Search Results (25419 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-5601 1 Libarchive 1 Libarchive 2025-04-20 N/A
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
CVE-2017-5593 1 Psi-plus 1 Psi\+ 2025-04-20 N/A
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Psi+ (0.16.563.580 - 0.16.571.627).
CVE-2017-5592 1 Profanity Project 1 Profanity 2025-04-20 5.9 Medium
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity (0.4.7 - 0.5.0).
CVE-2017-5590 2 Chatsecure, Zom 2 Chatsecure, Zom 2025-04-20 N/A
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure (3.2.0 - 4.0.0; only iOS) and Zom (all versions up to 1.0.11; only iOS).
CVE-2017-9741 1 Projectsend 1 Projectsend 2025-04-20 N/A
install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration file.
CVE-2017-9682 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition.
CVE-2017-9680 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.
CVE-2017-9679 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs.
CVE-2017-5262 1 Cambiumnetworks 10 Cnpilot E400, Cnpilot E400 Firmware, Cnpilot E410 and 7 more 2025-04-20 N/A
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.
CVE-2017-4977 1 Emc 1 Rsa Archer Security Operations Management 2025-04-20 N/A
EMC RSA Archer Security Operations Management with RSA Unified Collector Framework versions prior to 1.3.1.52 contain a sensitive information disclosure vulnerability that could potentially be exploited by malicious users to compromise an affected system.
CVE-2017-2576 1 Moodle 1 Moodle 2025-04-20 N/A
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
CVE-2015-9031 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP.
CVE-2016-7409 1 Dropbear Ssh Project 1 Dropbear Ssh 2025-04-20 N/A
The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident.
CVE-2017-9497 2 Cisco, Motorola 2 Mx011anm Firmware, Mx011anm 2025-04-20 N/A
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route.
CVE-2017-8878 1 Asus 2 Rt-ac1750, Rt-ac1750 Firmware 2025-04-20 N/A
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.
CVE-2016-8764 1 Huawei 6 P8 Lite, P8 Lite Firmware, P9 and 3 more 2025-04-20 N/A
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver.
CVE-2017-8877 1 Asus 2 Rt-ac1750, Rt-ac1750 Firmware 2025-04-20 N/A
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
CVE-2016-8758 1 Huawei 2 Mate 8, Mate 8 Firmware 2025-04-20 N/A
ION memory management module in Huawei Mate8 phones with software NXT-AL10C00B561 and earlier versions, NXT-CL10C00B561 and earlier versions, NXT-DL10C00B561 and earlier versions, NXT-TL10C00B561 and earlier versions allows attackers to cause a denial of service (restart).
CVE-2016-8756 1 Huawei 2 Mate 8, Mate 8 Firmware 2025-04-20 N/A
ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart).
CVE-2017-8863 1 Cohuhd 2 3960hd, 3960hd Firmware 2025-04-20 N/A
Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser.