium

CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent…

CVSS: 5.5CWE: CWE-264

Low

CVE-2016-7429

NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source)…

CVSS: 3.7CWE: CWE-18

High

CVE-2016-6886

The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret k…

CVSS: 7.5CWE: CWE-320

Critical

CVE-2015-3188

The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.8CWE: CWE-264

High

CVE-2016-3128

A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for…

CVSS: 8.2CWE: CWE-254

High

CVE-2016-10139

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.syso…

CVSS: 7.8CWE: CWE-310

High

CVE-2016-10138

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the c…

CVSS: 7.8CWE: CWE-310

High

CVE-2016-10137

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…

CVSS: 7.8CWE: CWE-310

High

CVE-2016-10136

CVSS: 7.8CWE: CWE-310

2017-01-12

High

CVE-2016-6492

The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL c…

CVSS: 7.8CWE: CWE-264

Critical

CVE-2016-3149

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.8CWE: N/A

Medium

CVE-2016-8605

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permi…

CVSS: 5.3CWE: CWE-275

High

CVE-2016-8221

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by a…

CVSS: 7.0CWE: CWE-264

High

CVE-2017-0404

An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0CWE: N/A

High

CVE-2017-0403

An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated…

CVSS: 7.0CWE: N/A

Medium

CVE-2017-0395

An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of…

CVSS: 5.5CWE: N/A

High

CVE-2017-0394

A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product…

CVSS: 7.5CWE: N/A

Medium

CVE-2017-0393

A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the poss…

CVSS: 5.5CWE: N/A

Medium

CVE-2017-0392

A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rat…

CVSS: 5.5CWE: N/A

Medium

CVE-2017-0391

A denial of service vulnerability in decoder/ihevcd_decode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is r…

CVSS: 5.5CWE: N/A

Medium

CVE-2017-0390

A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to…

CVSS: 5.5CWE: N/A

High

CVE-2017-0387

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8CWE: N/A

High

CVE-2017-0386

An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Hi…

CVSS: 7.8CWE: N/A

High

CVE-2017-0385

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8CWE: N/A

High

CVE-2017-0384

An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of…

CVSS: 7.8CWE: N/A

High

CVE-2017-0382

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This is…

CVSS: 7.8CWE: N/A

High

CVE-2016-8468

An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate beca…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8466

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8465

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8464

CVSS: 7.0CWE: CWE-264

Medium

CVE-2016-8463

A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to…

CVSS: 5.5CWE: CWE-399

High

CVE-2016-8458

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8457

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8456

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8455

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8454

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8453

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8452

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8451

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8450

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8449

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High bec…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8448

An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8447

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8446

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8445

CVSS: 7.0CWE: CWE-264

High

CVE-2016-8436

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8433

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical d…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8432

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8431

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8430

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8429

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8428

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8427

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8426

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8425

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8424

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8423

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-8422

CVSS: 7.8CWE: CWE-264

Critical

CVE-2016-8398

Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. Refere…

CVSS: 9.8CWE: CWE-254

Medium

CVE-2016-8395

A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the de…

CVSS: 4.7CWE: N/A

High

CVE-2016-6788

An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-6772

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate becau…

CVSS: 7.8CWE: CWE-264

Medium

CVE-2016-6767

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remot…

CVSS: 5.5CWE: CWE-399

Medium

CVE-2016-6766

A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High…

CVSS: 5.5CWE: CWE-19

Medium

CVE-2016-6765

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the po…

CVSS: 5.5CWE: CWE-19

Medium

CVE-2016-6764

CVSS: 5.5CWE: CWE-399

High

CVE-2016-6762

An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rat…

CVSS: 7.8CWE: CWE-264

High

CVE-2017-5350

Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.

CVSS: 7.5CWE: N/A

2017-01-11

High

CVE-2016-7478

Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data…

CVSS: 7.5CWE: N/A

Medium

CVE-2017-2938

Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.

CVSS: 6.5CWE: N/A

2017-01-10

High

CVE-2017-0002

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."

CVSS: 8.8CWE: N/A

High

CVE-2016-6581

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. T…

CVSS: 7.5CWE: CWE-399

High

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every p…

CVSS: 7.5CWE: CWE-399

High

CVE-2016-6287

The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this…

CVSS: 7.5CWE: CWE-19

High

CVE-2016-6286

The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow attackers to direct CGI programs which use this environment variable…

CVSS: 7.5CWE: CWE-19

Critical

CVE-2016-10126

Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP…

CVSS: 9.8CWE: CWE-264

2017-01-06

High

CVE-2016-9879

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraint…

CVSS: 7.5CWE: CWE-417

Medium

CVE-2016-9869

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO…

CVSS: 5.5CWE: CWE-275

Medium

CVE-2016-9868

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which…

CVSS: 5.5CWE: CWE-254

High

CVE-2016-9867

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate…

CVSS: 8.8CWE: CWE-264

High

CVE-2016-4288

A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary pro…

CVSS: 8.4CWE: CWE-275

Critical

CVE-2016-2337

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.

CVSS: 9.8CWE: N/A

Critical

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code e…

CVSS: 9.8CWE: N/A

Medium

CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a…

CVSS: 6.5CWE: CWE-19

High

CVE-2016-1548

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p…

CVSS: 7.2CWE: CWE-19

2017-01-05

Medium

CVE-2016-8006

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an adminis…

CVSS: 4.4CWE: CWE-264

Medium

CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging…

CVSS: 5.5CWE: CWE-320

High

CVE-2016-10010

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to…

CVSS: 7.0CWE: CWE-264

2017-01-04

Low

CVE-2016-7903

Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link via the HTTP Host header.

CVSS: 3.7CWE: CWE-264

High

CVE-2016-6894

Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4.17.0F on DCS-7050 series devices allow remote attackers to cause a denial of service (device reboot) by sending crafted packets…

CVSS: 7.5CWE: CWE-399

Medium

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor dis…

CVSS: 6.5CWE: CWE-399

High

CVE-2016-10116

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adj…

CVSS: 8.1CWE: CWE-264

2017-01-02

Medium

CVE-2016-10099

Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.

CVSS: 5.3CWE: CWE-310