Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-21 | CVE-2017-14642 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14641 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14640 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14638 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | 6.5 |
| 2017-09-21 | CVE-2017-14321 | Cross-site Scripting vulnerability in Mirasvit Helpdesk MX 1.5.2 Multiple cross-site scripting (XSS) vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) customer name or (2) subject in a ticket. | 5.4 |
| 2017-09-21 | CVE-2017-9676 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock. | 4.7 |
| 2017-09-21 | CVE-2017-8281 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. | 4.7 |
| 2017-09-21 | CVE-2017-12153 | NULL Pointer Dereference vulnerability in multiple products A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. | 4.4 |
| 2017-09-21 | CVE-2017-11040 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. | 5.5 |
| 2017-09-21 | CVE-2017-11002 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. | 5.5 |