Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2017-8906 | Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265 High Efficiency Video Coding 2.4 An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products. | 5.5 |
| 2017-05-11 | CVE-2017-8905 | Incorrect Calculation vulnerability in XEN Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. | 8.8 |
| 2017-05-11 | CVE-2017-8904 | Unspecified vulnerability in XEN 4.8.0/4.8.1 Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214. | 8.8 |
| 2017-05-11 | CVE-2017-8903 | Unspecified vulnerability in XEN 4.8.0/4.8.1 Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. | 8.8 |
| 2017-05-11 | CVE-2017-7472 | Improper Resource Shutdown or Release vulnerability in Linux Kernel The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. | 5.5 |
| 2017-05-11 | CVE-2017-8851 | Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One and X devices. | 5.9 |
| 2017-05-11 | CVE-2017-8850 | Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. | 5.9 |
| 2017-05-11 | CVE-2017-5948 | Improper Input Validation vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. | 5.9 |
| 2017-05-11 | CVE-2016-10370 | Improper Access Control vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus devices such as the 3T. | 7.5 |
| 2017-05-11 | CVE-2017-8899 | Information Exposure vulnerability in Invisioncommunity Invision Power Board Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. | 8.1 |