Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-08 | CVE-2017-0777 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android media framework (n/a). | 5.5 |
| 2017-09-08 | CVE-2017-0776 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android media framework (n/a). | 5.5 |
| 2017-09-08 | CVE-2017-0775 | Excessive Iteration vulnerability in Google Android A denial of service vulnerability in the Android media framework (libstagefright). | 5.5 |
| 2017-09-08 | CVE-2017-0774 | Unchecked Return Value vulnerability in Google Android A denial of service vulnerability in the Android media framework (libstagefright). | 5.5 |
| 2017-09-08 | CVE-2017-0773 | Unspecified vulnerability in Google Android A denial of service vulnerability in the Android media framework (libhevc). | 5.5 |
| 2017-09-08 | CVE-2017-0772 | Unspecified vulnerability in Google Android A denial of service vulnerability in the Android media framework (libavc). | 5.5 |
| 2017-09-08 | CVE-2017-0771 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android A denial of service vulnerability in the Android media framework (libskia). | 5.5 |
| 2017-09-08 | CVE-2017-12071 | Server-Side Request Forgery (SSRF) vulnerability in Synology Photo Station Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter. | 6.5 |
| 2017-09-08 | CVE-2017-11162 | Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-09-08 | CVE-2017-9095 | XXE vulnerability in Divinglog Diving LOG XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. | 5.5 |