CVE-2017-0625

The CVE-2017-0625 entry corresponds to an information disclosure vulnerability in the MediaTek command queue driver affecting Android. Connected CNVD records describe impact as local information disclosure enabling a malicious local app to access data outside its permissions, with Android version...

CVE-2017-0625

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...

Google Android MediaTek command queue driver elevation of privilege vulnerability

Google Android is a Linux-based operating system for smartphone devices. An elevation of privilege vulnerability exists in the Google Android MediaTek command queue driver, which can be exploited by a remote attacker to construct a malicious application that can be elevated in privilege by induci...

Denial Of Service (DoS)

github.com/jpmorganchase/quorum is vulnerable to denial of service DoS attacks. The library does not properly perform fetcher queue handling to protect against denial of service attacks...

GitLab: Missing/Breach of Internal Security Boundary - Access to Job Queue Results in Remote Code Execution

Test Conditions ============= This issue was tested in GitLab Community Edition using a combination of code review against git commit 6c65b63ca5, April 20 2017 and testing likely issues against a local deployment of Bitnami GitLab Community Edition 9.0.5-0, running on Ubuntu 14.04.5. These are...

CVE-2017-3793

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance ASA Software 8.0 through 8.7 and 9.0 through 9.6 and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all...

Cisco ASA Software TCP Normalizer Denial of Service Vulnerability (cisco-sa-20170419-asa-norm)

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause Cisco ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service DoS condition. Copyright C 2017 Greenbone Networks Gm...

DEBIAN-CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

UBUNTU-CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

PT-2017-2371 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.10.9 Description: The issue is related to the crypto/ahash.c component in the Linux kernel, which can lead to a denial of service due to infinite recursion. This occurs when an attacker triggers EBUSY on a full...

Interactive Multi User Javascript Shell: JSShell

Interactive Multi User Javascript Shell An interactive multi-user web based shell written in Python with Flask for server side and of course Javascript and HTML client side. It was initially created in order to debug remote esoteric browsers during tests and research. Features Multi client suppor...

Google Android MediaTek component elevation of privilege vulnerability (CNVD-2017-03385)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. MediaTek is a MediaTek component used in one of MediaTek's devices. An elevation of privilege vulnerability exists in the MediaTek components of Android, including the...

CVE-2017-0501

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0506

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0505

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0506

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0501

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...