Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-06 | CVE-2014-9929 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | 7.8 |
| 2017-06-06 | CVE-2014-9928 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | 7.8 |
| 2017-06-06 | CVE-2014-9927 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | 7.8 |
| 2017-06-06 | CVE-2014-9926 | Use After Free vulnerability in Google Android In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | 7.8 |
| 2017-06-06 | CVE-2014-9925 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | 7.8 |
| 2017-06-06 | CVE-2014-9924 | Numeric Errors vulnerability in Google Android In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | 7.8 |
| 2017-06-06 | CVE-2014-9923 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | 7.8 |
| 2017-06-05 | CVE-2017-9444 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the index.php/admin/developer/upgrade/set-ftp-directory/ URI. | 8.8 |
| 2017-06-05 | CVE-2017-9443 | SQL Injection vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. | 8.8 |
| 2017-06-05 | CVE-2017-9442 | Code Injection vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php. | 8.8 |