Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-08 | CVE-2017-0758 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in the Android media framework (libhevc). | 7.8 |
| 2017-09-08 | CVE-2017-0757 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in the Android media framework (libavc). | 7.8 |
| 2017-09-08 | CVE-2017-0756 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android A remote code execution vulnerability in the Android media framework (libstagefright). | 7.8 |
| 2017-09-08 | CVE-2017-0755 | Unspecified vulnerability in Google Android A elevation of privilege vulnerability in the Android libraries (libminikin). | 7.8 |
| 2017-09-08 | CVE-2017-0753 | Unspecified vulnerability in Google Android A remote code execution vulnerability in the Android libraries (libgdx). | 7.8 |
| 2017-09-08 | CVE-2017-0752 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android A elevation of privilege vulnerability in the Android framework (windowmanager). | 7.8 |
| 2017-09-08 | CVE-2017-12146 | Race Condition vulnerability in Linux Kernel The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides. | 7.0 |
| 2017-09-08 | CVE-2017-14167 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write. | 8.8 |
| 2017-09-08 | CVE-2016-5759 | Improper Input Validation vulnerability in multiple products The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. | 7.8 |
| 2017-09-08 | CVE-2011-3177 | Information Exposure vulnerability in Yast Yast2 The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks. | 7.8 |