Security Vulnerabilities, CVEs, Published In August 2017
D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin.
Max CVSS
10.0
EPSS Score
0.56%
Published
2017-08-25
Updated
2023-04-26
The check_login function in D-Link DNR-326 before 2.10 build 03 allows remote attackers to bypass authentication and log in by setting the username cookie parameter to an arbitrary string.
Max CVSS
10.0
EPSS Score
0.56%
Published
2017-08-25
Updated
2023-04-26
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.
Max CVSS
10.0
EPSS Score
0.12%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-22
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-22
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-22
In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-22
In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-22
In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-21
Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
78.23%
Published
2017-08-09
Updated
2017-08-18
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges.
Max CVSS
10.0
EPSS Score
0.16%
Published
2017-08-24
Updated
2017-08-29
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.
Max CVSS
10.0
EPSS Score
0.80%
Published
2017-08-22
Updated
2021-07-09
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
Max CVSS
10.0
EPSS Score
1.94%
Published
2017-08-24
Updated
2019-05-03
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in RFA-1x.
Max CVSS
10.0
EPSS Score
0.20%
Published
2017-08-18
Updated
2018-04-19