Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-10 CVE-2014-0142 Divide By Zero vulnerability in Qemu
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.
local
low complexity
qemu CWE-369
5.5
5.5
2017-08-10 CVE-2017-3753 Code Injection vulnerability in Lenovo products
A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc.
low complexity
lenovo CWE-94
6.8
6.8
2017-08-09 CVE-2017-12777 Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5
Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some parameter to usersearch.php.
network
low complexity
nexusphp-project CWE-79
6.1
6.1
2017-08-09 CVE-2017-0739 Information Exposure vulnerability in Google Android
A information disclosure vulnerability in the Android media framework (libhevc).
local
low complexity
google CWE-200
5.5
5.5
2017-08-09 CVE-2017-0738 Information Exposure vulnerability in Google Android
A information disclosure vulnerability in the Android media framework (audioserver).
local
low complexity
google CWE-200
5.5
5.5
2017-08-09 CVE-2017-0736 Unspecified vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libavc).
local
low complexity
google
5.5
5.5
2017-08-09 CVE-2017-0735 Improper Initialization vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libavc).
local
low complexity
google CWE-665
5.5
5.5
2017-08-09 CVE-2017-0734 Unspecified vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libavc).
local
low complexity
google
5.5
5.5
2017-08-09 CVE-2017-0733 Improper Resource Shutdown or Release vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libmediaplayerservice).
local
low complexity
google CWE-404
5.5
5.5
2017-08-09 CVE-2017-0730 Missing Initialization of Resource vulnerability in Google Android
A denial of service vulnerability in the Android media framework (h264 decoder).
local
low complexity
google CWE-909
5.5
5.5