Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-07 | CVE-2017-0551 | Unspecified vulnerability in Google Android A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
2017-04-07 | CVE-2017-0550 | Unspecified vulnerability in Google Android A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
2017-04-07 | CVE-2017-0549 | Unspecified vulnerability in Google Android A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
2017-04-07 | CVE-2017-0548 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 7.0/7.1.0/7.1.1 A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
2017-04-07 | CVE-2017-0547 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 5.5 |
2017-04-07 | CVE-2017-7586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 5.5 |
2017-04-07 | CVE-2017-7585 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 5.5 |
2017-04-07 | CVE-2017-7583 | Cross-site Scripting vulnerability in Ilias ILIAS before 5.2.3 has XSS via SVG documents. | 6.1 |
2017-04-07 | CVE-2016-6805 | XXE vulnerability in Apache Ignite Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents. | 5.9 |
2017-04-07 | CVE-2017-6606 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. | 6.4 |