Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-07 | CVE-2017-16643 | Out-of-bounds Read vulnerability in Linux Kernel The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-2913 | Improper Certificate Validation vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the filtering functionality of Circle with Disney. | 5.9 |
| 2017-11-07 | CVE-2017-2912 | Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. | 5.9 |
| 2017-11-07 | CVE-2017-2911 | Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. | 5.9 |
| 2017-11-07 | CVE-2017-12096 | Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi management of Circle with Disney. | 6.5 |
| 2017-11-07 | CVE-2017-12094 | Command Injection vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. | 6.5 |
| 2017-11-07 | CVE-2017-12084 | Missing Authorization vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. | 6.6 |
| 2017-11-07 | CVE-2017-12083 | Information Exposure vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. | 5.3 |
| 2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 5.5 |
| 2017-11-06 | CVE-2017-16637 | Improper Input Validation vulnerability in Perfect-Privacy VPN Manager 1.10.10/1.10.11 In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. | 4.4 |