Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2017-16060 | Information Exposure vulnerability in Babelcli Project Babelcli babelcli was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16059 | Information Exposure vulnerability in Mssql-Node Project Mssql-Node mssql-node was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16058 | Information Exposure vulnerability in Gruntcli Project Gruntcli gruntcli was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16057 | Information Exposure vulnerability in Nodemssql Project Nodemssql nodemssql was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16056 | Information Exposure vulnerability in Mssql.Js Project Mssql.Js mssql.js was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-06 | CVE-2018-5850 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-5846 | Use After Free vulnerability in Google Android A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-5845 | Use After Free vulnerability in Google Android A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.0 |
| 2018-06-06 | CVE-2018-5841 | Insecure Default Initialization of Resource vulnerability in Google Android dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-5840 | Classic Buffer Overflow vulnerability in Google Android Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |