Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-06 | CVE-2017-17432 | Reachable Assertion vulnerability in multiple products OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value. | 7.5 |
| 2017-12-05 | CVE-2017-15868 | Improper Input Validation vulnerability in multiple products The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application. | 7.8 |
| 2017-12-05 | CVE-2017-14355 | Unspecified vulnerability in Microfocus Connected Backup 8.6/8.8.6 A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. | 7.8 |
| 2017-12-05 | CVE-2017-9716 | Unspecified vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qbt1000 driver implements an alternative channel for usermode applications to talk to QSEE applications. | 7.8 |
| 2017-12-05 | CVE-2017-14904 | Use After Free vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer. | 7.8 |
| 2017-12-05 | CVE-2017-14902 | Use After Free vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can potentially occur. | 7.0 |
| 2017-12-05 | CVE-2017-14897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while handling the QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND, a userspace buffer is directly accessed in kernel space. | 7.8 |
| 2017-12-05 | CVE-2017-14895 | Operation on a Resource after Expiration or Release vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, after a subsystem reset, iwpriv is not giving correct information. | 7.8 |
| 2017-12-05 | CVE-2017-11043 | Integer Overflow or Wraparound vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur. | 7.8 |
| 2017-12-05 | CVE-2017-11007 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash. | 7.8 |