# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
21251 |
CVE-2017-18205 |
476 |
|
|
2018-02-27 |
2018-10-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. |
21252 |
CVE-2017-18202 |
416 |
|
DoS |
2018-02-27 |
2018-09-26 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window. |
21253 |
CVE-2017-18201 |
415 |
|
|
2018-02-26 |
2018-10-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c. |
21254 |
CVE-2017-18200 |
20 |
|
DoS |
2018-02-25 |
2018-03-16 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim. |
21255 |
CVE-2017-18199 |
476 |
|
DoS |
2018-02-24 |
2018-10-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. |
21256 |
CVE-2017-18198 |
125 |
|
DoS |
2018-02-24 |
2018-10-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. |
21257 |
CVE-2017-18197 |
611 |
|
|
2018-02-23 |
2018-03-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView. |
21258 |
CVE-2017-18195 |
20 |
|
|
2018-02-26 |
2018-03-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers. |
21259 |
CVE-2017-18194 |
89 |
|
Exec Code Sql |
2018-02-22 |
2018-03-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter. |
21260 |
CVE-2017-18193 |
119 |
|
DoS Overflow |
2018-02-22 |
2018-05-23 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. |
21261 |
CVE-2017-18192 |
200 |
|
+Info |
2018-02-20 |
2018-03-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
smart/calculator/gallerylock/CalculatorActivity.java in the "Photo,Video Locker-Calculator" application through 18 for Android allows attackers to access files via the backdoor 17621762 PIN. |
21262 |
CVE-2017-18191 |
|
|
DoS |
2018-02-19 |
2019-10-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected. |
21263 |
CVE-2017-18190 |
290 |
|
Exec Code |
2018-02-16 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). |
21264 |
CVE-2017-18189 |
476 |
|
|
2018-02-15 |
2019-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service. |
21265 |
CVE-2017-18187 |
190 |
|
Overflow Bypass |
2018-02-14 |
2019-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. |
21266 |
CVE-2017-18186 |
835 |
|
|
2018-02-13 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. |
21267 |
CVE-2017-18185 |
125 |
|
Overflow |
2018-02-13 |
2018-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter. |
21268 |
CVE-2017-18184 |
125 |
|
|
2018-02-13 |
2018-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. |
21269 |
CVE-2017-18183 |
835 |
|
|
2018-02-13 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. |
21270 |
CVE-2017-18179 |
287 |
|
|
2018-02-12 |
2018-03-05 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1. |
21271 |
CVE-2017-18178 |
601 |
|
|
2018-02-12 |
2018-03-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1. |
21272 |
CVE-2017-18174 |
415 |
|
|
2018-02-11 |
2018-12-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free. |
21273 |
CVE-2017-18173 |
190 |
|
|
2019-05-06 |
2019-05-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. |
21274 |
CVE-2017-18172 |
190 |
|
Overflow |
2018-10-23 |
2018-12-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. |
21275 |
CVE-2017-18171 |
119 |
|
Overflow Mem. Corr. |
2018-10-23 |
2019-10-02 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. |
21276 |
CVE-2017-18170 |
191 |
|
Mem. Corr. |
2018-10-23 |
2018-12-11 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. |
21277 |
CVE-2017-18169 |
617 |
|
|
2018-06-15 |
2019-10-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. |
21278 |
CVE-2017-18159 |
125 |
|
|
2018-07-06 |
2018-08-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur. |
21279 |
CVE-2017-18158 |
119 |
|
Overflow |
2018-07-06 |
2018-08-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images. |
21280 |
CVE-2017-18157 |
416 |
|
|
2019-05-06 |
2019-05-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. |
21281 |
CVE-2017-18156 |
416 |
|
|
2019-05-06 |
2019-05-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20. |
21282 |
CVE-2017-18155 |
20 |
|
|
2018-07-12 |
2018-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault. |
21283 |
CVE-2017-18154 |
119 |
|
Overflow |
2018-06-06 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. |
21284 |
CVE-2017-18147 |
20 |
|
|
2018-04-03 |
2018-04-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated. |
21285 |
CVE-2017-18146 |
347 |
|
|
2018-04-11 |
2018-05-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail. |
21286 |
CVE-2017-18145 |
416 |
|
|
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event. When processing subsequent events, a Use After Condition will occur. |
21287 |
CVE-2017-18144 |
416 |
|
|
2018-04-11 |
2018-05-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated. If the WPA supplicant command transmission fails, a Use After Free condition will occur. |
21288 |
CVE-2017-18143 |
|
|
|
2018-04-11 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled. |
21289 |
CVE-2017-18142 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, while processing the IMS SIP username, a buffer overflow can occur. |
21290 |
CVE-2017-18141 |
|
|
|
2019-01-03 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. |
21291 |
CVE-2017-18140 |
416 |
|
|
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, when processing a call disconnection, there is an attempt to print the RIL token-id to the debug log. If eMBMS service is enabled while processing the call disconnect, a Use After Free condition may potentially occur. |
21292 |
CVE-2017-18139 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call. |
21293 |
CVE-2017-18138 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, in GERAN, a buffer overflow may potentially occur. |
21294 |
CVE-2017-18137 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 835, while processing the IPv6 pdp address of the pdp context, a buffer overflow can occur. |
21295 |
CVE-2017-18136 |
416 |
|
|
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, in the omx aac component, a Use After Free condition may potentially occur. |
21296 |
CVE-2017-18135 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur. |
21297 |
CVE-2017-18134 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card. |
21298 |
CVE-2017-18133 |
119 |
|
Overflow |
2018-04-11 |
2018-05-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, an out of bound access for ebi channel array can potentially occur. |
21299 |
CVE-2017-18132 |
119 |
|
Overflow |
2018-04-11 |
2018-05-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, MDM8996, an out-of-bounds access can potentially occur in tz_assign(). |
21300 |
CVE-2017-18131 |
665 |
|
|
2019-05-06 |
2019-05-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016. |