Month | Quarter | Year |
---|---|---|
#11 | #11 | #12 |
CVE-ID | CWE-ID | Type | Score |
---|---|---|---|
CVE-2017-13081 | CWE-254 | Security Features | 5.3 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
|
|||
CVE-2017-13079 | CWE-254 | Security Features | 5.3 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
|
|||
CVE-2017-10661 | CWE-416 | Use After Free | 7.0 |
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
|
|||
CVE-2017-0880 | CWE-264 | Permissions, Privileges, and Access Control | 6.5 |
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID A-65646012.
|
|||
CVE-2017-0857 | CWE-399 | Resource Management Errors | 7.5 |
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.
|
|||
CVE-2017-0840 | CWE-200 | Information Leak / Disclosure | 7.5 |
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62948670.
|
|||
CVE-2017-0837 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability in the Android media framework (libaudiopolicymanager). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64340921.
|
|||
CVE-2017-0836 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226.
|
|||
CVE-2017-0824 | CWE-264 | Permissions, Privileges, and Access Control | 9.8 |
An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.
|
|||
CVE-2017-0816 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938.
|