Weekly Vulnerabilities Reports > April 10 to 16, 2017
Overview
428 new vulnerabilities reported during this period, including 79 critical vulnerabilities and 117 high severity vulnerabilities. This weekly summary report vulnerabilities in 411 products from 155 vendors including Microsoft, Adobe, Apple, Debian, and Moxa. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "Out-of-bounds Write".
- 357 reported vulnerabilities are remotely exploitables.
- 49 reported vulnerabilities have public exploit available.
- 110 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 352 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 102 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 47 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
79 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-13 | CVE-2016-6818 | SAP | SQL Injection vulnerability in SAP Business Intelligence Platform SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL query. | 10.0 |
2017-04-13 | CVE-2016-4899 | Novastor | Improper Input Validation vulnerability in Novastor Novabackup Datacenter The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | 10.0 |
2017-04-13 | CVE-2016-4898 | Novastor | Improper Input Validation vulnerability in Novastor Novabackup Datacenter The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | 10.0 |
2017-04-12 | CVE-2017-7279 | Unitrends | Reliance on Cookies without Validation and Integrity Checking vulnerability in Unitrends Enterprise Backup 7.3.0 An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login. | 10.0 |
2017-04-12 | CVE-2017-7722 | Solarwinds | Command Injection vulnerability in Solarwinds LOG & Event Manager 6.3.1 In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). | 10.0 |
2017-04-12 | CVE-2017-3063 | Adobe Microsoft Apple Linux | Use After Free vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. | 10.0 |
2017-04-12 | CVE-2017-3062 | Adobe Microsoft Apple Linux | Use After Free vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. | 10.0 |
2017-04-12 | CVE-2017-3061 | Adobe Microsoft Apple Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. | 10.0 |
2017-04-12 | CVE-2017-3060 | Adobe Microsoft Apple Linux | Out-of-bounds Read vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. | 10.0 |
2017-04-12 | CVE-2017-3059 | Adobe Microsoft Apple Linux | Use After Free vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. | 10.0 |
2017-04-12 | CVE-2017-3037 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. | 10.0 |
2017-04-12 | CVE-2017-7588 | Brother | Improper Authentication vulnerability in Brother products On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. | 10.0 |
2017-04-12 | CVE-2016-7552 | Trendmicro | Path Traversal vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. | 10.0 |
2017-04-11 | CVE-2017-7689 | Schneider Electric | Command Injection vulnerability in Schneider-Electric Homelynk Controller Lss100100 Firmware 1.3.0 A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. | 10.0 |
2017-04-10 | CVE-2016-5071 | Sierrawireless | Permissions, Privileges, and Access Controls vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root. | 10.0 |
2017-04-10 | CVE-2016-5066 | Sierrawireless | Credentials Management vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user. | 10.0 |
2017-04-10 | CVE-2015-7292 | Amazon | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Amazon Fire OS Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv. | 10.0 |
2017-04-10 | CVE-2015-2887 | Ibaby | Use of Hard-coded Credentials vulnerability in Ibaby M3S Baby Monitor Firmware iBaby M3S has a password of admin for the backdoor admin account. | 10.0 |
2017-04-10 | CVE-2015-2885 | Lens Laboratories | Use of Hard-coded Credentials vulnerability in Lens Laboratories Peek-A-View Firmware Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account. | 10.0 |
2017-04-10 | CVE-2015-2882 | Philips | Use of Hard-coded Credentials vulnerability in Philips In.Sight B12037 Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account. | 10.0 |
2017-04-10 | CVE-2015-2881 | Gynoii | Use of Hard-coded Credentials vulnerability in Gynoii Gcw-1010, Gcw-1020 and Gpw-1025 Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account. | 10.0 |
2017-04-14 | CVE-2017-7858 | Freetype | Out-of-bounds Write vulnerability in Freetype FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | 9.8 |
2017-04-14 | CVE-2017-7857 | Freetype | Out-of-bounds Write vulnerability in Freetype 2.7/2.7.0/2.7.1 FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | 9.8 |
2017-04-13 | CVE-2014-7921 | Permissions, Privileges, and Access Controls vulnerability in Google Android mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. | 9.8 | |
2017-04-13 | CVE-2014-7920 | Permissions, Privileges, and Access Controls vulnerability in Google Android mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. | 9.8 | |
2017-04-13 | CVE-2016-2555 | Atutor | SQL Injection vulnerability in Atutor 2.2.1 SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php. | 9.8 |
2017-04-12 | CVE-2016-6808 | Apache | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Tomcat JK Connector Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. | 9.8 |
2017-04-11 | CVE-2016-1908 | Openbsd Debian Oracle Redhat | Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | 9.8 |
2017-04-10 | CVE-2015-7264 | Proxygen Project | Injection vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. | 9.8 |
2017-04-13 | CVE-2010-1816 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. | 9.3 |
2017-04-12 | CVE-2017-3065 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. | 9.3 |
2017-04-12 | CVE-2017-3064 | Adobe Microsoft Apple Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. | 9.3 |
2017-04-12 | CVE-2017-3058 | Adobe Microsoft Apple Linux | Use After Free vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. | 9.3 |
2017-04-12 | CVE-2017-3057 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. | 9.3 |
2017-04-12 | CVE-2017-3056 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. | 9.3 |
2017-04-12 | CVE-2017-3055 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. | 9.3 |
2017-04-12 | CVE-2017-3054 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. | 9.3 |
2017-04-12 | CVE-2017-3051 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. | 9.3 |
2017-04-12 | CVE-2017-3050 | Adobe Apple Microsoft | Out-of-bounds Write vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. | 9.3 |
2017-04-12 | CVE-2017-3049 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. | 9.3 |
2017-04-12 | CVE-2017-3048 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. | 9.3 |
2017-04-12 | CVE-2017-3047 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. | 9.3 |
2017-04-12 | CVE-2017-3044 | Adobe Apple Microsoft | Out-of-bounds Write vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. | 9.3 |
2017-04-12 | CVE-2017-3042 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. | 9.3 |
2017-04-12 | CVE-2017-3041 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. | 9.3 |
2017-04-12 | CVE-2017-3040 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. | 9.3 |
2017-04-12 | CVE-2017-3039 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. | 9.3 |
2017-04-12 | CVE-2017-3038 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. | 9.3 |
2017-04-12 | CVE-2017-3036 | Adobe Apple Microsoft | Out-of-bounds Write vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. | 9.3 |
2017-04-12 | CVE-2017-3035 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. | 9.3 |
2017-04-12 | CVE-2017-3034 | Adobe Apple Microsoft | Integer Underflow (Wrap or Wraparound) vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. | 9.3 |
2017-04-12 | CVE-2017-3030 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. | 9.3 |
2017-04-12 | CVE-2017-3028 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. | 9.3 |
2017-04-12 | CVE-2017-3027 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. | 9.3 |
2017-04-12 | CVE-2017-3026 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. | 9.3 |
2017-04-12 | CVE-2017-3025 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. | 9.3 |
2017-04-12 | CVE-2017-3024 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. | 9.3 |
2017-04-12 | CVE-2017-3023 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. | 9.3 |
2017-04-12 | CVE-2017-3019 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. | 9.3 |
2017-04-12 | CVE-2017-3018 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. | 9.3 |
2017-04-12 | CVE-2017-3017 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. | 9.3 |
2017-04-12 | CVE-2017-3015 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. | 9.3 |
2017-04-12 | CVE-2017-3014 | Adobe Apple Microsoft | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. | 9.3 |
2017-04-12 | CVE-2017-3013 | Adobe Apple Microsoft | Uncontrolled Search Path Element vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging. | 9.3 |
2017-04-12 | CVE-2017-3012 | Adobe Apple Microsoft | Uncontrolled Search Path Element vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. | 9.3 |
2017-04-12 | CVE-2017-3011 | Adobe Apple Microsoft | Integer Overflow or Wraparound vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. | 9.3 |
2017-04-12 | CVE-2017-3004 | Adobe Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Photoshop CC Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files. | 9.3 |
2017-04-12 | CVE-2017-0197 | Microsoft | Improper Input Validation vulnerability in Microsoft Onenote 2007/2010 Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability." | 9.3 |
2017-04-12 | CVE-2017-0166 | Microsoft | Incorrect Calculation of Buffer Size vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. | 9.3 |
2017-04-12 | CVE-2017-0106 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | 9.3 |
2017-04-10 | CVE-2016-8237 | Lenovo | Permissions, Privileges, and Access Controls vulnerability in Lenovo Updates Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code. | 9.3 |
2017-04-14 | CVE-2017-6554 | Quest | Improper Input Validation vulnerability in Quest Privilege Manager 6.0.027/6.0.050 pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action. | 9.0 |
2017-04-13 | CVE-2017-7219 | Citrix | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Netscaler Gateway Firmware A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors. | 9.0 |
2017-04-12 | CVE-2016-5313 | Symantec | OS Command Injection vulnerability in Symantec web Gateway Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands. | 9.0 |
2017-04-12 | CVE-2017-3006 | Adobe Microsoft | Incorrect Permission Assignment for Critical Resource vulnerability in Adobe Creative Cloud Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications. | 9.0 |
2017-04-11 | CVE-2017-6088 | Eyesofnetwork | SQL Injection vulnerability in Eyesofnetwork Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5) type parameter to monitoring_ged/ajax.php. | 9.0 |
2017-04-10 | CVE-2017-7622 | Deepin | Missing Authorization vulnerability in Deepin Desktop Environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. | 9.0 |
2017-04-10 | CVE-2016-5067 | Sierrawireless | Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection. | 9.0 |
2017-04-10 | CVE-2015-2880 | Trendnet | Improper Authentication vulnerability in Trendnet Tv-Ip743Sic TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account. | 9.0 |
117 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-16 | CVE-2017-7615 | Mantisbt | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Mantisbt MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php. | 8.8 |
2017-04-12 | CVE-2016-8718 | Moxa | Cross-Site Request Forgery (CSRF) vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 8.8 |
2017-04-12 | CVE-2017-0210 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 10/11 An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability." | 8.8 |
2017-04-11 | CVE-2016-4468 | Pivotal Software Cloudfoundry | SQL Injection vulnerability in multiple products SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
2017-04-11 | CVE-2016-6811 | Apache | Permissions, Privileges, and Access Controls vulnerability in Apache Hadoop In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. | 8.8 |
2017-04-14 | CVE-2016-1713 | Vtiger | Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM 6.4.0 Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. | 8.5 |
2017-04-13 | CVE-2016-8712 | Moxa | Insufficient Session Expiration vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. | 8.1 |
2017-04-11 | CVE-2015-8666 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator. | 7.9 |
2017-04-14 | CVE-2016-8602 | Artifex | Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | 7.8 |
2017-04-14 | CVE-2016-6299 | Fedoraproject Mock Project | Permissions, Privileges, and Access Controls vulnerability in multiple products The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | 7.8 |
2017-04-12 | CVE-2016-9959 | Opensuse Project Suse Opensuse Game Music EMU Project | Out-of-bounds Write vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. | 7.8 |
2017-04-12 | CVE-2016-9958 | Opensuse Project Suse Opensuse Game Music EMU Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. | 7.8 |
2017-04-12 | CVE-2016-9957 | Opensuse Project Suse Opensuse Game Music EMU Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in game-music-emu before 0.6.1. | 7.8 |
2017-04-12 | CVE-2016-4459 | Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat Enterprise Linux and MOD Cluster Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. | 7.8 |
2017-04-12 | CVE-2017-0199 | Microsoft Philips | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | 7.8 |
2017-04-10 | CVE-2015-7825 | Botan Project | Unspecified vulnerability in Botan Project Botan botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain. | 7.8 |
2017-04-10 | CVE-2015-8258 | Axis | Injection vulnerability in Axis Communications Firmware AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." | 7.8 |
2017-04-12 | CVE-2016-5856 | Linux | Permissions, Privileges, and Access Controls vulnerability in multiple products Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. | 7.6 |
2017-04-12 | CVE-2017-0205 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. | 7.6 |
2017-04-12 | CVE-2017-0202 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. | 7.6 |
2017-04-12 | CVE-2017-0201 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/9 A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. | 7.6 |
2017-04-12 | CVE-2017-0200 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. | 7.6 |
2017-04-12 | CVE-2017-0158 | Microsoft | Scripting Engine Remote Memory Corruption vulnerability in Microsoft Internet Explorer An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability." | 7.6 |
2017-04-12 | CVE-2017-0093 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. | 7.6 |
2017-04-15 | CVE-2017-7882 | Libreoffice | Out-of-bounds Write vulnerability in Libreoffice LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | 7.5 |
2017-04-14 | CVE-2017-7878 | Flatcore | SQL Injection vulnerability in Flatcore Flatcore-Cms 1.4.6 SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | 7.5 |
2017-04-14 | CVE-2017-7875 | FEH Project | Out-of-bounds Write vulnerability in FEH Project FEH In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. | 7.5 |
2017-04-14 | CVE-2017-7870 | Libreoffice | Out-of-bounds Write vulnerability in Libreoffice LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | 7.5 |
2017-04-14 | CVE-2017-7866 | Ffmpeg | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | 7.5 |
2017-04-14 | CVE-2017-7865 | Ffmpeg Debian | Out-of-bounds Write vulnerability in multiple products FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | 7.5 |
2017-04-14 | CVE-2017-7864 | Freetype | Out-of-bounds Write vulnerability in Freetype FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | 7.5 |
2017-04-14 | CVE-2017-7863 | Ffmpeg Debian | Out-of-bounds Write vulnerability in multiple products FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | 7.5 |
2017-04-14 | CVE-2017-7862 | Ffmpeg | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. | 7.5 |
2017-04-14 | CVE-2017-7861 | Grpc | Out-of-bounds Write vulnerability in Grpc Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. | 7.5 |
2017-04-14 | CVE-2017-7860 | Grpc | Out-of-bounds Write vulnerability in Grpc Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. | 7.5 |
2017-04-14 | CVE-2017-7859 | Ffmpeg | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | 7.5 |
2017-04-14 | CVE-2017-7856 | Libreoffice | Out-of-bounds Write vulnerability in Libreoffice LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | 7.5 |
2017-04-14 | CVE-2016-10328 | Freetype Oracle | Out-of-bounds Write vulnerability in multiple products FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. | 7.5 |
2017-04-14 | CVE-2016-10327 | Libreoffice | Out-of-bounds Write vulnerability in Libreoffice LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | 7.5 |
2017-04-13 | CVE-2016-8726 | Moxa | NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 7.5 |
2017-04-13 | CVE-2016-8723 | Moxa | NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 7.5 |
2017-04-13 | CVE-2016-1155 | Injection vulnerability in Google Android HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | 7.5 | |
2017-04-13 | CVE-2012-1301 | Umbraco | Improper Input Validation vulnerability in Umbraco CMS 4.7.0 The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter. | 7.5 |
2017-04-13 | CVE-2016-2566 | Samsung | SQL Injection vulnerability in Samsung Galaxy S6 Firmware G920Fxxu2Coh2 Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. | 7.5 |
2017-04-13 | CVE-2016-10324 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0 In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c. | 7.5 |
2017-04-13 | CVE-2016-6143 | SAP | Improper Access Control vulnerability in SAP Hana 1.00.73.00.389160 SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | 7.5 |
2017-04-13 | CVE-2016-4970 | Netty Redhat Apache | Infinite Loop vulnerability in multiple products handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). | 7.5 |
2017-04-13 | CVE-2016-4800 | Eclipse Microsoft | Improper Access Control vulnerability in Eclipse Jetty The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. | 7.5 |
2017-04-13 | CVE-2015-8282 | Seawell Networks | Credentials Management vulnerability in Seawell Networks Spectrum SDC 02.05.00 SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account. | 7.5 |
2017-04-13 | CVE-2015-8271 | Rtmpdump Project | Write-what-where Condition vulnerability in Rtmpdump Project Rtmpdump 2.4 The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code. | 7.5 |
2017-04-13 | CVE-2015-6674 | Inspircd Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. | 7.5 |
2017-04-13 | CVE-2017-7628 | Smart Related Articles Project | SQL Injection vulnerability in Smart Related Articles Project Smart Related Articles 1.1 The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability). | 7.5 |
2017-04-12 | CVE-2017-7748 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7747 | Wireshark Debian | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7746 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7745 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7705 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7704 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7703 | Wireshark Debian | Injection vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7702 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7701 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7280 | Unitrends | Improper Input Validation vulnerability in Unitrends Enterprise Backup 7.3.0 An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. | 7.5 |
2017-04-12 | CVE-2016-4337 | Ktools | SQL Injection vulnerability in Ktools Photostore 4.7.4 SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action. | 7.5 |
2017-04-12 | CVE-2015-7564 | Teampass | SQL Injection vulnerability in Teampass Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php. | 7.5 |
2017-04-12 | CVE-2017-6059 | Openidc | Improper Input Validation vulnerability in Openidc MOD Auth Openidc 1.8.10/1.8.10.1/1.8.10.2 Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request. | 7.5 |
2017-04-12 | CVE-2016-8716 | Moxa | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 7.5 |
2017-04-12 | CVE-2017-7719 | WEB Dorado | SQL Injection vulnerability in Web-Dorado Spider Event Calendar SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | 7.5 |
2017-04-12 | CVE-2017-2989 | Adobe | Improper Input Validation vulnerability in Adobe Campaign 6.11 Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database. | 7.5 |
2017-04-12 | CVE-2016-7958 | Wireshark | Improper Input Validation vulnerability in Wireshark 2.2.0 In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2016-7957 | Wireshark | Improper Input Validation vulnerability in Wireshark 2.2.0 In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2016-7547 | Trendmicro | 7PK - Time and State vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. | 7.5 |
2017-04-11 | CVE-2017-7695 | Bigtreecms | Unrestricted Upload of File with Dangerous Type vulnerability in Bigtreecms Bigtree CMS Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code. | 7.5 |
2017-04-11 | CVE-2017-7691 | SAP | Code Injection vulnerability in SAP Trex A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). | 7.5 |
2017-04-11 | CVE-2013-6647 | Use After Free vulnerability in Google Chrome A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | 7.5 | |
2017-04-11 | CVE-2016-4483 | Xmlsoft Debian Oracle | Deserialization of Untrusted Data vulnerability in multiple products The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. | 7.5 |
2017-04-11 | CVE-2016-0779 | Apache | Deserialization of Untrusted Data vulnerability in Apache Tomee The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object. | 7.5 |
2017-04-11 | CVE-2017-7462 | Intellinet Network | Path Traversal vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05 Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | 7.5 |
2017-04-10 | CVE-2017-7625 | Fiyo | Code Injection vulnerability in Fiyo CMS In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code. | 7.5 |
2017-04-10 | CVE-2017-7239 | Ninka Project | Injection vulnerability in Ninka Project Ninka Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename. | 7.5 |
2017-04-10 | CVE-2017-5983 | Atlassian | Deserialization of Untrusted Data vulnerability in Atlassian Jira The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. | 7.5 |
2017-04-10 | CVE-2016-6878 | Botan Project | Improper Input Validation vulnerability in Botan Project Botan The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang. | 7.5 |
2017-04-10 | CVE-2016-10311 | SAP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Netweaver Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | 7.5 |
2017-04-10 | CVE-2015-7826 | Botan Project | Improper Certificate Validation vulnerability in Botan Project Botan botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com. | 7.5 |
2017-04-10 | CVE-2017-7618 | Linux | Infinite Loop vulnerability in Linux Kernel crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue. | 7.5 |
2017-04-10 | CVE-2016-5074 | Cloudviewnms | Use of Externally-Controlled Format String vulnerability in Cloudviewnms Cloudview NMS CloudView NMS before 2.10a has a format string issue exploitable over SNMP. | 7.5 |
2017-04-10 | CVE-2016-5069 | Sierrawireless | Insufficient Session Expiration vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL. | 7.5 |
2017-04-10 | CVE-2016-5068 | Sierrawireless | Improper Authentication vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests. | 7.5 |
2017-04-10 | CVE-2016-5065 | Sierrawireless | Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection. | 7.5 |
2017-04-10 | CVE-2016-5053 | Osram | Missing Authentication for Critical Function vulnerability in Osram Lightify Home OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. | 7.5 |
2017-04-10 | CVE-2015-7273 | Dell | XXE vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. | 7.5 |
2017-04-10 | CVE-2015-7272 | Dell | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | 7.5 |
2017-04-10 | CVE-2015-7271 | Dell | Use of Externally-Controlled Format String vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | 7.5 |
2017-04-10 | CVE-2015-7265 | Proxygen Project | Improper Access Control vulnerability in Proxygen Project Proxygen Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | 7.5 |
2017-04-10 | CVE-2015-7263 | Proxygen Project | Improper Access Control vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | 7.5 |
2017-04-10 | CVE-2015-2888 | Summerinfant | Missing Authentication for Critical Function vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service. | 7.5 |
2017-04-12 | CVE-2017-0181 | Microsoft | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0180. | 7.4 |
2017-04-12 | CVE-2017-0180 | Microsoft | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0181. | 7.4 |
2017-04-12 | CVE-2017-0163 | Microsoft | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0180, and CVE-2017-0181. | 7.4 |
2017-04-12 | CVE-2017-0162 | Microsoft | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0163, CVE-2017-0180, and CVE-2017-0181. | 7.4 |
2017-04-14 | CVE-2017-7690 | Proxifier | OS Command Injection vulnerability in Proxifier Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program. | 7.2 |
2017-04-14 | CVE-2016-0727 | Canonical | Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux 12.04/14.04/16.04 The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup. | 7.2 |
2017-04-14 | CVE-2017-1205 | IBM | Local Privilege Escalation vulnerability in IBM Platform LSF IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. | 7.2 |
2017-04-14 | CVE-2017-7643 | Proxifier | Unspecified vulnerability in Proxifier Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program. | 7.2 |
2017-04-13 | CVE-2010-1821 | Apple | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | 7.2 |
2017-04-13 | CVE-2016-10123 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. | 7.2 |
2017-04-13 | CVE-2016-10122 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail does not properly clean environment variables, which allows local users to gain privileges. | 7.2 |
2017-04-13 | CVE-2016-10121 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. | 7.2 |
2017-04-13 | CVE-2016-10120 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. | 7.2 |
2017-04-13 | CVE-2016-10119 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges. | 7.2 |
2017-04-13 | CVE-2016-10117 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. | 7.2 |
2017-04-12 | CVE-2017-3005 | Adobe Microsoft | Unquoted Search Path or Element vulnerability in Adobe Photoshop CC Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability. | 7.2 |
2017-04-12 | CVE-2017-0189 | Microsoft | Local Privilege Escalation vulnerability in Microsoft Windows Kernel 'Win32k.sys' An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. | 7.2 |
2017-04-12 | CVE-2017-0165 | Microsoft | Local Privilege Escalation vulnerability in Microsoft Windows An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability." | 7.2 |
2017-04-12 | CVE-2017-0160 | Microsoft | Remote Code Execution vulnerability in Microsoft Windows .NET Framework CVE-2017-0160 Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability." | 7.2 |
2017-04-10 | CVE-2016-8235 | Lenovo | Permissions, Privileges, and Access Controls vulnerability in Lenovo Customer Care Software Development KIT Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges. | 7.2 |
2017-04-10 | CVE-2016-10323 | Synology | Permissions, Privileges, and Access Controls vulnerability in Synology Photo Station Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | 7.2 |
2017-04-10 | CVE-2015-7260 | Vertiv | Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4 Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | 7.2 |
203 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-14 | CVE-2016-7032 | Todd Miller | Improper Access Control vulnerability in Todd Miller Sudo sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function. | 6.9 |
2017-04-13 | CVE-2015-8780 | Samsung | Path Traversal vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711 Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. | 6.9 |
2017-04-12 | CVE-2017-0156 | Microsoft | Local Privilege Escalation vulnerability in Microsoft Windows Graphics Component An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when the Microsoft Graphics Component fails to properly handle objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability." | 6.9 |
2017-04-12 | CVE-2017-0155 | Microsoft | Local Privilege Escalation vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability." | 6.9 |
2017-04-11 | CVE-2016-4989 | Setroubleshoot Project Redhat | Command Injection vulnerability in multiple products setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445. | 6.9 |
2017-04-11 | CVE-2016-4446 | Setroubleshoot Project Redhat | Command Injection vulnerability in multiple products The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function. | 6.9 |
2017-04-11 | CVE-2016-4445 | Setroubleshoot Project Redhat | Command Injection vulnerability in multiple products The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function. | 6.9 |
2017-04-11 | CVE-2016-4444 | Setroubleshoot Project Redhat | Command Injection vulnerability in multiple products The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function. | 6.9 |
2017-04-15 | CVE-2017-7881 | Bigtreecms | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. | 6.8 |
2017-04-14 | CVE-2017-7877 | Flatcore | Cross-Site Request Forgery (CSRF) vulnerability in Flatcore Flatcore-Cms 1.4.6 CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations. | 6.8 |
2017-04-14 | CVE-2016-8925 | IBM | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. | 6.8 |
2017-04-13 | CVE-2015-8567 | Qemu Canonical Debian Suse Opensuse Fedoraproject | Memory Leak vulnerability in multiple products Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | 6.8 |
2017-04-13 | CVE-2016-1914 | Blackberry | SQL Injection vulnerability in Blackberry Enterprise Service Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image. | 6.8 |
2017-04-13 | CVE-2015-8283 | Seawell Networks | Path Traversal vulnerability in Seawell Networks Spectrum SDC 02.05.00 Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00. | 6.8 |
2017-04-13 | CVE-2015-8107 | GNU | Use of Externally-Controlled Format String vulnerability in GNU A2Ps 4.14 Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. | 6.8 |
2017-04-12 | CVE-2016-4891 | Setucocms Project | Cross-Site Request Forgery (CSRF) vulnerability in Setucocms Project Setucocms Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors. | 6.8 |
2017-04-12 | CVE-2015-7563 | Teampass | Cross-Site Request Forgery (CSRF) vulnerability in Teampass Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user. | 6.8 |
2017-04-11 | CVE-2015-7893 | Samsung | Improper Input Validation vulnerability in Samsung Galaxy S6 SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. | 6.8 |
2017-04-11 | CVE-2017-7461 | Intellinet Network | Path Traversal vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05 Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization. | 6.8 |
2017-04-10 | CVE-2016-4319 | Atlassian | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. | 6.8 |
2017-04-10 | CVE-2016-1516 | Opencv Debian | Double Free vulnerability in multiple products OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. | 6.8 |
2017-04-10 | CVE-2015-8255 | Axis | Cross-Site Request Forgery (CSRF) vulnerability in Axis Communications Firmware AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. | 6.8 |
2017-04-14 | CVE-2017-7717 | SAP | SQL Injection vulnerability in SAP Netweaver 7.40 SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. | 6.5 |
2017-04-14 | CVE-2017-7357 | Atlassian | Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian Hipchat Server Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file. | 6.5 |
2017-04-14 | CVE-2016-4889 | Zohocorp | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Servicedesk Plus ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. | 6.5 |
2017-04-14 | CVE-2015-6568 | Wolfcms | Improper Input Validation vulnerability in Wolfcms Wolf CMS Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. | 6.5 |
2017-04-14 | CVE-2015-6567 | Wolfcms | Improper Input Validation vulnerability in Wolfcms Wolf CMS Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. | 6.5 |
2017-04-13 | CVE-2015-8284 | Seawell Networks | Improper Access Control vulnerability in Seawell Networks Spectrum SDC 02.05.00 SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | 6.5 |
2017-04-12 | CVE-2017-7700 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. | 6.5 |
2017-04-12 | CVE-2017-7284 | Unitrends | Improper Authentication vulnerability in Unitrends Enterprise Backup 7.3.0 An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. | 6.5 |
2017-04-12 | CVE-2017-7281 | Unitrends | Unrestricted Upload of File with Dangerous Type vulnerability in Unitrends Enterprise Backup 7.3.0 An issue was discovered in Unitrends Enterprise Backup before 9.1.2. | 6.5 |
2017-04-12 | CVE-2016-4895 | Setucocms Project | Code Injection vulnerability in Setucocms Project Setucocms SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors. | 6.5 |
2017-04-12 | CVE-2016-4893 | Setucocms Project | SQL Injection vulnerability in Setucocms Project Setucocms SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2017-04-11 | CVE-2017-7694 | Getsymphony | Code Injection vulnerability in Getsymphony Symphony Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. | 6.5 |
2017-04-11 | CVE-2015-8504 | Qemu Debian | Divide By Zero vulnerability in multiple products Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | 6.5 |
2017-04-10 | CVE-2017-7647 | Solarwinds | Unspecified vulnerability in Solarwinds LOG & Event Manager SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. | 6.5 |
2017-04-10 | CVE-2016-10322 | Synology | Command Injection vulnerability in Synology Photo Station Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | 6.5 |
2017-04-10 | CVE-2017-7617 | Digium | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk and Certified Asterisk Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action. | 6.5 |
2017-04-10 | CVE-2016-5072 | Oxidforge | Code Injection vulnerability in Oxidforge Oxid Eshop OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. | 6.5 |
2017-04-10 | CVE-2015-7274 | Dell | Permissions, Privileges, and Access Controls vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | 6.5 |
2017-04-10 | CVE-2015-6028 | Castlerock | SQL Injection vulnerability in Castlerock Snmpc 12.1/9.0 Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | 6.5 |
2017-04-10 | CVE-2015-2889 | Summerinfant | Permissions, Privileges, and Access Controls vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL. | 6.5 |
2017-04-13 | CVE-2015-2947 | Grabacr NET | Confused Deputy vulnerability in Grabacr.Net Kancolleviewer KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic. | 6.4 |
2017-04-12 | CVE-2016-4896 | Setucocms Project | Permissions, Privileges, and Access Controls vulnerability in Setucocms Project Setucocms SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | 6.4 |
2017-04-12 | CVE-2016-1178 | Appleple | Improper Access Control vulnerability in Appleple A-Blog CMS The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors. | 6.4 |
2017-04-12 | CVE-2017-0186 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0185. | 6.3 |
2017-04-12 | CVE-2017-0185 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0186. | 6.3 |
2017-04-12 | CVE-2017-0183 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 6.3 |
2017-04-12 | CVE-2017-0182 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 6.3 |
2017-04-12 | CVE-2017-0179 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 6.3 |
2017-04-12 | CVE-2017-0168 | Microsoft | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0169. | 6.3 |
2017-04-13 | CVE-2016-2104 | Redhat | Cross-site Scripting vulnerability in Redhat Satellite 5.7 Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags. | 6.1 |
2017-04-13 | CVE-2015-7565 | Emberjs | Cross-site Scripting vulnerability in Emberjs Ember.Js Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
2017-04-12 | CVE-2016-8719 | Moxa | Cross-site Scripting vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 6.1 |
2017-04-14 | CVE-2015-8356 | Bitrix Project | SQL Injection vulnerability in Bitrix Project Bitrix Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php. | 6.0 |
2017-04-10 | CVE-2017-7377 | Qemu Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | 6.0 |
2017-04-10 | CVE-2016-6534 | Opmantek | Command Injection vulnerability in Opmantek Network Management Information System Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. | 6.0 |
2017-04-10 | CVE-2016-4334 | Jivesoftware | Open Redirect vulnerability in Jivesoftware Jive Jive before 2016.3.1 has an open redirect from the external-link.jspa page. | 5.8 |
2017-04-13 | CVE-2016-8725 | Moxa | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. | 5.3 |
2017-04-13 | CVE-2016-8724 | Moxa | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 5.3 |
2017-04-13 | CVE-2016-8722 | Moxa | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. | 5.3 |
2017-04-12 | CVE-2017-0184 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0185, and CVE-2017-0186. | 5.2 |
2017-04-12 | CVE-2017-0178 | Microsoft | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 5.2 |
2017-04-12 | CVE-2017-0169 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows 8.1 and Windows Server 2012 An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. | 5.2 |
2017-04-14 | CVE-2017-7879 | Flatcore | SQL Injection vulnerability in Flatcore Flatcore-Cms 1.4.6 SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database. | 5.0 |
2017-04-14 | CVE-2017-7696 | SAP | Allocation of Resources Without Limits or Throttling vulnerability in SAP SSO Authentication Library 2.0/3.0 SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | 5.0 |
2017-04-14 | CVE-2016-7051 | Fasterxml | Server-Side Request Forgery (SSRF) vulnerability in Fasterxml Jackson-Dataformat-Xml XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. | 5.0 |
2017-04-14 | CVE-2016-6489 | Redhat Canonical Nettle Project | Information Exposure Through Discrepancy vulnerability in multiple products The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. | 5.0 |
2017-04-14 | CVE-2016-4890 | Zohocorp | 7PK - Security Features vulnerability in Zohocorp Servicedesk Plus 9.0 ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method for generating cookies, which makes it easier for attackers to obtain sensitive password information by leveraging access to a cookie. | 5.0 |
2017-04-14 | CVE-2016-3104 | Mongodb | Resource Exhaustion vulnerability in Mongodb 2.4.0/2.6.0 mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database. | 5.0 |
2017-04-14 | CVE-2017-7456 | Moxa | Improper Input Validation vulnerability in Moxa Mxview 2.8 Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. | 5.0 |
2017-04-14 | CVE-2017-7455 | Moxa | Information Exposure vulnerability in Moxa Mxview 2.8 Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. | 5.0 |
2017-04-14 | CVE-2017-7408 | Paloaltonetworks | Improper Input Validation vulnerability in Paloaltonetworks Traps 3.4.3 Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | 5.0 |
2017-04-14 | CVE-2017-7869 | GNU | Out-of-bounds Write vulnerability in GNU Gnutls GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. | 5.0 |
2017-04-14 | CVE-2017-7868 | ICU Project Debian | Out-of-bounds Write vulnerability in multiple products International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. | 5.0 |
2017-04-14 | CVE-2017-7867 | ICU Project Debian | Out-of-bounds Write vulnerability in multiple products International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. | 5.0 |
2017-04-13 | CVE-2016-8727 | Moxa | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. | 5.0 |
2017-04-13 | CVE-2015-8619 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | 5.0 |
2017-04-13 | CVE-2015-4646 | Squashfs Project | Improper Input Validation vulnerability in Squashfs Project Squashfs (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. | 5.0 |
2017-04-13 | CVE-2013-6648 | Skia | Unspecified vulnerability in Google Skia SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). | 5.0 |
2017-04-13 | CVE-2017-7853 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 5.0.0 In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS. | 5.0 |
2017-04-13 | CVE-2016-10326 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0 In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. | 5.0 |
2017-04-13 | CVE-2016-10325 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0 In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS. | 5.0 |
2017-04-13 | CVE-2016-3106 | Pulpproject | Race Condition vulnerability in Pulpproject Pulp 2.8.21 Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner. | 5.0 |
2017-04-13 | CVE-2016-1132 | Docomo | Improper Certificate Validation vulnerability in Docomo Shoplat Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. | 5.0 |
2017-04-13 | CVE-2015-8270 | Rtmpdump Project | NULL Pointer Dereference vulnerability in Rtmpdump Project Rtmpdump 2.4 The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash). | 5.0 |
2017-04-13 | CVE-2012-6697 | Inspire Ircd Debian | Resource Management Errors vulnerability in multiple products InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop). | 5.0 |
2017-04-13 | CVE-2017-7627 | Smart Related Articles Project | Unspecified vulnerability in Smart Related Articles Project Smart Related Articles 1.1 The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check). | 5.0 |
2017-04-12 | CVE-2017-5936 | Canonical Openstack | Security Bypass vulnerability in OpenStack Nova-LXD OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions. | 5.0 |
2017-04-12 | CVE-2016-4894 | Setucocms Project | Multiple Security vulnerability in SetucoCMS SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors. | 5.0 |
2017-04-10 | CVE-2016-5041 | Libdwarf Project | NULL Pointer Dereference vulnerability in Libdwarf Project Libdwarf dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name. | 5.0 |
2017-04-10 | CVE-2017-7345 | Netapp | Information Exposure vulnerability in Netapp Clustered Data Ontap NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2017-04-10 | CVE-2017-7185 | Cesanta | Use After Free vulnerability in Cesanta Mongoose Embedded web Server Library and Mongoose OS Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string. | 5.0 |
2017-04-10 | CVE-2017-5988 | Netapp | Denial of Service vulnerability in NetApp Clustered Data ONTAP NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | 5.0 |
2017-04-10 | CVE-2016-6879 | Botan Project | Key Management Errors vulnerability in Botan Project Botan The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value. | 5.0 |
2017-04-10 | CVE-2015-7824 | Botan Project | Information Exposure vulnerability in Botan Project Botan botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. | 5.0 |
2017-04-10 | CVE-2017-7619 | Imagemagick | Infinite Loop vulnerability in Imagemagick 7.0.49 In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. | 5.0 |
2017-04-10 | CVE-2017-6190 | Dlink | Path Traversal vulnerability in Dlink Dwr-116 Firmware V1.00(Cp)B10/V1.01(Eu)/V1.05(Au) Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. | 5.0 |
2017-04-10 | CVE-2016-6605 | Cloudera | Improper Access Control vulnerability in Cloudera CDH Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. | 5.0 |
2017-04-10 | CVE-2016-10321 | Web2Py | 7PK - Security Features vulnerability in Web2Py web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks. | 5.0 |
2017-04-10 | CVE-2015-8378 | Keepassx Project | Information Exposure vulnerability in Keepassx Project Keepassx In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. | 5.0 |
2017-04-10 | CVE-2016-5076 | Cloudviewnms | Information Exposure vulnerability in Cloudviewnms Cloudview NMS CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def. | 5.0 |
2017-04-10 | CVE-2016-5070 | Sierrawireless | Credentials Management vulnerability in Sierrawireless Aleos Firmware 4.3.2 Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext. | 5.0 |
2017-04-10 | CVE-2016-5058 | Osram | Improper Access Control vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. | 5.0 |
2017-04-10 | CVE-2016-5057 | Osram | 7PK - Security Features vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. | 5.0 |
2017-04-10 | CVE-2016-5056 | Osram | Inadequate Encryption Strength vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. | 5.0 |
2017-04-10 | CVE-2016-5054 | Osram | Improper Access Control vulnerability in Osram Lightify Home OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. | 5.0 |
2017-04-10 | CVE-2016-5052 | Osram | 7PK - Security Features vulnerability in Osram Lightify Home OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning. | 5.0 |
2017-04-10 | CVE-2016-5051 | Osram | Information Exposure vulnerability in Osram Lightify Home OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. | 5.0 |
2017-04-10 | CVE-2015-2886 | Ibaby | Information Exposure vulnerability in Ibaby M6 Baby Monitor Firmware iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service. | 5.0 |
2017-04-10 | CVE-2015-2884 | Philips | Information Exposure vulnerability in Philips In.Sight B12037 Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. | 5.0 |
2017-04-10 | CVE-2014-2960 | Visioncritical | Information Exposure vulnerability in Visioncritical Vision Critical 20140530 Vision Critical before 2014-05-30 allows attackers to read arbitrary files via unspecified vectors, as demonstrated by image files and configuration files. | 5.0 |
2017-04-13 | CVE-2015-8223 | Huawei | Permission Issues vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver. | 4.9 |
2017-04-13 | CVE-2015-7740 | Huawei | Improper Input Validation vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver. | 4.9 |
2017-04-11 | CVE-2016-5011 | Kernel Redhat IBM | The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. | 4.9 |
2017-04-11 | CVE-2015-8568 | Qemu Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | 4.7 |
2017-04-11 | CVE-2017-5969 | Xmlsoft | NULL Pointer Dereference vulnerability in Xmlsoft Libxml2 2.9.4 libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. | 4.7 |
2017-04-14 | CVE-2017-7218 | Paloaltonetworks | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 4.6 |
2017-04-13 | CVE-2016-4031 | Samsung | Improper Access Control vulnerability in Samsung products Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301. | 4.6 |
2017-04-13 | CVE-2016-4030 | Samsung | Improper Access Control vulnerability in Samsung products Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301. | 4.6 |
2017-04-13 | CVE-2015-1839 | Saltstack Fedoraproject | Data Processing Errors vulnerability in multiple products modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | 4.6 |
2017-04-13 | CVE-2015-1838 | Saltstack Fedoraproject | Data Processing Errors vulnerability in multiple products modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | 4.6 |
2017-04-12 | CVE-2017-3007 | Adobe Microsoft | Untrusted Search Path vulnerability in Adobe Creative Cloud Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications. | 4.6 |
2017-04-11 | CVE-2017-5873 | Unisys | Unquoted Search Path or Element vulnerability in Unisys Secure Partitioning 4.3.403/4.4.19 Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. | 4.6 |
2017-04-10 | CVE-2015-7270 | Dell | Path Traversal vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | 4.6 |
2017-04-14 | CVE-2017-7871 | TDM Project | Cross-site Scripting vulnerability in TDM Project TDM 20170412 trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in tdm-master/webhook.php (challenge parameter). | 4.3 |
2017-04-14 | CVE-2016-5310 | Broadcom Symantec | Out-of-bounds Write vulnerability in multiple products The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression. | 4.3 |
2017-04-14 | CVE-2016-5309 | Broadcom Symantec | Out-of-bounds Read vulnerability in multiple products The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression. | 4.3 |
2017-04-14 | CVE-2016-4875 | Assist Project Databox Project Userbox Project | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-04-13 | CVE-2016-8720 | Moxa | Injection vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 4.3 |
2017-04-13 | CVE-2017-7725 | Concretecms | Cross-site Scripting vulnerability in Concretecms Concrete CMS 8.1.0 concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. | 4.3 |
2017-04-13 | CVE-2013-6662 | Improper Certificate Validation vulnerability in Google Chrome Google Chrome caches TLS sessions before certificate validation occurs. | 4.3 | |
2017-04-13 | CVE-2017-7854 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 1.3.0 The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | 4.3 |
2017-04-13 | CVE-2016-4068 | Opensuse Roundcube | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864. | 4.3 |
2017-04-13 | CVE-2016-1915 | Blackberry | Cross-site Scripting vulnerability in Blackberry Enterprise Service Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp. | 4.3 |
2017-04-13 | CVE-2015-8864 | Opensuse Roundcube | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. | 4.3 |
2017-04-13 | CVE-2015-8272 | Rtmpdump Project | NULL Pointer Dereference vulnerability in Rtmpdump Project Rtmpdump 2.4 RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). | 4.3 |
2017-04-13 | CVE-2014-2710 | Oliver Project | Cross-site Scripting vulnerability in Oliver Project Oliver Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php). | 4.3 |
2017-04-13 | CVE-2017-7626 | Smart Related Articles Project | Cross-site Scripting vulnerability in Smart Related Articles Project Smart Related Articles 1.1 The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method). | 4.3 |
2017-04-12 | CVE-2016-6348 | Redhat | Cross-site Scripting vulnerability in Redhat Resteasy JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack. | 4.3 |
2017-04-12 | CVE-2016-4897 | Webmin | Cross-site Scripting vulnerability in Webmin Usermin Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690. | 4.3 |
2017-04-12 | CVE-2016-4892 | Setucocms Project | Cross-site Scripting vulnerability in Setucocms Project Setucocms Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-04-12 | CVE-2016-2803 | Mozilla | Cross-site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2017-04-12 | CVE-2016-1179 | Appleple | Cross-site Scripting vulnerability in Appleple A-Blog CMS Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2017-04-12 | CVE-2015-7562 | Teampass | Cross-site Scripting vulnerability in Teampass Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role. | 4.3 |
2017-04-12 | CVE-2017-7742 | Libsndfile Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 4.3 |
2017-04-12 | CVE-2017-7741 | Libsndfile Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 4.3 |
2017-04-12 | CVE-2017-7716 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 1.3.0 The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | 4.3 |
2017-04-12 | CVE-2017-3125 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortimail An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker. | 4.3 |
2017-04-12 | CVE-2017-3053 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files. | 4.3 |
2017-04-12 | CVE-2017-3052 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format. | 4.3 |
2017-04-12 | CVE-2017-3046 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing. | 4.3 |
2017-04-12 | CVE-2017-3045 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box. | 4.3 |
2017-04-12 | CVE-2017-3043 | Adobe Apple Microsoft | Information Exposure vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality. | 4.3 |
2017-04-12 | CVE-2017-3033 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data. | 4.3 |
2017-04-12 | CVE-2017-3032 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser. | 4.3 |
2017-04-12 | CVE-2017-3031 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine. | 4.3 |
2017-04-12 | CVE-2017-3029 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream. | 4.3 |
2017-04-12 | CVE-2017-3022 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file. | 4.3 |
2017-04-12 | CVE-2017-3021 | Adobe Apple Microsoft | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine. | 4.3 |
2017-04-12 | CVE-2017-3020 | Adobe Apple Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module. | 4.3 |
2017-04-12 | CVE-2017-0211 | Microsoft | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability." | 4.3 |
2017-04-12 | CVE-2017-0208 | Microsoft | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. | 4.3 |
2017-04-12 | CVE-2017-0207 | Microsoft | Spoofing vulnerability in Microsoft Outlook 2011 Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability." | 4.3 |
2017-04-12 | CVE-2017-0204 | Microsoft | Security Bypass vulnerability in Microsoft Office Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." | 4.3 |
2017-04-12 | CVE-2017-0203 | Microsoft | Security Bypass vulnerability in Microsoft Edge A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. | 4.3 |
2017-04-12 | CVE-2017-0194 | Microsoft | Information Exposure vulnerability in Microsoft Excel and Office Compatibility Pack Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." | 4.3 |
2017-04-12 | CVE-2017-0192 | Microsoft | Information Exposure vulnerability in Microsoft products The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially crafted document or an untrusted website, aka "ATMFD.dll Information Disclosure Vulnerability." | 4.3 |
2017-04-12 | CVE-2017-0159 | Microsoft | Security Bypass vulnerability in Microsoft products A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability." | 4.3 |
2017-04-11 | CVE-2017-7697 | Libsamplerate Project Debian | Out-of-bounds Read vulnerability in multiple products In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. | 4.3 |
2017-04-11 | CVE-2014-9837 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick 6.9.01 coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. | 4.3 |
2017-04-11 | CVE-2014-8562 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | 4.3 |
2017-04-11 | CVE-2014-8355 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | 4.3 |
2017-04-11 | CVE-2014-8354 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | 4.3 |
2017-04-11 | CVE-2016-5322 | Libtiff Debian | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 4.3 |
2017-04-11 | CVE-2016-10259 | Bluecoat | Resource Management Errors vulnerability in Bluecoat products Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. | 4.3 |
2017-04-11 | CVE-2017-7621 | Auromeera | Cross-site Scripting vulnerability in Auromeera Emli 1.0 Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. | 4.3 |
2017-04-10 | CVE-2017-7648 | Foscam | Use of Hard-coded Credentials vulnerability in Foscam products Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 4.3 |
2017-04-10 | CVE-2017-7624 | Entropymine | Missing Release of Resource after Effective Lifetime vulnerability in Entropymine Imageworsener 1.3.0 The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | 4.3 |
2017-04-10 | CVE-2017-7623 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.0 The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 4.3 |
2017-04-10 | CVE-2016-5682 | Smartbear | Cross-site Scripting vulnerability in Smartbear Swagger-Ui Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section. | 4.3 |
2017-04-10 | CVE-2016-5078 | Paessler | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor Paessler PRTG before 16.2.24.4045 has XSS via SNMP. | 4.3 |
2017-04-10 | CVE-2016-5077 | Netikus | Cross-site Scripting vulnerability in Netikus Eventsentry 3.2.1.22/3.2.1.30/3.2.1.8 Netikus EventSentry before 3.2.1.44 has XSS via SNMP. | 4.3 |
2017-04-10 | CVE-2016-5075 | Cloudviewnms | Cross-site Scripting vulnerability in Cloudviewnms Cloudview NMS CloudView NMS before 2.10a has XSS via a TELNET login. | 4.3 |
2017-04-10 | CVE-2016-5073 | Cloudviewnms | Cross-site Scripting vulnerability in Cloudviewnms Cloudview NMS CloudView NMS before 2.10a has XSS via SNMP. | 4.3 |
2017-04-10 | CVE-2016-5055 | Osram | Cross-site Scripting vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page. | 4.3 |
2017-04-10 | CVE-2016-1517 | Opencv | Improper Input Validation vulnerability in Opencv 3.0.0 OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks. | 4.3 |
2017-04-10 | CVE-2015-8276 | Eparaksts | Information Exposure vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3 LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files. | 4.3 |
2017-04-10 | CVE-2015-8275 | Eparaksts | Improper Access Control vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3 LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | 4.3 |
2017-04-10 | CVE-2015-7275 | Dell | Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS. | 4.3 |
2017-04-10 | CVE-2015-6035 | Opsview | Cross-site Scripting vulnerability in Opsview Opsview before 2015-11-06 has XSS via SNMP. | 4.3 |
2017-04-10 | CVE-2015-6027 | Castlerock | Cross-site Scripting vulnerability in Castlerock Snmpc 12.1/9.0 Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. | 4.3 |
2017-04-10 | CVE-2015-6021 | Spiceworks | Cross-site Scripting vulnerability in Spiceworks Desktop Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. | 4.3 |
2017-04-14 | CVE-2016-5312 | Symantec | Path Traversal vulnerability in Symantec Messaging Gateway Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2017-04-14 | CVE-2017-1152 | IBM | Session Fixation vulnerability in IBM Financial Transaction Manager 3.0.1.0/3.0.2.0 IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. | 4.0 |
2017-04-14 | CVE-2016-8926 | IBM | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. | 4.0 |
2017-04-14 | CVE-2017-7217 | Paloaltonetworks | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | 4.0 |
2017-04-11 | CVE-2017-5672 | Kony | Information Exposure vulnerability in Kony Enterprise Mobile Management 1.2 Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request. | 4.0 |
2017-04-10 | CVE-2017-7646 | Solarwinds | Information Exposure vulnerability in Solarwinds LOG & Event Manager SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. | 4.0 |
2017-04-10 | CVE-2016-10310 | SAP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SQL Anywhere 11.0/16.0/17.0 Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778. | 4.0 |
2017-04-10 | CVE-2016-10304 | SAP | Deserialization of Untrusted Data vulnerability in SAP Netweaver 7.5 The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788. | 4.0 |
2017-04-10 | CVE-2016-5059 | Osram | Information Exposure vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | 4.0 |
2017-04-10 | CVE-2016-4320 | Atlassian | Path Traversal vulnerability in Atlassian Bitbucket Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource. | 4.0 |
29 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-04-14 | CVE-2017-7188 | Zurmo | Cross-site Scripting vulnerability in Zurmo CRM Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. | 3.5 |
2017-04-14 | CVE-2016-4888 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Servicedesk Plus 9.0 Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceDesk Plus before 9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2017-04-14 | CVE-2016-8927 | IBM | Cross-site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. | 3.5 |
2017-04-13 | CVE-2014-3887 | Iodata | Cross-site Scripting vulnerability in Iodata Rockdisk Firmware Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2017-04-12 | CVE-2017-0195 | Microsoft | Cross-site Scripting vulnerability in Microsoft products Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft Office XSS Elevation of Privilege Vulnerability." | 3.5 |
2017-04-12 | CVE-2017-0191 | Microsoft | Denial of Service vulnerability in Microsoft Windows A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. | 3.5 |
2017-04-12 | CVE-2017-0164 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | 3.5 |
2017-04-11 | CVE-2016-7467 | F5 | Improper Input Validation vulnerability in F5 Big-Ip Access Policy Manager The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector. | 3.5 |
2017-04-10 | CVE-2017-5607 | Splunk | Information Exposure vulnerability in Splunk Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage. | 3.5 |
2017-04-10 | CVE-2016-5642 | Opmantek | Cross-site Scripting vulnerability in Opmantek Network Management Information System Opmantek NMIS before 8.5.12G has XSS via SNMP. | 3.5 |
2017-04-10 | CVE-2016-4318 | Atlassian | Cross-site Scripting vulnerability in Atlassian Jira Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. | 3.5 |
2017-04-10 | CVE-2016-4317 | Atlassian | Cross-site Scripting vulnerability in Atlassian Confluence Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page. | 3.5 |
2017-04-10 | CVE-2015-2883 | Philips | Cross-site Scripting vulnerability in Philips In.Sight B12037 Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. | 3.5 |
2017-04-14 | CVE-2016-4455 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat products The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories. | 3.3 |
2017-04-13 | CVE-2016-7834 | Sony | Information Exposure vulnerability in Sony SNC Series Firmware SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. | 3.3 |
2017-04-14 | CVE-2016-7060 | Redhat | Information Exposure vulnerability in Redhat Quickstart Cloud Installer 1.0 The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the display. | 2.1 |
2017-04-13 | CVE-2015-8345 | Qemu Debian | Resource Management Errors vulnerability in multiple products The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 2.1 |
2017-04-13 | CVE-2016-4032 | Samsung | Improper Access Control vulnerability in Samsung products Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301. | 2.1 |
2017-04-13 | CVE-2016-2567 | Samsung | Improper Input Validation vulnerability in Samsung Galaxy Note 3 Firmware and Galaxy S6 Firmware secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL. | 2.1 |
2017-04-13 | CVE-2016-2565 | Samsung | Information Exposure vulnerability in Samsung Galaxy S6 Firmware G920Fxxu2Coh2 Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081. | 2.1 |
2017-04-13 | CVE-2016-2036 | Samsung | NULL Pointer Dereference vulnerability in Samsung Galaxy Note 3 Firmware and Galaxy S6 Firmware The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036. | 2.1 |
2017-04-13 | CVE-2016-10118 | Firejail Project | Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /. | 2.1 |
2017-04-12 | CVE-2017-0188 | Microsoft | Information Exposure vulnerability in Microsoft products A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. | 2.1 |
2017-04-12 | CVE-2017-0167 | Microsoft | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. | 2.1 |
2017-04-11 | CVE-2014-8716 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash). | 2.1 |
2017-04-10 | CVE-2017-7616 | Linux | 7PK - Errors vulnerability in Linux Kernel Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. | 2.1 |
2017-04-14 | CVE-2017-7457 | Moxa | XXE vulnerability in Moxa Mx-Aopc Server 1.5 XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure. | 1.9 |
2017-04-12 | CVE-2017-0058 | Microsoft | Information Exposure vulnerability in Microsoft products A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. | 1.9 |
2017-04-11 | CVE-2015-8613 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 1.9 |