Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-07 CVE-2017-0540 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0539 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0538 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0462 Race Condition vulnerability in Linux Kernel 3.18
An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux CWE-362
7.0
2017-04-07 CVE-2017-0454 Unspecified vulnerability in Linux Kernel 3.10/3.18
An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux
7.0
2017-04-07 CVE-2016-7786 Permissions, Privileges, and Access Controls vulnerability in Sophos Cyberoam Cr25Ing UTM Firmware 10.6.2
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp.
network
low complexity
sophos CWE-264
8.8
2017-04-07 CVE-2017-7584 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit PDF Toolkit 1.3/2.0
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file.
local
low complexity
foxitsoftware CWE-119
7.8
2017-04-07 CVE-2017-6601 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
7.1
2017-04-07 CVE-2017-6600 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
7.8
2017-04-07 CVE-2017-6597 OS Command Injection vulnerability in Cisco products
A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack.
local
low complexity
cisco CWE-78
7.8