Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-07 CVE-2017-0551 Unspecified vulnerability in Google Android
A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.
local
low complexity
google
5.5
2017-04-07 CVE-2017-0550 Unspecified vulnerability in Google Android
A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.
local
low complexity
google
5.5
2017-04-07 CVE-2017-0549 Unspecified vulnerability in Google Android
A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.
local
low complexity
google
5.5
2017-04-07 CVE-2017-0548 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 7.0/7.1.0/7.1.1
A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot.
local
low complexity
google CWE-119
5.5
2017-04-07 CVE-2017-0547 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels.
local
low complexity
google CWE-200
5.5
2017-04-07 CVE-2017-7586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
local
low complexity
libsndfile-project CWE-119
5.5
2017-04-07 CVE-2017-7585 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
local
low complexity
libsndfile-project CWE-119
5.5
2017-04-07 CVE-2017-7583 Cross-site Scripting vulnerability in Ilias
ILIAS before 5.2.3 has XSS via SVG documents.
network
low complexity
ilias CWE-79
6.1
2017-04-07 CVE-2016-6805 XXE vulnerability in Apache Ignite
Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents.
network
high complexity
apache CWE-611
5.9
2017-04-07 CVE-2017-6606 OS Command Injection vulnerability in Cisco IOS XE
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user.
high complexity
cisco CWE-78
6.4