Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-12955 | Out-of-bounds Write vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. | 8.8 |
| 2017-08-18 | CVE-2017-9685 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. | 8.1 |
| 2017-08-18 | CVE-2017-9684 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. | 7.0 |
| 2017-08-18 | CVE-2017-9680 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message. | 7.5 |
| 2017-08-18 | CVE-2017-9679 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. | 7.5 |
| 2017-08-18 | CVE-2017-9678 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | 7.8 |
| 2017-08-18 | CVE-2017-3756 | Unspecified vulnerability in Lenovo products A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. | 7.8 |
| 2017-08-18 | CVE-2017-11160 | Untrusted Search Path vulnerability in Synology Assistant Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 7.8 |
| 2017-08-18 | CVE-2017-8272 | Out-of-bounds Write vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. | 7.8 |
| 2017-08-18 | CVE-2017-8270 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. | 7.0 |