Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-09-08 CVE-2017-0777 Information Exposure vulnerability in Google Android
A information disclosure vulnerability in the Android media framework (n/a).
local
low complexity
google CWE-200
5.5
2017-09-08 CVE-2017-0776 Information Exposure vulnerability in Google Android
A information disclosure vulnerability in the Android media framework (n/a).
local
low complexity
google CWE-200
5.5
2017-09-08 CVE-2017-0775 Excessive Iteration vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libstagefright).
local
low complexity
google CWE-834
5.5
2017-09-08 CVE-2017-0774 Unchecked Return Value vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libstagefright).
local
low complexity
google CWE-252
5.5
2017-09-08 CVE-2017-0773 Unspecified vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libhevc).
local
low complexity
google
5.5
2017-09-08 CVE-2017-0772 Unspecified vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libavc).
local
low complexity
google
5.5
2017-09-08 CVE-2017-0771 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libskia).
local
low complexity
google CWE-770
5.5
2017-09-08 CVE-2017-12071 Server-Side Request Forgery (SSRF) vulnerability in Synology Photo Station
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.
network
low complexity
synology CWE-918
6.5
2017-09-08 CVE-2017-11162 Path Traversal vulnerability in Synology Photo Station
Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors.
network
low complexity
synology CWE-22
6.5
2017-09-08 CVE-2017-9095 XXE vulnerability in Divinglog Diving LOG
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.
local
low complexity
divinglog CWE-611
5.5