Total
90 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-12135 | 3 Citrix, Debian, Xen | 3 Xenserver, Debian Linux, Xen | 2024-02-04 | 4.6 MEDIUM | 8.8 HIGH |
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. | |||||
CVE-2017-0819 | 1 Google | 1 Android | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63045918. | |||||
CVE-2016-9377 | 1 Xen | 1 Xen | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. | |||||
CVE-2017-8326 | 1 Entropymine | 1 Imageworsener | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c. | |||||
CVE-2016-7433 | 1 Ntp | 1 Ntp | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion." | |||||
CVE-2017-0545 | 1 Google | 1 Android | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32591350. | |||||
CVE-2017-8905 | 1 Xen | 1 Xen | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. | |||||
CVE-2017-0342 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privileges. | |||||
CVE-2011-3062 | 2 Google, Mozilla | 6 Chrome, Firefox, Firefox Esr and 3 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. | |||||
CVE-2011-1573 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. |