Total
309420 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0846 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810. | |||||
| CVE-2017-0751 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061. | |||||
| CVE-2017-0748 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: Android Kernel. Android ID: A-35764875. References: QC-CR#2029798. | |||||
| CVE-2017-0744 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744. | |||||
| CVE-2017-0431 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899. | |||||
| CVE-2017-0372 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities. | |||||
| CVE-2017-0371 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attr(title url);" attack within a DIV element that has an attacker-controlled URL in the title attribute. | |||||
| CVE-2017-0370 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter. | |||||
| CVE-2017-0369 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. | |||||
| CVE-2017-0368 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages. | |||||
| CVE-2017-0367 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. | |||||
| CVE-2017-0366 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 4.0 MEDIUM | 5.4 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration. | |||||
| CVE-2017-0365 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 2.6 LOW | 4.7 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations. | |||||
| CVE-2017-0364 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link. | |||||
| CVE-2017-0363 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites. | |||||
| CVE-2017-0362 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token. | |||||
| CVE-2017-0361 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext. | |||||
| CVE-2017-0359 | 2 Debian, Reproducible Builds | 2 Debian Linux, Diffoscope | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. | |||||
| CVE-2017-0358 | 2 Debian, Tuxera | 2 Debian Linux, Ntfs-3g | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. | |||||
| CVE-2017-0357 | 2 Debian, Iucode-tool Project | 2 Debian Linux, Iucode-tool | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption. | |||||