Security Vulnerabilities - CVEs Published In April 2017
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-04-13
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.
CVSS Score
9.8
EPSS Score
0.096
Published
2017-04-13
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.
CVSS Score
9.8
EPSS Score
0.002
Published
2017-04-13
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
CVSS Score
6.4
EPSS Score
0.001
Published
2017-04-13
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-04-13
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-13
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-13
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-04-13
RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).
CVSS Score
6.5
EPSS Score
0.005
Published
2017-04-13
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
CVSS Score
9.8
EPSS Score
0.256
Published
2017-04-13