Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-07 | CVE-2017-17450 | Missing Authorization vulnerability in Linux Kernel net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces. | 7.8 |
| 2017-12-07 | CVE-2017-17448 | Missing Authorization vulnerability in Linux Kernel net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces. | 7.8 |
| 2017-12-07 | CVE-2017-17436 | Inadequate Encryption Strength vulnerability in Vaulteksafe Vt20I Firmware An issue was discovered in the software on Vaultek Gun Safe VT20i products. | 8.8 |
| 2017-12-07 | CVE-2017-17435 | Improper Authentication vulnerability in Vaulteksafe Vt20I Firmware An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. | 8.8 |
| 2017-12-06 | CVE-2017-17068 | Information Exposure vulnerability in Auth0 Auth0.Js A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. | 7.5 |
| 2017-12-06 | CVE-2017-6276 | Use After Free vulnerability in Google Android NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. | 7.8 |
| 2017-12-06 | CVE-2017-6263 | Use After Free vulnerability in Google Android NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the list_for_each kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges. | 7.8 |
| 2017-12-06 | CVE-2017-6262 | Use After Free vulnerability in Google Android NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. | 7.0 |
| 2017-12-06 | CVE-2017-17439 | NULL Pointer Dereference vulnerability in multiple products In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. | 7.5 |
| 2017-12-06 | CVE-2017-13175 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the NVIDIA libwilhelm. | 7.5 |