Total
12362 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14439 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2024-11-21 | 7.5 High |
| Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerability. | ||||
| CVE-2017-14438 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2024-11-21 | 7.5 High |
| Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability. | ||||
| CVE-2017-13911 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2. | ||||
| CVE-2017-13891 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. | ||||
| CVE-2017-13890 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site. | ||||
| CVE-2017-13652 | 1 Netapp | 1 Oncommand Insight | 2024-11-21 | N/A |
| NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface. | ||||
| CVE-2017-13302 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-69969749. | ||||
| CVE-2017-13301 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-66498711. | ||||
| CVE-2017-13300 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1. Android ID: A-71567394. | ||||
| CVE-2017-13295 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Android framework (package installer). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62537081. | ||||
| CVE-2017-13287 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeToParcel were null, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71714464. | ||||
| CVE-2017-13284 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70808273. | ||||
| CVE-2017-13229 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703. | ||||
| CVE-2017-13214 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the hardware HEVC decoder, some media files could cause a page fault. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38495900. | ||||
| CVE-2017-13198 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399117. | ||||
| CVE-2017-13194 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | N/A |
| A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201. | ||||
| CVE-2017-13186 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716. | ||||
| CVE-2017-13176 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68341964. | ||||
| CVE-2017-12842 | 1 Bitcoin | 1 Bitcoin Core | 2024-11-21 | 7.5 High |
| Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an autonomous system relies solely on an SPV proof for transactions of a greater dollar amount. | ||||
| CVE-2017-12795 | 1 Openmrs | 1 Openmrs-module-htmlformentry | 2024-11-21 | N/A |
| OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation). | ||||