Weekly Vulnerabilities Reports > April 3 to 9, 2017
Overview
250 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 69 high severity vulnerabilities. This weekly summary report vulnerabilities in 186 products from 92 vendors including Linux, Google, Cisco, Libtiff, and Canonical. Vulnerabilities are notably categorized as "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "NULL Pointer Dereference", and "Cross-site Scripting".
- 213 reported vulnerabilities are remotely exploitables.
- 19 reported vulnerabilities have public exploit available.
- 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 218 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 36 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 12 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
29 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-07 | CVE-2017-0561 | Linux | Out-of-bounds Write vulnerability in Linux Kernel 3.10/3.18 A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. | 10.0 |
2017-04-06 | CVE-2017-3834 | Cisco | Insecure Default Initialization of Resource vulnerability in Cisco Aironet Access Point Firmware A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device. | 10.0 |
2017-04-05 | CVE-2017-7450 | Airtame | Improper Authentication vulnerability in Airtame Hdmi Dongle Firmware AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. | 10.0 |
2017-04-03 | CVE-2016-10312 | Jensenofscandinavia | Command Injection vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 10.0 |
2017-04-06 | CVE-2016-8735 | Apache Canonical Netapp Debian Redhat Oracle | Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. | 9.8 |
2017-04-06 | CVE-2016-6809 | Apache | Deserialization of Untrusted Data vulnerability in Apache Nutch and Tika Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. | 9.8 |
2017-04-04 | CVE-2016-10229 | Linux | Improperly Implemented Security Check for Standard vulnerability in multiple products udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. | 9.8 |
2017-04-03 | CVE-2017-7410 | Websitebaker | SQL Injection vulnerability in Websitebaker Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter. | 9.8 |
2017-04-07 | CVE-2017-0564 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 |
2017-04-07 | CVE-2017-0563 | Linux | Insufficient Verification of Data Authenticity vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 |
2017-04-07 | CVE-2017-0562 | Privilege Escalation vulnerability in Google Android MediaTek Touchscreen Driver An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 | |
2017-04-07 | CVE-2017-0546 | NULL Pointer Dereference vulnerability in Google Android An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 | |
2017-04-07 | CVE-2017-0545 | Incorrect Calculation vulnerability in Google Android An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 | |
2017-04-07 | CVE-2017-0544 | Operation on a Resource after Expiration or Release vulnerability in Google Android An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. | 9.3 | |
2017-04-07 | CVE-2017-0543 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-07 | CVE-2017-0542 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-07 | CVE-2017-0541 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-07 | CVE-2017-0540 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-07 | CVE-2017-0539 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-07 | CVE-2017-0538 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 | |
2017-04-06 | CVE-2017-7572 | Backintime Project | Race Condition vulnerability in Backintime Project Backintime The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). | 9.3 |
2017-04-06 | CVE-2016-10320 | Textract Project | OS Command Injection vulnerability in Textract Project Textract textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. | 9.3 |
2017-04-05 | CVE-2017-7444 | Veritas | DLL Loading Local Code Execution vulnerability in Veritas System Recovery 16 In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. | 9.3 |
2017-04-04 | CVE-2014-9922 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | 9.3 |
2017-04-07 | CVE-2016-7786 | Sophos | Permissions, Privileges, and Access Controls vulnerability in Sophos Cyberoam Cr25Ing UTM Firmware 10.6.2 Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. | 9.0 |
2017-04-06 | CVE-2017-6884 | Zyxel | OS Command Injection vulnerability in Zyxel Emg2926 Firmware V1.00(Aaqt.4)B8 A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. | 9.0 |
2017-04-06 | CVE-2017-6968 | GMV | Unspecified vulnerability in GMV Checker ATM Security GMV Checker ATM Security prior to 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03. | 9.0 |
2017-04-05 | CVE-2016-9091 | Bluecoat | OS Command Injection vulnerability in Bluecoat products Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. | 9.0 |
2017-04-04 | CVE-2017-7413 | Horde | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address. | 9.0 |
69 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-04 | CVE-2017-7398 | D Link | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-615 Firmware 20.09 D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. | 8.8 |
2017-04-05 | CVE-2017-6956 | Broadcom | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Hardmac Wi-Fi SOC Firmware 6.37.34.40 On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element (FT-IE). | 8.3 |
2017-04-09 | CVE-2017-7605 | Libaacplus Project | Reachable Assertion vulnerability in Libaacplus Project Libaacplus 2.0.2 aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 7.8 |
2017-04-09 | CVE-2017-7604 | Libaacplus Project | Improper Input Validation vulnerability in Libaacplus Project Libaacplus 2.0.2 au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 7.8 |
2017-04-09 | CVE-2017-7603 | Libaacplus Project | Integer Overflow or Wraparound vulnerability in Libaacplus Project Libaacplus 2.0.2 au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 7.8 |
2017-04-07 | CVE-2017-6019 | Schneider Electric | Resource Exhaustion vulnerability in Schneider-Electric Conext Combox 865-1058 Firmware An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. | 7.8 |
2017-04-06 | CVE-2017-3832 | Cisco | Improper Handling of Exceptional Conditions vulnerability in Cisco Wireless LAN Controller Firmware 8.3.102.0 A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
2017-04-06 | CVE-2016-9219 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. | 7.8 |
2017-04-06 | CVE-2017-2675 | Objective Development Obdev | Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. | 7.8 |
2017-04-07 | CVE-2017-0583 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0582 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the HTC OEM fastboot command could enable a local malicious application to execute arbitrary code within the context of the sensor hub. | 7.6 |
2017-04-07 | CVE-2017-0581 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0580 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0579 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0578 | Privilege Escalation vulnerability in Google Android DTS Sound Driver An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 | |
2017-04-07 | CVE-2017-0577 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0576 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0575 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0574 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0573 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0572 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0571 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0570 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0569 | Linux | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0568 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0567 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0566 | Privilege Escalation vulnerability in Google Android MediaTek Camera Driver An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 | |
2017-04-07 | CVE-2017-0565 | Privilege Escalation vulnerability in Google Android MediaTek Thermal Driver An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 | |
2017-04-07 | CVE-2017-0462 | Linux | Race Condition vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-07 | CVE-2017-0454 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-05 | CVE-2017-0339 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-05 | CVE-2017-0332 | Linux | Out-of-bounds Write vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-05 | CVE-2017-0329 | Linux | Privilege Escalation vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. | 7.6 |
2017-04-05 | CVE-2017-0327 | Linux | Classic Buffer Overflow vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-05 | CVE-2017-0325 | Linux | Out-of-bounds Write vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-04-09 | CVE-2017-7614 | GNU | NULL Pointer Dereference vulnerability in GNU Binutils 2.28 elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. | 7.5 |
2017-04-07 | CVE-2007-6760 | Dataprobe | Improper Authentication vulnerability in Dataprobe Ibootbar Firmware Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie. | 7.5 |
2017-04-07 | CVE-2007-6759 | Dataprobe | Improper Authentication vulnerability in Dataprobe Ibootbar Firmware Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie. | 7.5 |
2017-04-07 | CVE-2017-7581 | News System Project | SQL Injection vulnerability in News System Project News System SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed. | 7.5 |
2017-04-06 | CVE-2017-7576 | Dragonwavex | Use of Hard-coded Credentials vulnerability in Dragonwavex Horizon Wireless Radio Firmware 1.01.03 DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. | 7.5 |
2017-04-06 | CVE-2017-7574 | Schneider Electric | Use of Hard-coded Credentials vulnerability in Schneider-Electric Modicon Tm221Ce16R Firmware and Somachine Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. | 7.5 |
2017-04-06 | CVE-2015-8965 | Perforce Oracle | Permissions, Privileges, and Access Controls vulnerability in multiple products Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code. | 7.5 |
2017-04-06 | CVE-2017-7237 | Spiceworks | Unspecified vulnerability in Spiceworks 7.5 The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file. | 7.5 |
2017-04-06 | CVE-2017-0305 | F5 | Unspecified vulnerability in F5 SSL Intercept Iapp 1.5.0/1.5.7 F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic. | 7.5 |
2017-04-04 | CVE-2017-5649 | Apache | Information Exposure vulnerability in Apache Geode 1.0.0/1.1.0 Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the cluster. | 7.5 |
2017-04-03 | CVE-2017-7397 | Backbox | Resource Exhaustion vulnerability in Backbox Linux 4.6 BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). | 7.5 |
2017-04-03 | CVE-2017-7402 | Lucidcrew | Code Injection vulnerability in Lucidcrew Pixie 1.04 Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, such as a .jpg.php file with Content-Type of image/jpeg. | 7.5 |
2017-04-03 | CVE-2017-5642 | Apache | Incorrect Default Permissions vulnerability in Apache Ambari 2.4.0/2.4.1/2.4.2 During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs. | 7.5 |
2017-04-03 | CVE-2014-3927 | Mrlg4Php Project | Code Injection vulnerability in Mrlg4PHP Project Mrlg4PHP mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code. | 7.5 |
2017-04-03 | CVE-2017-6441 | PHP | NULL Pointer Dereference vulnerability in PHP 7.1.2 The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. | 7.5 |
2017-04-03 | CVE-2017-5949 | Apple | Out-of-bounds Write vulnerability in Apple Safari 22 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory locations, related to jit/ThunkGenerators.cpp, llint/LowLevelInterpreter32_64.asm, and llint/LowLevelInterpreter64.asm. | 7.5 |
2017-04-03 | CVE-2017-1001000 | Wordpress | Unspecified vulnerability in Wordpress 4.7/4.7.1/4.7.2 The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI. | 7.5 |
2017-04-07 | CVE-2017-6600 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 7.2 |
2017-04-07 | CVE-2017-6598 | Cisco | Missing Authorization vulnerability in Cisco products A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. | 7.2 |
2017-04-07 | CVE-2017-6597 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 7.2 |
2017-04-07 | CVE-2016-9197 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Mobility Services Engine 8.3.102.0 A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. | 7.2 |
2017-04-07 | CVE-2016-9196 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Aironet Access Point A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. | 7.2 |
2017-04-05 | CVE-2017-6975 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. | 7.2 |
2017-04-04 | CVE-2017-7307 | Riverbed | Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Rios Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file. | 7.2 |
2017-04-04 | CVE-2017-7228 | XEN | Improper Validation of Array Index vulnerability in XEN An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. | 7.2 |
2017-04-04 | CVE-2017-5683 | Intel | Local Privilege Escalation vulnerability in Intel Hardware Accelerated Execution Manager Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access. | 7.2 |
2017-04-04 | CVE-2017-7412 | Nixos | Unspecified vulnerability in Nixos 17.03 NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands. | 7.2 |
2017-04-07 | CVE-2017-0552 | Denial of Service vulnerability in Google Android Mediaserver A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 | |
2017-04-07 | CVE-2017-0551 | Denial of Service vulnerability in Google Android Mediaserver A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 | |
2017-04-07 | CVE-2017-0550 | Denial of Service vulnerability in Google Android Mediaserver A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 | |
2017-04-07 | CVE-2017-0549 | Denial of Service vulnerability in Google Android Mediaserver A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 | |
2017-04-07 | CVE-2017-0548 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 7.0/7.1.0/7.1.1 A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 | |
2017-04-07 | CVE-2017-3885 | Cisco | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. | 7.1 |
2017-04-07 | CVE-2017-0553 | Integer Overflow or Wraparound vulnerability in Google Android An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. | 7.0 |
131 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-07 | CVE-2017-6606 | Cisco | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. | 6.9 |
2017-04-05 | CVE-2017-7358 | Lightdm Project Canonical | Path Traversal vulnerability in multiple products In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. | 6.9 |
2017-04-09 | CVE-2017-7602 | Libtiff | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7601 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7600 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7599 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7597 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7596 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-09 | CVE-2017-7592 | Libtiff | Improper Input Validation vulnerability in Libtiff 4.0.7 The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
2017-04-07 | CVE-2017-6033 | Schneider Electric | Uncontrolled Search Path Element vulnerability in Schneider-Electric Interactive Graphical Scada System 10.0/9.0 A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. | 6.8 |
2017-04-07 | CVE-2017-0554 | Missing Authorization vulnerability in Google Android An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. | 6.8 | |
2017-04-07 | CVE-2017-7584 | Foxitsoftware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit PDF Toolkit Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file. | 6.8 |
2017-04-07 | CVE-2017-7578 | Libming | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming 0.4.7 Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. | 6.8 |
2017-04-05 | CVE-2017-7447 | Helpdezk | Cross-Site Request Forgery (CSRF) vulnerability in Helpdezk 1.1.1 HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code. | 6.8 |
2017-04-05 | CVE-2017-7446 | Helpdezk | Cross-Site Request Forgery (CSRF) vulnerability in Helpdezk 1.1.1 HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges. | 6.8 |
2017-04-05 | CVE-2016-6100 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
2017-04-04 | CVE-2016-3740 | Foxitsoftware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader 7.3.4.311 Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. | 6.8 |
2017-04-04 | CVE-2017-3204 | Golang | Security Bypass vulnerability in Golang Go SSH Library The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. | 6.8 |
2017-04-03 | CVE-2016-10317 | Artifex | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript 9.20 The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. | 6.8 |
2017-04-03 | CVE-2017-6448 | Radare | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 1.2.1 The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | 6.8 |
2017-04-03 | CVE-2017-6194 | Radare | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 1.2.1 The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | 6.8 |
2017-04-03 | CVE-2016-10313 | Jensenofscandinavia | Cross-Site Request Forgery (CSRF) vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 6.8 |
2017-04-07 | CVE-2017-7570 | Pivotx | Code Injection vulnerability in Pivotx 2.3.11 PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension. | 6.5 |
2017-04-06 | CVE-2017-7565 | Splunk | Path Traversal vulnerability in Splunk Hadoop Connect Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041. | 6.5 |
2017-04-05 | CVE-2017-0886 | Nextcloud | Uncontrolled Recursion vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. | 6.5 |
2017-04-04 | CVE-2017-7306 | Riverbed | Weak Password Requirements vulnerability in Riverbed Rios Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. | 6.4 |
2017-04-07 | CVE-2017-6603 | Cisco | Denial of Service vulnerability in Cisco ASR 900 Series Firmware 15.4(3)S3.15 A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with an RSP2 card could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system because of incorrect IPv6 Packet Processing. | 6.1 |
2017-04-06 | CVE-2016-9194 | Cisco | Resource Management Errors vulnerability in Cisco products A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
2017-04-06 | CVE-2017-7571 | Ladybirdweb | Cross-Site Request Forgery (CSRF) vulnerability in Ladybirdweb Faveo Helpdesk 1.9.3 public/rolechangeadmin in Faveo 1.9.3 allows CSRF. | 6.0 |
2017-04-07 | CVE-2017-6604 | Cisco | Open Redirect vulnerability in Cisco Unified Computing System 2.2(8B)/3.0(1C)/3.1(2C)B A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 5.8 |
2017-04-07 | CVE-2017-3889 | Cisco | Improper Input Validation vulnerability in Cisco Registered Envelope Service 5.1.0015 A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. | 5.8 |
2017-04-06 | CVE-2017-6130 | F5 | Server-Side Request Forgery (SSRF) vulnerability in F5 SSL Intercept Iapp and SSL Orchestrator F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic. | 5.8 |
2017-04-04 | CVE-2017-7234 | Djangoproject | Open Redirect vulnerability in Djangoproject Django A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability. | 5.8 |
2017-04-04 | CVE-2017-7233 | Djangoproject | Open Redirect vulnerability in Djangoproject Django Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. | 5.8 |
2017-04-03 | CVE-2016-10316 | Jensenofscandinavia | Open Redirect vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 5.8 |
2017-04-03 | CVE-2016-10315 | Jensenofscandinavia | Open Redirect vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 5.8 |
2017-04-05 | CVE-2017-0883 | Nextcloud | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. | 5.5 |
2017-04-05 | CVE-2017-2671 | Linux | Unspecified vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. | 5.5 |
2017-04-03 | CVE-2016-10221 | Artifex | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mupdf 1.10A The count_entries function in pdf-layer.c in Artifex Software, Inc. | 5.5 |
2017-04-03 | CVE-2016-10218 | Artifex | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. | 5.5 |
2017-04-03 | CVE-2016-10217 | Artifex | Use After Free vulnerability in Artifex Ghostscript 9.20 The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. | 5.5 |
2017-04-04 | CVE-2017-0360 | Tryton | Improper Privilege Management vulnerability in Tryton file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. | 5.3 |
2017-04-04 | CVE-2017-7414 | Horde | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. | 5.1 |
2017-04-07 | CVE-2017-6599 | Cisco | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XR 6.1.1/6.2.1 A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. | 5.0 |
2017-04-07 | CVE-2016-9195 | Cisco | Resource Management Errors vulnerability in Cisco Wireless LAN Controller 8.3.102.0 A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by disconnecting a single connection. | 5.0 |
2017-04-07 | CVE-2017-7577 | Xiongmaitech | Path Traversal vulnerability in Xiongmaitech Uc-Httpd XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. | 5.0 |
2017-04-06 | CVE-2017-7575 | Schneider Electric | Information Exposure vulnerability in Schneider-Electric Modicon Tm221Ce16R Firmware 1.3.3.3 Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). | 5.0 |
2017-04-06 | CVE-2017-7569 | Vbulletin | Server-Side Request Forgery (SSRF) vulnerability in Vbulletin In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. | 5.0 |
2017-04-06 | CVE-2017-7192 | Starscream Project | Improper Certificate Validation vulnerability in Starscream Project Starscream WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false). | 5.0 |
2017-04-06 | CVE-2017-5887 | Starscream Project | Improper Certificate Validation vulnerability in Starscream Project Starscream WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function). | 5.0 |
2017-04-05 | CVE-2015-9019 | Xmlsoft | Use of Insufficiently Random Values vulnerability in Xmlsoft Libxslt In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs. | 5.0 |
2017-04-05 | CVE-2015-4680 | Freeradius Suse | Improper Certificate Validation vulnerability in multiple products FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. | 5.0 |
2017-04-04 | CVE-2015-1612 | Opendaylight | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay." | 5.0 |
2017-04-04 | CVE-2015-1611 | Opendaylight | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection." | 5.0 |
2017-04-03 | CVE-2014-3930 | LG Project | Improper Access Control vulnerability in LG Project LG 1.01 lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentials. | 5.0 |
2017-04-03 | CVE-2014-3929 | LG Project | Improper Access Control vulnerability in LG Project LG The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys. | 5.0 |
2017-04-03 | CVE-2014-3928 | LG Project | Improper Access Control vulnerability in LG Project LG Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials. | 5.0 |
2017-04-03 | CVE-2014-1677 | Technicolor | Information Exposure vulnerability in Technicolor Tc7200 Firmware Std6.01.12 Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information. | 5.0 |
2017-04-03 | CVE-2013-7450 | Pulpproject | Improper Certificate Validation vulnerability in Pulpproject Pulp 2.2.11 Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations. | 5.0 |
2017-04-03 | CVE-2017-7401 | Collectd | Infinite Loop vulnerability in Collectd Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet. | 5.0 |
2017-04-03 | CVE-2017-6181 | Ruby Lang | Improper Input Validation vulnerability in Ruby-Lang Ruby 2.4.0 The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression. | 5.0 |
2017-04-03 | CVE-2017-5924 | Virustotal | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function. | 5.0 |
2017-04-03 | CVE-2017-5923 | Virustotal | Out-of-bounds Read vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. | 5.0 |
2017-04-03 | CVE-2016-10226 | Apple | Out-of-bounds Read vulnerability in Apple Safari 18 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | 5.0 |
2017-04-03 | CVE-2016-10222 | Apple | Improper Input Validation vulnerability in Apple Safari 18 runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | 5.0 |
2017-04-03 | CVE-2016-10211 | Virustotal | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | 5.0 |
2017-04-03 | CVE-2016-10210 | Virustotal | NULL Pointer Dereference vulnerability in Virustotal Yara 3.5.0 libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. | 5.0 |
2017-04-06 | CVE-2017-4964 | Cloudfoundry | Code Injection vulnerability in Cloudfoundry Bosh Azure CPI 22 Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a maliciously crafted stemcell to execute arbitrary code on VMs created by the director, aka a "CPI code injection vulnerability." | 4.6 |
2017-04-04 | CVE-2016-5870 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. | 4.6 |
2017-04-04 | CVE-2017-7305 | Riverbed | Weak Password Requirements vulnerability in Riverbed Rios Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. | 4.6 |
2017-04-09 | CVE-2017-7613 | Elfutils Project Debian Canonical | Improper Input Validation vulnerability in multiple products elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7612 | Elfutils Project Debian Canonical | Out-of-bounds Read vulnerability in multiple products The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7611 | Elfutils Project Debian Canonical | Out-of-bounds Read vulnerability in multiple products The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7610 | Elfutils Project Debian Canonical | Out-of-bounds Read vulnerability in multiple products The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7609 | Elfutils Project | Improper Input Validation vulnerability in Elfutils Project Elfutils 0.168 elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7608 | Elfutils Project Debian Canonical | Out-of-bounds Read vulnerability in multiple products The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7607 | Elfutils Project | Out-of-bounds Read vulnerability in Elfutils Project Elfutils 0.168 The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
2017-04-09 | CVE-2017-7606 | Imagemagick | Improper Input Validation vulnerability in Imagemagick 7.0.54 coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 4.3 |
2017-04-09 | CVE-2017-7598 | Libtiff | Divide By Zero vulnerability in Libtiff 4.0.7 tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 4.3 |
2017-04-09 | CVE-2017-7595 | Libtiff | Divide By Zero vulnerability in Libtiff 4.0.7 The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 4.3 |
2017-04-09 | CVE-2017-7594 | Libtiff | Missing Release of Resource after Effective Lifetime vulnerability in Libtiff 4.0.7 The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image. | 4.3 |
2017-04-09 | CVE-2017-7593 | Libtiff | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | 4.3 |
2017-04-09 | CVE-2017-7591 | Openidm Project | Cross-site Scripting vulnerability in Openidm Project Openidm 4.0.0/4.5.0 OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/. | 4.3 |
2017-04-09 | CVE-2017-7590 | Openidm Project | Cross-site Scripting vulnerability in Openidm Project Openidm 4.0.0/4.5.0 OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name. | 4.3 |
2017-04-07 | CVE-2017-0560 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the factory reset process could enable a local malicious attacker to access data from the previous owner. | 4.3 | |
2017-04-07 | CVE-2017-0559 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-0558 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-0557 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-0556 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-0555 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libavc in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-0547 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 | |
2017-04-07 | CVE-2017-7586 | Libsndfile Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 4.3 |
2017-04-07 | CVE-2017-7585 | Libsndfile Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 4.3 |
2017-04-07 | CVE-2017-7583 | Ilias | Cross-site Scripting vulnerability in Ilias ILIAS before 5.2.3 has XSS via SVG documents. | 4.3 |
2017-04-07 | CVE-2016-6805 | Apache | XXE vulnerability in Apache Ignite Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents. | 4.3 |
2017-04-07 | CVE-2017-3887 | Cisco | Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower Threat Defense 6.0.1/6.1.0/6.2.0 A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. | 4.3 |
2017-04-07 | CVE-2017-3848 | Cisco | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 2.2(2)/3.0 A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 4.3 |
2017-04-07 | CVE-2017-7579 | Phpmyfaq | Cross-site Scripting vulnerability in PHPmyfaq inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. | 4.3 |
2017-04-06 | CVE-2016-1000307 | Clip Bucket | Cross-site Scripting vulnerability in Clip-Bucket Clipbucket Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ProfileSettings page; (2) note parameter to PersonalNotes Section; (3) closed_msg, description, allowed_types parameters to WebsiteConfigurations Section. | 4.3 |
2017-04-06 | CVE-2016-5349 | Information Exposure vulnerability in Google Android The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. | 4.3 | |
2017-04-06 | CVE-2016-10319 | ARM Trusted Firmware Project | Integer Overflow or Wraparound vulnerability in ARM Trusted Firmware Project ARM Trusted Firmware 1.2/1.3 In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. | 4.3 |
2017-04-06 | CVE-2017-7454 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.0 The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 4.3 |
2017-04-06 | CVE-2017-7453 | Entropymine | NULL Pointer Dereference vulnerability in Entropymine Imageworsener 1.3.0 The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-04-06 | CVE-2017-7452 | Entropymine | NULL Pointer Dereference vulnerability in Entropymine Imageworsener 1.3.0 The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-04-05 | CVE-2017-7448 | Dropbox | Divide By Zero vulnerability in Dropbox Lepton 1.2.1 The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image. | 4.3 |
2017-04-05 | CVE-2017-7443 | APT Cacher NG Project APT Cacher Project | HTTP Response Splitting vulnerability in multiple products apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression. | 4.3 |
2017-04-05 | CVE-2017-0888 | Nextcloud | Improper Input Validation vulnerability in Nextcloud Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. | 4.3 |
2017-04-05 | CVE-2017-0887 | Nextcloud | Improper Input Validation vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. | 4.3 |
2017-04-05 | CVE-2017-0885 | Nextcloud | Information Exposure vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. | 4.3 |
2017-04-05 | CVE-2017-0884 | Nextcloud | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. | 4.3 |
2017-04-05 | CVE-2014-9829 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file. | 4.3 |
2017-04-03 | CVE-2017-7383 | Podofo Project | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-7382 | Podofo Project | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-7381 | Podofo Project | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-7380 | Podofo Project | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-7379 | Podofo Project | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-7378 | Podofo Project | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | 4.3 |
2017-04-03 | CVE-2017-5951 | Artifex | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. | 4.3 |
2017-04-03 | CVE-2017-5950 | Yaml CPP Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Yaml-Cpp Project Yaml-Cpp 0.5.3 The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | 4.3 |
2017-04-03 | CVE-2016-10220 | Artifex | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. | 4.3 |
2017-04-03 | CVE-2016-10219 | Artifex | Divide By Zero vulnerability in Artifex Ghostscript 9.20 The intersect function in base/gxfill.c in Artifex Software, Inc. | 4.3 |
2017-04-03 | CVE-2016-10209 | Libarchive | NULL Pointer Dereference vulnerability in Libarchive 3.2.2 The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. | 4.3 |
2017-04-09 | CVE-2017-7589 | Openidm Project | Information Exposure vulnerability in Openidm Project Openidm 4.0.0/4.5.0 In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. | 4.0 |
2017-04-07 | CVE-2017-3886 | Cisco | SQL Injection vulnerability in Cisco Unified Communications Manager 11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. | 4.0 |
2017-04-07 | CVE-2017-3884 | Cisco | Information Exposure vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. | 4.0 |
2017-04-07 | CVE-2017-3817 | Cisco | Incorrect Authorization vulnerability in Cisco Unified Computing System Director 5.5.0.1/6.0.0.0 A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. | 4.0 |
2017-04-06 | CVE-2017-7566 | Mybb | Server-Side Request Forgery (SSRF) vulnerability in Mybb MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. | 4.0 |
2017-04-05 | CVE-2017-6339 | Trendmicro | Weak Password Requirements vulnerability in Trendmicro Interscan web Security Virtual Appliance Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. | 4.0 |
2017-04-05 | CVE-2017-6338 | Trendmicro | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Interscan web Security Virtual Appliance Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify reports, or upload an HTTPS Decryption Certificate and Private Key. | 4.0 |
2017-04-04 | CVE-2016-10318 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | 4.0 |
2017-04-03 | CVE-2016-10314 | Jensenofscandinavia | Information Exposure vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 4.0 |
21 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-07 | CVE-2017-6602 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 3.6 |
2017-04-07 | CVE-2017-6601 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 3.6 |
2017-04-07 | CVE-2017-3888 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 12.0(0.98000.452) A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
2017-04-06 | CVE-2015-4673 | Clip Bucket | Cross-site Scripting vulnerability in Clip-Bucket Clipbucket 2.7.0.5 Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the collection_description parameter to upload/manage_collections.php in an add_new action or the (2) photo_description, (3) photo_tags, or (4) photo_title parameter to upload/actions/photo_uploader.php. | 3.5 |
2017-04-05 | CVE-2017-1180 | IBM | Remote Privilege Escalation vulnerability in IBM TRIRIGA Application Platform The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. | 3.5 |
2017-04-05 | CVE-2016-3031 | IBM | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 3.5 |
2017-04-05 | CVE-2016-3015 | IBM | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 3.5 |
2017-04-05 | CVE-2017-6340 | Trendmicro | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. | 3.5 |
2017-04-03 | CVE-2017-7400 | Openstack | Cross-site Scripting vulnerability in Openstack Horizon OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. | 3.5 |
2017-04-07 | CVE-2017-2387 | Apple | Improper Certificate Validation vulnerability in Apple Music 1.2.1 The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2.9 |
2017-04-07 | CVE-2017-0586 | Linux | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
2017-04-07 | CVE-2017-0585 | Linux | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
2017-04-07 | CVE-2017-0584 | Linux | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
2017-04-05 | CVE-2017-0330 | Linux | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
2017-04-05 | CVE-2017-0328 | Linux | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
2017-04-04 | CVE-2017-7418 | Proftpd | Link Following vulnerability in Proftpd 1.3.2/1.3.4/1.3.6 ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. | 2.1 |
2017-04-04 | CVE-2017-5670 | Riverbed | Information Exposure vulnerability in Riverbed Rios Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks. | 2.1 |
2017-04-03 | CVE-2017-5686 | Intel | Incorrect Default Permissions vulnerability in Intel Nuc6I3Syh Bios and Nuc6I3Syk Bios The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. | 2.1 |
2017-04-03 | CVE-2017-5685 | Intel | Incorrect Default Permissions vulnerability in Intel Nuc6I7Kyk Bios Kyskli70.86A.0042.2016.0929.1933 The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. | 2.1 |
2017-04-03 | CVE-2017-5684 | Intel | Incorrect Default Permissions vulnerability in Intel Stk2Mv64Cc Bios The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. | 2.1 |
2017-04-03 | CVE-2017-7407 | Haxx | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Haxx Curl 7.53.1 The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read. | 2.1 |