Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-12-07 CVE-2017-17435 Improper Authentication vulnerability in Vaulteksafe Vt20I Firmware
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal.
low complexity
vaulteksafe CWE-287
8.8
2017-12-06 CVE-2017-17068 Information Exposure vulnerability in Auth0 Auth0.Js
A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12.
network
low complexity
auth0 CWE-200
7.5
2017-12-06 CVE-2017-6276 Use After Free vulnerability in Google Android
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges.
local
low complexity
google CWE-416
7.8
2017-12-06 CVE-2017-6263 Use After Free vulnerability in Google Android
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the list_for_each kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges.
local
low complexity
google CWE-416
7.8
2017-12-06 CVE-2017-6262 Use After Free vulnerability in Google Android
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges.
local
high complexity
google CWE-416
7.0
2017-12-06 CVE-2017-17439 NULL Pointer Dereference vulnerability in multiple products
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm.
network
low complexity
debian heimdal-project CWE-476
7.5
2017-12-06 CVE-2017-13175 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the NVIDIA libwilhelm.
network
low complexity
google CWE-200
7.5
2017-12-06 CVE-2017-13174 Unspecified vulnerability in Google Android
An elevation of privilege vulnerability in the kernel edl.
local
low complexity
google
7.8
2017-12-06 CVE-2017-13173 Unspecified vulnerability in Google Android
An elevation of privilege vulnerability in the MediaTek system server.
local
low complexity
google
7.8
2017-12-06 CVE-2017-13172 Unspecified vulnerability in Google Android
An elevation of privilege vulnerability in the MediaTek bluetooth driver.
local
low complexity
google
7.8