Weekly Vulnerabilities Reports > April 10 to 16, 2017

Overview

428 new vulnerabilities reported during this period, including 79 critical vulnerabilities and 117 high severity vulnerabilities. This weekly summary report vulnerabilities in 411 products from 155 vendors including Microsoft, Adobe, Apple, Debian, and Moxa. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "Out-of-bounds Write".

  • 357 reported vulnerabilities are remotely exploitables.
  • 49 reported vulnerabilities have public exploit available.
  • 110 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 352 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 102 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 47 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

79 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-13 CVE-2016-6818 SAP SQL Injection vulnerability in SAP Business Intelligence Platform

SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL query.

10.0
2017-04-13 CVE-2016-4899 Novastor Improper Input Validation vulnerability in Novastor Novabackup Datacenter

The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors.

10.0
2017-04-13 CVE-2016-4898 Novastor Improper Input Validation vulnerability in Novastor Novabackup Datacenter

The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors.

10.0
2017-04-12 CVE-2017-7279 Unitrends Reliance on Cookies without Validation and Integrity Checking vulnerability in Unitrends Enterprise Backup 7.3.0

An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.

10.0
2017-04-12 CVE-2017-7722 Solarwinds Command Injection vulnerability in Solarwinds LOG & Event Manager 6.3.1

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password).

10.0
2017-04-12 CVE-2017-3063 Adobe
Microsoft
Apple
Google
Linux
Use After Free vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class.

10.0
2017-04-12 CVE-2017-3062 Adobe
Microsoft
Apple
Google
Linux
Use After Free vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property.

10.0
2017-04-12 CVE-2017-3061 Adobe
Microsoft
Apple
Google
Linux
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser.

10.0
2017-04-12 CVE-2017-3060 Adobe
Microsoft
Apple
Google
Linux
Out-of-bounds Read vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser.

10.0
2017-04-12 CVE-2017-3059 Adobe
Microsoft
Apple
Google
Linux
Use After Free vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object.

10.0
2017-04-12 CVE-2017-3037 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine.

10.0
2017-04-12 CVE-2017-7588 Brother Improper Authentication vulnerability in Brother products

On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt.

10.0
2017-04-12 CVE-2016-7552 Trendmicro Path Traversal vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062

On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root.

10.0
2017-04-11 CVE-2017-7689 Schneider Electric Command Injection vulnerability in Schneider-Electric Homelynk Controller Lss100100 Firmware 1.3.0

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.

10.0
2017-04-10 CVE-2016-5071 Sierrawireless Permissions, Privileges, and Access Controls vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.

10.0
2017-04-10 CVE-2016-5066 Sierrawireless Credentials Management vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.

10.0
2017-04-10 CVE-2015-7292 Amazon Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Amazon Fire OS

Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.

10.0
2017-04-10 CVE-2015-2887 Ibaby Use of Hard-coded Credentials vulnerability in Ibaby M3S Baby Monitor Firmware

iBaby M3S has a password of admin for the backdoor admin account.

10.0
2017-04-10 CVE-2015-2885 Lens Laboratories Use of Hard-coded Credentials vulnerability in Lens Laboratories Peek-A-View Firmware

Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.

10.0
2017-04-10 CVE-2015-2882 Philips Use of Hard-coded Credentials vulnerability in Philips In.Sight B12037

Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account.

10.0
2017-04-10 CVE-2015-2881 Gynoii Use of Hard-coded Credentials vulnerability in Gynoii Gcw-1010, Gcw-1020 and Gpw-1025

Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.

10.0
2017-04-14 CVE-2017-7858 Freetype Out-of-bounds Write vulnerability in Freetype

FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

9.8
2017-04-14 CVE-2017-7857 Freetype Out-of-bounds Write vulnerability in Freetype 2.7/2.7.0/2.7.1

FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

9.8
2017-04-13 CVE-2014-7921 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges.

9.8
2017-04-13 CVE-2014-7920 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges.

9.8
2017-04-13 CVE-2016-2555 Atutor SQL Injection vulnerability in Atutor 2.2.1

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

9.8
2017-04-12 CVE-2016-6808 Apache Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Tomcat JK Connector

Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.

9.8
2017-04-11 CVE-2016-1908 Openbsd
Debian
Oracle
Redhat
Improper Authentication vulnerability in multiple products

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

9.8
2017-04-10 CVE-2015-7264 Proxygen Project Injection vulnerability in Proxygen Project Proxygen

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.

9.8
2017-04-13 CVE-2010-1816 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and mac OS X Server

Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.

9.3
2017-04-12 CVE-2017-3065 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality.

9.3
2017-04-12 CVE-2017-3064 Adobe
Microsoft
Apple
Google
Linux
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline.

9.3
2017-04-12 CVE-2017-3058 Adobe
Microsoft
Apple
Google
Linux
Use After Free vulnerability in Adobe Flash Player

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class.

9.3
2017-04-12 CVE-2017-3057 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality.

9.3
2017-04-12 CVE-2017-3056 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation.

9.3
2017-04-12 CVE-2017-3055 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag.

9.3
2017-04-12 CVE-2017-3054 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files.

9.3
2017-04-12 CVE-2017-3051 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files.

9.3
2017-04-12 CVE-2017-3050 Adobe
Apple
Microsoft
Out-of-bounds Write vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files.

9.3
2017-04-12 CVE-2017-3049 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files.

9.3
2017-04-12 CVE-2017-3048 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files.

9.3
2017-04-12 CVE-2017-3047 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API.

9.3
2017-04-12 CVE-2017-3044 Adobe
Apple
Microsoft
Out-of-bounds Write vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling.

9.3
2017-04-12 CVE-2017-3042 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files.

9.3
2017-04-12 CVE-2017-3041 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin.

9.3
2017-04-12 CVE-2017-3040 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module.

9.3
2017-04-12 CVE-2017-3039 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler.

9.3
2017-04-12 CVE-2017-3038 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data.

9.3
2017-04-12 CVE-2017-3036 Adobe
Apple
Microsoft
Out-of-bounds Write vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format.

9.3
2017-04-12 CVE-2017-3035 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine.

9.3
2017-04-12 CVE-2017-3034 Adobe
Apple
Microsoft
Integer Underflow (Wrap or Wraparound) vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality.

9.3
2017-04-12 CVE-2017-3030 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module.

9.3
2017-04-12 CVE-2017-3028 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files.

9.3
2017-04-12 CVE-2017-3027 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element.

9.3
2017-04-12 CVE-2017-3026 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure.

9.3
2017-04-12 CVE-2017-3025 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation.

9.3
2017-04-12 CVE-2017-3024 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations.

9.3
2017-04-12 CVE-2017-3023 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality.

9.3
2017-04-12 CVE-2017-3019 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser.

9.3
2017-04-12 CVE-2017-3018 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality.

9.3
2017-04-12 CVE-2017-3017 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file.

9.3
2017-04-12 CVE-2017-3015 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality.

9.3
2017-04-12 CVE-2017-3014 Adobe
Apple
Microsoft
Use After Free vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality.

9.3
2017-04-12 CVE-2017-3013 Adobe
Apple
Microsoft
Uncontrolled Search Path Element vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.

9.3
2017-04-12 CVE-2017-3012 Adobe
Apple
Microsoft
Uncontrolled Search Path Element vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.

9.3
2017-04-12 CVE-2017-3011 Adobe
Apple
Microsoft
Integer Overflow or Wraparound vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter.

9.3
2017-04-12 CVE-2017-3004 Adobe
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Photoshop CC

Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files.

9.3
2017-04-12 CVE-2017-0197 Microsoft Improper Input Validation vulnerability in Microsoft Onenote 2007/2010

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."

9.3
2017-04-12 CVE-2017-0166 Microsoft Incorrect Calculation of Buffer Size vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated.

9.3
2017-04-12 CVE-2017-0106 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook

Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2017-04-10 CVE-2016-8237 Lenovo Permissions, Privileges, and Access Controls vulnerability in Lenovo Updates

Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.

9.3
2017-04-14 CVE-2017-6554 Quest Improper Input Validation vulnerability in Quest Privilege Manager 6.0.027/6.0.050

pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.

9.0
2017-04-13 CVE-2017-7219 Citrix Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Netscaler Gateway Firmware

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

9.0
2017-04-12 CVE-2016-5313 Symantec OS Command Injection vulnerability in Symantec web Gateway

Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands.

9.0
2017-04-12 CVE-2017-3006 Adobe
Microsoft
Incorrect Permission Assignment for Critical Resource vulnerability in Adobe Creative Cloud

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.

9.0
2017-04-11 CVE-2017-6088 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork

Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5) type parameter to monitoring_ged/ajax.php.

9.0
2017-04-10 CVE-2017-7622 Deepin Missing Authorization vulnerability in Deepin Desktop Environment

dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus.

9.0
2017-04-10 CVE-2016-5067 Sierrawireless Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.

9.0
2017-04-10 CVE-2015-2880 Trendnet Improper Authentication vulnerability in Trendnet Tv-Ip743Sic

TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.

9.0

117 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-16 CVE-2017-7615 Mantisbt Weak Password Recovery Mechanism for Forgotten Password vulnerability in Mantisbt

MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.

8.8
2017-04-12 CVE-2016-8718 Moxa Cross-Site Request Forgery (CSRF) vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

8.8
2017-04-12 CVE-2017-0210 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 10/11

An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability."

8.8
2017-04-11 CVE-2016-4468 Pivotal Software
Cloudfoundry
SQL Injection vulnerability in multiple products

SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

8.8
2017-04-11 CVE-2016-6811 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Hadoop

In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

8.8
2017-04-14 CVE-2016-1713 Vtiger Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM 6.4.0

Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/.

8.5
2017-04-13 CVE-2016-8712 Moxa Insufficient Session Expiration vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1.

8.1
2017-04-11 CVE-2015-8666 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.

7.9
2017-04-14 CVE-2016-8602 Artifex Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.

7.8
2017-04-14 CVE-2016-6299 Fedoraproject
Mock Project
Permissions, Privileges, and Access Controls vulnerability in multiple products

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.

7.8
2017-04-12 CVE-2016-9959 Opensuse Project
Suse
Opensuse
Game Music EMU Project
Out-of-bounds Write vulnerability in multiple products

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

7.8
2017-04-12 CVE-2016-9958 Opensuse Project
Suse
Opensuse
Game Music EMU Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

7.8
2017-04-12 CVE-2016-9957 Opensuse Project
Suse
Opensuse
Game Music EMU Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Stack-based buffer overflow in game-music-emu before 0.6.1.

7.8
2017-04-12 CVE-2016-4459 Redhat Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat Enterprise Linux and MOD Cluster

Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.

7.8
2017-04-12 CVE-2017-0199 Microsoft
Philips
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."
7.8
2017-04-10 CVE-2015-7825 Botan Project Unspecified vulnerability in Botan Project Botan

botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.

7.8
2017-04-10 CVE-2015-8258 Axis Injection vulnerability in Axis Communications Firmware

AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."

7.8
2017-04-12 CVE-2016-5856 Linux
Google
Permissions, Privileges, and Access Controls vulnerability in multiple products

Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.

7.6
2017-04-12 CVE-2017-0205 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory.

7.6
2017-04-12 CVE-2017-0202 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.

7.6
2017-04-12 CVE-2017-0201 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/9

A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory.

7.6
2017-04-12 CVE-2017-0200 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory.

7.6
2017-04-12 CVE-2017-0158 Microsoft Scripting Engine Remote Memory Corruption vulnerability in Microsoft Internet Explorer

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

7.6
2017-04-12 CVE-2017-0093 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers.

7.6
2017-04-15 CVE-2017-7882 Libreoffice Out-of-bounds Write vulnerability in Libreoffice

LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.

7.5
2017-04-14 CVE-2017-7878 Flatcore SQL Injection vulnerability in Flatcore Flatcore-Cms 1.4.6

SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database.

7.5
2017-04-14 CVE-2017-7875 FEH Project Out-of-bounds Write vulnerability in FEH Project FEH

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message.

7.5
2017-04-14 CVE-2017-7870 Libreoffice Out-of-bounds Write vulnerability in Libreoffice

LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.

7.5
2017-04-14 CVE-2017-7866 Ffmpeg Out-of-bounds Write vulnerability in Ffmpeg

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.

7.5
2017-04-14 CVE-2017-7865 Ffmpeg
Debian
Out-of-bounds Write vulnerability in multiple products

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.

7.5
2017-04-14 CVE-2017-7864 Freetype Out-of-bounds Write vulnerability in Freetype

FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.

7.5
2017-04-14 CVE-2017-7863 Ffmpeg
Debian
Out-of-bounds Write vulnerability in multiple products

FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.

7.5
2017-04-14 CVE-2017-7862 Ffmpeg Out-of-bounds Write vulnerability in Ffmpeg

FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.

7.5
2017-04-14 CVE-2017-7861 Grpc Out-of-bounds Write vulnerability in Grpc

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.

7.5
2017-04-14 CVE-2017-7860 Grpc Out-of-bounds Write vulnerability in Grpc

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.

7.5
2017-04-14 CVE-2017-7859 Ffmpeg Out-of-bounds Write vulnerability in Ffmpeg

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.

7.5
2017-04-14 CVE-2017-7856 Libreoffice Out-of-bounds Write vulnerability in Libreoffice

LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.

7.5
2017-04-14 CVE-2016-10328 Freetype
Oracle
Out-of-bounds Write vulnerability in multiple products

FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

7.5
2017-04-14 CVE-2016-10327 Libreoffice Out-of-bounds Write vulnerability in Libreoffice

LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.

7.5
2017-04-13 CVE-2016-8726 Moxa NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

7.5
2017-04-13 CVE-2016-8723 Moxa NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

7.5
2017-04-13 CVE-2016-1155 Google Injection vulnerability in Google Android

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.

7.5
2017-04-13 CVE-2012-1301 Umbraco Improper Input Validation vulnerability in Umbraco CMS 4.7.0

The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.

7.5
2017-04-13 CVE-2016-2566 Samsung SQL Injection vulnerability in Samsung Galaxy S6 Firmware G920Fxxu2Coh2

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.

7.5
2017-04-13 CVE-2016-10324 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.

7.5
2017-04-13 CVE-2016-6143 SAP Improper Access Control vulnerability in SAP Hana 1.00.73.00.389160

SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.

7.5
2017-04-13 CVE-2016-4970 Netty
Redhat
Apache
Infinite Loop vulnerability in multiple products

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

7.5
2017-04-13 CVE-2016-4800 Eclipse
Microsoft
Improper Access Control vulnerability in Eclipse Jetty

The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes.

7.5
2017-04-13 CVE-2015-8282 Seawell Networks Credentials Management vulnerability in Seawell Networks Spectrum SDC 02.05.00

SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.

7.5
2017-04-13 CVE-2015-8271 Rtmpdump Project Write-what-where Condition vulnerability in Rtmpdump Project Rtmpdump 2.4

The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.

7.5
2017-04-13 CVE-2015-6674 Inspircd
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid.

7.5
2017-04-13 CVE-2017-7628 Smart Related Articles Project SQL Injection vulnerability in Smart Related Articles Project Smart Related Articles 1.1

The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).

7.5
2017-04-12 CVE-2017-7748 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7747 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7746 Wireshark
Debian
Infinite Loop vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7745 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7705 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7704 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7703 Wireshark
Debian
Injection vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7702 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7701 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2017-7280 Unitrends Improper Input Validation vulnerability in Unitrends Enterprise Backup 7.3.0

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0.

7.5
2017-04-12 CVE-2016-4337 Ktools SQL Injection vulnerability in Ktools Photostore 4.7.4

SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.

7.5
2017-04-12 CVE-2015-7564 Teampass SQL Injection vulnerability in Teampass

Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php.

7.5
2017-04-12 CVE-2017-6059 Openidc Improper Input Validation vulnerability in Openidc MOD Auth Openidc 1.8.10/1.8.10.1/1.8.10.2

Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.

7.5
2017-04-12 CVE-2016-8716 Moxa Weak Password Recovery Mechanism for Forgotten Password vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

7.5
2017-04-12 CVE-2017-7719 WEB Dorado SQL Injection vulnerability in Web-Dorado Spider Event Calendar

SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php.

7.5
2017-04-12 CVE-2017-2989 Adobe Improper Input Validation vulnerability in Adobe Campaign 6.11

Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.

7.5
2017-04-12 CVE-2016-7958 Wireshark Improper Input Validation vulnerability in Wireshark 2.2.0

In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2016-7957 Wireshark Improper Input Validation vulnerability in Wireshark 2.2.0

In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file.

7.5
2017-04-12 CVE-2016-7547 Trendmicro 7PK - Time and State vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062

A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface.

7.5
2017-04-11 CVE-2017-7695 Bigtreecms Unrestricted Upload of File with Dangerous Type vulnerability in Bigtreecms Bigtree CMS

Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.

7.5
2017-04-11 CVE-2017-7691 SAP Code Injection vulnerability in SAP Trex

A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA).

7.5
2017-04-11 CVE-2013-6647 Google Use After Free vulnerability in Google Chrome

A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.

7.5
2017-04-11 CVE-2016-4483 Xmlsoft
Debian
Oracle
Deserialization of Untrusted Data vulnerability in multiple products

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization.

7.5
2017-04-11 CVE-2016-0779 Apache Deserialization of Untrusted Data vulnerability in Apache Tomee

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.

7.5
2017-04-11 CVE-2017-7462 Intellinet Network Path Traversal vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.

7.5
2017-04-10 CVE-2017-7625 Fiyo Code Injection vulnerability in Fiyo CMS

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

7.5
2017-04-10 CVE-2017-7239 Ninka Project Injection vulnerability in Ninka Project Ninka

Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename.

7.5
2017-04-10 CVE-2017-5983 Atlassian Deserialization of Untrusted Data vulnerability in Atlassian Jira

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.

7.5
2017-04-10 CVE-2016-6878 Botan Project Improper Input Validation vulnerability in Botan Project Botan

The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.

7.5
2017-04-10 CVE-2016-10311 SAP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Netweaver

Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.

7.5
2017-04-10 CVE-2015-7826 Botan Project Improper Certificate Validation vulnerability in Botan Project Botan

botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.

7.5
2017-04-10 CVE-2017-7618 Linux Infinite Loop vulnerability in Linux Kernel

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.

7.5
2017-04-10 CVE-2016-5074 Cloudviewnms Use of Externally-Controlled Format String vulnerability in Cloudviewnms Cloudview NMS

CloudView NMS before 2.10a has a format string issue exploitable over SNMP.

7.5
2017-04-10 CVE-2016-5069 Sierrawireless Insufficient Session Expiration vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.

7.5
2017-04-10 CVE-2016-5068 Sierrawireless Improper Authentication vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.

7.5
2017-04-10 CVE-2016-5065 Sierrawireless Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.

7.5
2017-04-10 CVE-2016-5053 Osram Missing Authentication for Critical Function vulnerability in Osram Lightify Home

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.

7.5
2017-04-10 CVE-2015-7273 Dell XXE vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.

7.5
2017-04-10 CVE-2015-7272 Dell Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input.

7.5
2017-04-10 CVE-2015-7271 Dell Use of Externally-Controlled Format String vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo.

7.5
2017-04-10 CVE-2015-7265 Proxygen Project Improper Access Control vulnerability in Proxygen Project Proxygen

Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.

7.5
2017-04-10 CVE-2015-7263 Proxygen Project Improper Access Control vulnerability in Proxygen Project Proxygen

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.

7.5
2017-04-10 CVE-2015-2888 Summerinfant Missing Authentication for Critical Function vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware

Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.

7.5
2017-04-12 CVE-2017-0181 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0180.

7.4
2017-04-12 CVE-2017-0180 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0181.

7.4
2017-04-12 CVE-2017-0163 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0180, and CVE-2017-0181.

7.4
2017-04-12 CVE-2017-0162 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0163, CVE-2017-0180, and CVE-2017-0181.

7.4
2017-04-14 CVE-2017-7690 Proxifier OS Command Injection vulnerability in Proxifier

Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program.

7.2
2017-04-14 CVE-2016-0727 Canonical Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux 12.04/14.04/16.04

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

7.2
2017-04-14 CVE-2017-1205 IBM Local Privilege Escalation vulnerability in IBM Platform LSF

IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access.

7.2
2017-04-14 CVE-2017-7643 Proxifier Unspecified vulnerability in Proxifier

Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.

7.2
2017-04-13 CVE-2010-1821 Apple Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server

Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.

7.2
2017-04-13 CVE-2016-10123 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.

7.2
2017-04-13 CVE-2016-10122 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail does not properly clean environment variables, which allows local users to gain privileges.

7.2
2017-04-13 CVE-2016-10121 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.

7.2
2017-04-13 CVE-2016-10120 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.

7.2
2017-04-13 CVE-2016-10119 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

7.2
2017-04-13 CVE-2016-10117 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.

7.2
2017-04-12 CVE-2017-3005 Adobe
Microsoft
Unquoted Search Path or Element vulnerability in Adobe Photoshop CC

Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability.

7.2
2017-04-12 CVE-2017-0189 Microsoft Local Privilege Escalation vulnerability in Microsoft Windows Kernel 'Win32k.sys'

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory.

7.2
2017-04-12 CVE-2017-0165 Microsoft Local Privilege Escalation vulnerability in Microsoft Windows

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."

7.2
2017-04-12 CVE-2017-0160 Microsoft Remote Code Execution vulnerability in Microsoft Windows .NET Framework CVE-2017-0160

Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."

7.2
2017-04-10 CVE-2016-8235 Lenovo Permissions, Privileges, and Access Controls vulnerability in Lenovo Customer Care Software Development KIT

Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.

7.2
2017-04-10 CVE-2016-10323 Synology Permissions, Privileges, and Access Controls vulnerability in Synology Photo Station

Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.

7.2
2017-04-10 CVE-2015-7260 Vertiv Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4

Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file.

7.2

203 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-14 CVE-2016-7032 Todd Miller Improper Access Control vulnerability in Todd Miller Sudo

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

6.9
2017-04-13 CVE-2015-8780 Samsung Path Traversal vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711

Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.

6.9
2017-04-12 CVE-2017-0156 Microsoft Local Privilege Escalation vulnerability in Microsoft Windows Graphics Component

An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when the Microsoft Graphics Component fails to properly handle objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability."

6.9
2017-04-12 CVE-2017-0155 Microsoft Local Privilege Escalation vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability."

6.9
2017-04-11 CVE-2016-4989 Setroubleshoot Project
Redhat
Command Injection vulnerability in multiple products

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.

6.9
2017-04-11 CVE-2016-4446 Setroubleshoot Project
Redhat
Command Injection vulnerability in multiple products

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.

6.9
2017-04-11 CVE-2016-4445 Setroubleshoot Project
Redhat
Command Injection vulnerability in multiple products

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.

6.9
2017-04-11 CVE-2016-4444 Setroubleshoot Project
Redhat
Command Injection vulnerability in multiple products

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.

6.9
2017-04-15 CVE-2017-7881 Bigtreecms Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS

BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header.

6.8
2017-04-14 CVE-2017-7877 Flatcore Cross-Site Request Forgery (CSRF) vulnerability in Flatcore Flatcore-Cms 1.4.6

CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.

6.8
2017-04-14 CVE-2016-8925 IBM Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system.

6.8
2017-04-13 CVE-2015-8567 Qemu
Canonical
Debian
Suse
Opensuse
Fedoraproject
Memory Leak vulnerability in multiple products

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

6.8
2017-04-13 CVE-2016-1914 Blackberry SQL Injection vulnerability in Blackberry Enterprise Service

Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image.

6.8
2017-04-13 CVE-2015-8283 Seawell Networks Path Traversal vulnerability in Seawell Networks Spectrum SDC 02.05.00

Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.

6.8
2017-04-13 CVE-2015-8107 GNU Use of Externally-Controlled Format String vulnerability in GNU A2Ps 4.14

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.

6.8
2017-04-12 CVE-2016-4891 Setucocms Project Cross-Site Request Forgery (CSRF) vulnerability in Setucocms Project Setucocms

Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.

6.8
2017-04-12 CVE-2015-7563 Teampass Cross-Site Request Forgery (CSRF) vulnerability in Teampass

Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user.

6.8
2017-04-11 CVE-2015-7893 Samsung Improper Input Validation vulnerability in Samsung Galaxy S6

SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.

6.8
2017-04-11 CVE-2017-7461 Intellinet Network Path Traversal vulnerability in Intellinet-Network Nfc-30Ir Firmware Lm.1.6.16.05

Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.

6.8
2017-04-10 CVE-2016-4319 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira

Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.

6.8
2017-04-10 CVE-2016-1516 Opencv
Debian
Double Free vulnerability in multiple products

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

6.8
2017-04-10 CVE-2015-8255 Axis Cross-Site Request Forgery (CSRF) vulnerability in Axis Communications Firmware

AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.

6.8
2017-04-14 CVE-2017-7717 SAP SQL Injection vulnerability in SAP Netweaver 7.40

SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.

6.5
2017-04-14 CVE-2017-7357 Atlassian Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian Hipchat Server

Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file.

6.5
2017-04-14 CVE-2016-4889 Zohocorp Permissions, Privileges, and Access Controls vulnerability in Zohocorp Servicedesk Plus

ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions.

6.5
2017-04-14 CVE-2015-6568 Wolfcms Improper Input Validation vulnerability in Wolfcms Wolf CMS

Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image.

6.5
2017-04-14 CVE-2015-6567 Wolfcms Improper Input Validation vulnerability in Wolfcms Wolf CMS

Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly.

6.5
2017-04-13 CVE-2015-8284 Seawell Networks Improper Access Control vulnerability in Seawell Networks Spectrum SDC 02.05.00

SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.

6.5
2017-04-12 CVE-2017-7700 Wireshark
Debian
Infinite Loop vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file.

6.5
2017-04-12 CVE-2017-7284 Unitrends Improper Authentication vulnerability in Unitrends Enterprise Backup 7.3.0

An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password.

6.5
2017-04-12 CVE-2017-7281 Unitrends Unrestricted Upload of File with Dangerous Type vulnerability in Unitrends Enterprise Backup 7.3.0

An issue was discovered in Unitrends Enterprise Backup before 9.1.2.

6.5
2017-04-12 CVE-2016-4895 Setucocms Project Code Injection vulnerability in Setucocms Project Setucocms

SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.

6.5
2017-04-12 CVE-2016-4893 Setucocms Project SQL Injection vulnerability in Setucocms Project Setucocms

SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2017-04-11 CVE-2017-7694 Getsymphony Code Injection vulnerability in Getsymphony Symphony

Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end.

6.5
2017-04-11 CVE-2015-8504 Qemu
Debian
Divide By Zero vulnerability in multiple products

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.

6.5
2017-04-10 CVE-2017-7647 Solarwinds Unspecified vulnerability in Solarwinds LOG & Event Manager

SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.

6.5
2017-04-10 CVE-2016-10322 Synology Command Injection vulnerability in Synology Photo Station

Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php.

6.5
2017-04-10 CVE-2017-7617 Digium Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk and Certified Asterisk

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.

6.5
2017-04-10 CVE-2016-5072 Oxidforge Code Injection vulnerability in Oxidforge Oxid Eshop

OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class.

6.5
2017-04-10 CVE-2015-7274 Dell Permissions, Privileges, and Access Controls vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands.

6.5
2017-04-10 CVE-2015-6028 Castlerock SQL Injection vulnerability in Castlerock Snmpc 12.1/9.0

Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.

6.5
2017-04-10 CVE-2015-2889 Summerinfant Permissions, Privileges, and Access Controls vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware

Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.

6.5
2017-04-13 CVE-2015-2947 Grabacr NET Confused Deputy vulnerability in Grabacr.Net Kancolleviewer

KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.

6.4
2017-04-12 CVE-2016-4896 Setucocms Project Permissions, Privileges, and Access Controls vulnerability in Setucocms Project Setucocms

SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.

6.4
2017-04-12 CVE-2016-1178 Appleple Improper Access Control vulnerability in Appleple A-Blog CMS

The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors.

6.4
2017-04-12 CVE-2017-0186 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0185.

6.3
2017-04-12 CVE-2017-0185 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0186.

6.3
2017-04-12 CVE-2017-0183 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.

6.3
2017-04-12 CVE-2017-0182 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.

6.3
2017-04-12 CVE-2017-0179 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.

6.3
2017-04-12 CVE-2017-0168 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0169.

6.3
2017-04-13 CVE-2016-2104 Redhat Cross-site Scripting vulnerability in Redhat Satellite 5.7

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags.

6.1
2017-04-13 CVE-2015-7565 Emberjs Cross-site Scripting vulnerability in Emberjs Ember.Js

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.

6.1
2017-04-12 CVE-2016-8719 Moxa Cross-site Scripting vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

6.1
2017-04-14 CVE-2015-8356 Bitrix Project SQL Injection vulnerability in Bitrix Project Bitrix

Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php.

6.0
2017-04-10 CVE-2017-7377 Qemu
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.

6.0
2017-04-10 CVE-2016-6534 Opmantek Command Injection vulnerability in Opmantek Network Management Information System

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script.

6.0
2017-04-10 CVE-2016-4334 Jivesoftware Open Redirect vulnerability in Jivesoftware Jive

Jive before 2016.3.1 has an open redirect from the external-link.jspa page.

5.8
2017-04-13 CVE-2016-8725 Moxa Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1.

5.3
2017-04-13 CVE-2016-8724 Moxa Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1.

5.3
2017-04-13 CVE-2016-8722 Moxa Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client.

5.3
2017-04-12 CVE-2017-0184 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0185, and CVE-2017-0186.

5.2
2017-04-12 CVE-2017-0178 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.

5.2
2017-04-12 CVE-2017-0169 Microsoft Improper Input Validation vulnerability in Microsoft Windows 8.1 and Windows Server 2012

An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012.

5.2
2017-04-14 CVE-2017-7879 Flatcore SQL Injection vulnerability in Flatcore Flatcore-Cms 1.4.6

SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database.

5.0
2017-04-14 CVE-2017-7696 SAP Allocation of Resources Without Limits or Throttling vulnerability in SAP SSO Authentication Library 2.0/3.0

SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.

5.0
2017-04-14 CVE-2016-7051 Fasterxml Server-Side Request Forgery (SSRF) vulnerability in Fasterxml Jackson-Dataformat-Xml

XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.

5.0
2017-04-14 CVE-2016-6489 Redhat
Canonical
Nettle Project
Information Exposure Through Discrepancy vulnerability in multiple products

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

5.0
2017-04-14 CVE-2016-4890 Zohocorp 7PK - Security Features vulnerability in Zohocorp Servicedesk Plus 9.0

ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method for generating cookies, which makes it easier for attackers to obtain sensitive password information by leveraging access to a cookie.

5.0
2017-04-14 CVE-2016-3104 Mongodb Resource Exhaustion vulnerability in Mongodb 2.4.0/2.6.0

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database.

5.0
2017-04-14 CVE-2017-7456 Moxa Improper Input Validation vulnerability in Moxa Mxview 2.8

Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.

5.0
2017-04-14 CVE-2017-7455 Moxa Information Exposure vulnerability in Moxa Mxview 2.8

Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.

5.0
2017-04-14 CVE-2017-7408 Paloaltonetworks Improper Input Validation vulnerability in Paloaltonetworks Traps 3.4.3

Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.

5.0
2017-04-14 CVE-2017-7869 GNU Out-of-bounds Write vulnerability in GNU Gnutls

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c.

5.0
2017-04-14 CVE-2017-7868 ICU Project
Debian
Out-of-bounds Write vulnerability in multiple products

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

5.0
2017-04-14 CVE-2017-7867 ICU Project
Debian
Out-of-bounds Write vulnerability in multiple products

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.

5.0
2017-04-13 CVE-2016-8727 Moxa Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point.

5.0
2017-04-13 CVE-2015-8619 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).

5.0
2017-04-13 CVE-2015-4646 Squashfs Project Improper Input Validation vulnerability in Squashfs Project Squashfs

(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input.

5.0
2017-04-13 CVE-2013-6648 Skia Unspecified vulnerability in Google Skia

SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).

5.0
2017-04-13 CVE-2017-7853 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 5.0.0

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.

5.0
2017-04-13 CVE-2016-10326 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.

5.0
2017-04-13 CVE-2016-10325 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Osip 4.1.0

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.

5.0
2017-04-13 CVE-2016-3106 Pulpproject Race Condition vulnerability in Pulpproject Pulp 2.8.21

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

5.0
2017-04-13 CVE-2016-1132 Docomo Improper Certificate Validation vulnerability in Docomo Shoplat

Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates.

5.0
2017-04-13 CVE-2015-8270 Rtmpdump Project NULL Pointer Dereference vulnerability in Rtmpdump Project Rtmpdump 2.4

The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).

5.0
2017-04-13 CVE-2012-6697 Inspire Ircd
Debian
Resource Management Errors vulnerability in multiple products

InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).

5.0
2017-04-13 CVE-2017-7627 Smart Related Articles Project Unspecified vulnerability in Smart Related Articles Project Smart Related Articles 1.1

The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).

5.0
2017-04-12 CVE-2017-5936 Canonical
Openstack
Security Bypass vulnerability in OpenStack Nova-LXD

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

5.0
2017-04-12 CVE-2016-4894 Setucocms Project Multiple Security vulnerability in SetucoCMS

SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.

5.0
2017-04-10 CVE-2016-5041 Libdwarf Project NULL Pointer Dereference vulnerability in Libdwarf Project Libdwarf

dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name.

5.0
2017-04-10 CVE-2017-7345 Netapp Information Exposure vulnerability in Netapp Clustered Data Ontap

NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2017-04-10 CVE-2017-7185 Cesanta Use After Free vulnerability in Cesanta Mongoose Embedded web Server Library and Mongoose OS

Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string.

5.0
2017-04-10 CVE-2017-5988 Netapp Denial of Service vulnerability in NetApp Clustered Data ONTAP

NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors.

5.0
2017-04-10 CVE-2016-6879 Botan Project Key Management Errors vulnerability in Botan Project Botan

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

5.0
2017-04-10 CVE-2015-7824 Botan Project Information Exposure vulnerability in Botan Project Botan

botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.

5.0
2017-04-10 CVE-2017-7619 Imagemagick Infinite Loop vulnerability in Imagemagick 7.0.49

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms.

5.0
2017-04-10 CVE-2017-6190 Dlink Path Traversal vulnerability in Dlink Dwr-116 Firmware V1.00(Cp)B10/V1.01(Eu)/V1.05(Au)

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a ..

5.0
2017-04-10 CVE-2016-6605 Cloudera Improper Access Control vulnerability in Cloudera CDH

Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.

5.0
2017-04-10 CVE-2016-10321 Web2Py 7PK - Security Features vulnerability in Web2Py

web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks.

5.0
2017-04-10 CVE-2015-8378 Keepassx Project Information Exposure vulnerability in Keepassx Project Keepassx

In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action.

5.0
2017-04-10 CVE-2016-5076 Cloudviewnms Information Exposure vulnerability in Cloudviewnms Cloudview NMS

CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def.

5.0
2017-04-10 CVE-2016-5070 Sierrawireless Credentials Management vulnerability in Sierrawireless Aleos Firmware 4.3.2

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.

5.0
2017-04-10 CVE-2016-5058 Osram Improper Access Control vulnerability in Osram Lightify PRO

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.

5.0
2017-04-10 CVE-2016-5057 Osram 7PK - Security Features vulnerability in Osram Lightify PRO

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.

5.0
2017-04-10 CVE-2016-5056 Osram Inadequate Encryption Strength vulnerability in Osram Lightify PRO

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.

5.0
2017-04-10 CVE-2016-5054 Osram Improper Access Control vulnerability in Osram Lightify Home

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.

5.0
2017-04-10 CVE-2016-5052 Osram 7PK - Security Features vulnerability in Osram Lightify Home

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.

5.0
2017-04-10 CVE-2016-5051 Osram Information Exposure vulnerability in Osram Lightify Home

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.

5.0
2017-04-10 CVE-2015-2886 Ibaby Information Exposure vulnerability in Ibaby M6 Baby Monitor Firmware

iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.

5.0
2017-04-10 CVE-2015-2884 Philips Information Exposure vulnerability in Philips In.Sight B12037

Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi.

5.0
2017-04-10 CVE-2014-2960 Visioncritical Information Exposure vulnerability in Visioncritical Vision Critical 20140530

Vision Critical before 2014-05-30 allows attackers to read arbitrary files via unspecified vectors, as demonstrated by image files and configuration files.

5.0
2017-04-13 CVE-2015-8223 Huawei Permission Issues vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver.

4.9
2017-04-13 CVE-2015-7740 Huawei Improper Input Validation vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver.

4.9
2017-04-11 CVE-2016-5011 Kernel
Redhat
IBM
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
4.9
2017-04-11 CVE-2015-8568 Qemu
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.

4.7
2017-04-11 CVE-2017-5969 Xmlsoft NULL Pointer Dereference vulnerability in Xmlsoft Libxml2 2.9.4

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document.

4.7
2017-04-14 CVE-2017-7218 Paloaltonetworks Improper Input Validation vulnerability in Paloaltonetworks Pan-Os

The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.

4.6
2017-04-13 CVE-2016-4031 Samsung Improper Access Control vulnerability in Samsung products

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.

4.6
2017-04-13 CVE-2016-4030 Samsung Improper Access Control vulnerability in Samsung products

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.

4.6
2017-04-13 CVE-2015-1839 Saltstack
Fedoraproject
Data Processing Errors vulnerability in multiple products

modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.

4.6
2017-04-13 CVE-2015-1838 Saltstack
Fedoraproject
Data Processing Errors vulnerability in multiple products

modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.

4.6
2017-04-12 CVE-2017-3007 Adobe
Microsoft
Untrusted Search Path vulnerability in Adobe Creative Cloud

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications.

4.6
2017-04-11 CVE-2017-5873 Unisys Unquoted Search Path or Element vulnerability in Unisys Secure Partitioning 4.3.403/4.4.19

Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

4.6
2017-04-10 CVE-2015-7270 Dell Path Traversal vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal.

4.6
2017-04-14 CVE-2017-7871 TDM Project Cross-site Scripting vulnerability in TDM Project TDM 20170412

trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in tdm-master/webhook.php (challenge parameter).

4.3
2017-04-14 CVE-2016-5310 Broadcom
Symantec
Out-of-bounds Write vulnerability in multiple products

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.

4.3
2017-04-14 CVE-2016-5309 Broadcom
Symantec
Out-of-bounds Read vulnerability in multiple products

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.

4.3
2017-04-14 CVE-2016-4875 Assist Project
Databox Project
Userbox Project
Cross-site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-04-13 CVE-2016-8720 Moxa Injection vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1.

4.3
2017-04-13 CVE-2017-7725 Concretecms Cross-site Scripting vulnerability in Concretecms Concrete CMS 8.1.0

concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings.

4.3
2017-04-13 CVE-2013-6662 Google Improper Certificate Validation vulnerability in Google Chrome

Google Chrome caches TLS sessions before certificate validation occurs.

4.3
2017-04-13 CVE-2017-7854 Radare Out-of-bounds Read vulnerability in Radare Radare2 1.3.0

The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

4.3
2017-04-13 CVE-2016-4068 Opensuse
Roundcube
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.

4.3
2017-04-13 CVE-2016-1915 Blackberry Cross-site Scripting vulnerability in Blackberry Enterprise Service

Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.

4.3
2017-04-13 CVE-2015-8864 Opensuse
Roundcube
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.

4.3
2017-04-13 CVE-2015-8272 Rtmpdump Project NULL Pointer Dereference vulnerability in Rtmpdump Project Rtmpdump 2.4

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

4.3
2017-04-13 CVE-2014-2710 Oliver Project Cross-site Scripting vulnerability in Oliver Project Oliver

Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php).

4.3
2017-04-13 CVE-2017-7626 Smart Related Articles Project Cross-site Scripting vulnerability in Smart Related Articles Project Smart Related Articles 1.1

The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).

4.3
2017-04-12 CVE-2016-6348 Redhat Cross-site Scripting vulnerability in Redhat Resteasy

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

4.3
2017-04-12 CVE-2016-4897 Webmin Cross-site Scripting vulnerability in Webmin Usermin

Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.

4.3
2017-04-12 CVE-2016-4892 Setucocms Project Cross-site Scripting vulnerability in Setucocms Project Setucocms

Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-04-12 CVE-2016-2803 Mozilla Cross-site Scripting vulnerability in Mozilla Bugzilla

Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.

4.3
2017-04-12 CVE-2016-1179 Appleple Cross-site Scripting vulnerability in Appleple A-Blog CMS

Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML.

4.3
2017-04-12 CVE-2015-7562 Teampass Cross-site Scripting vulnerability in Teampass

Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role.

4.3
2017-04-12 CVE-2017-7742 Libsndfile Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

4.3
2017-04-12 CVE-2017-7741 Libsndfile Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

4.3
2017-04-12 CVE-2017-7716 Radare Out-of-bounds Read vulnerability in Radare Radare2 1.3.0

The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

4.3
2017-04-12 CVE-2017-3125 Fortinet Cross-site Scripting vulnerability in Fortinet Fortimail

An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker.

4.3
2017-04-12 CVE-2017-3053 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files.

4.3
2017-04-12 CVE-2017-3052 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format.

4.3
2017-04-12 CVE-2017-3046 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.

4.3
2017-04-12 CVE-2017-3045 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box.

4.3
2017-04-12 CVE-2017-3043 Adobe
Apple
Microsoft
Information Exposure vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality.

4.3
2017-04-12 CVE-2017-3033 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.

4.3
2017-04-12 CVE-2017-3032 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser.

4.3
2017-04-12 CVE-2017-3031 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine.

4.3
2017-04-12 CVE-2017-3029 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.

4.3
2017-04-12 CVE-2017-3022 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file.

4.3
2017-04-12 CVE-2017-3021 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.

4.3
2017-04-12 CVE-2017-3020 Adobe
Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.

4.3
2017-04-12 CVE-2017-0211 Microsoft Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability."

4.3
2017-04-12 CVE-2017-0208 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory.

4.3
2017-04-12 CVE-2017-0207 Microsoft Spoofing vulnerability in Microsoft Outlook 2011

Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability."

4.3
2017-04-12 CVE-2017-0204 Microsoft Security Bypass vulnerability in Microsoft Office

Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."

4.3
2017-04-12 CVE-2017-0203 Microsoft Security Bypass vulnerability in Microsoft Edge

A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents.

4.3
2017-04-12 CVE-2017-0194 Microsoft Information Exposure vulnerability in Microsoft Excel and Office Compatibility Pack

Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

4.3
2017-04-12 CVE-2017-0192 Microsoft Information Exposure vulnerability in Microsoft products

The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially crafted document or an untrusted website, aka "ATMFD.dll Information Disclosure Vulnerability."

4.3
2017-04-12 CVE-2017-0159 Microsoft Security Bypass vulnerability in Microsoft products

A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability."

4.3
2017-04-11 CVE-2017-7697 Libsamplerate Project
Debian
Out-of-bounds Read vulnerability in multiple products

In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file.

4.3
2017-04-11 CVE-2014-9837 Imagemagick Out-of-bounds Read vulnerability in Imagemagick 6.9.01

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.

4.3
2017-04-11 CVE-2014-8562 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

4.3
2017-04-11 CVE-2014-8355 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

4.3
2017-04-11 CVE-2014-8354 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

4.3
2017-04-11 CVE-2016-5322 Libtiff
Debian
Out-of-bounds Read vulnerability in multiple products

The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

4.3
2017-04-11 CVE-2016-10259 Bluecoat Resource Management Errors vulnerability in Bluecoat products

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections.

4.3
2017-04-11 CVE-2017-7621 Auromeera Cross-site Scripting vulnerability in Auromeera Emli 1.0

Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt.

4.3
2017-04-10 CVE-2017-7648 Foscam Use of Hard-coded Credentials vulnerability in Foscam products

Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.

4.3
2017-04-10 CVE-2017-7624 Entropymine Missing Release of Resource after Effective Lifetime vulnerability in Entropymine Imageworsener 1.3.0

The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

4.3
2017-04-10 CVE-2017-7623 Entropymine Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.0

The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

4.3
2017-04-10 CVE-2016-5682 Smartbear Cross-site Scripting vulnerability in Smartbear Swagger-Ui

Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section.

4.3
2017-04-10 CVE-2016-5078 Paessler Cross-site Scripting vulnerability in Paessler Prtg Network Monitor

Paessler PRTG before 16.2.24.4045 has XSS via SNMP.

4.3
2017-04-10 CVE-2016-5077 Netikus Cross-site Scripting vulnerability in Netikus Eventsentry 3.2.1.22/3.2.1.30/3.2.1.8

Netikus EventSentry before 3.2.1.44 has XSS via SNMP.

4.3
2017-04-10 CVE-2016-5075 Cloudviewnms Cross-site Scripting vulnerability in Cloudviewnms Cloudview NMS

CloudView NMS before 2.10a has XSS via a TELNET login.

4.3
2017-04-10 CVE-2016-5073 Cloudviewnms Cross-site Scripting vulnerability in Cloudviewnms Cloudview NMS

CloudView NMS before 2.10a has XSS via SNMP.

4.3
2017-04-10 CVE-2016-5055 Osram Cross-site Scripting vulnerability in Osram Lightify PRO

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.

4.3
2017-04-10 CVE-2016-1517 Opencv Improper Input Validation vulnerability in Opencv 3.0.0

OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.

4.3
2017-04-10 CVE-2015-8276 Eparaksts Information Exposure vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3

LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files.

4.3
2017-04-10 CVE-2015-8275 Eparaksts Improper Access Control vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3

LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files.

4.3
2017-04-10 CVE-2015-7275 Dell Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS.

4.3
2017-04-10 CVE-2015-6035 Opsview Cross-site Scripting vulnerability in Opsview

Opsview before 2015-11-06 has XSS via SNMP.

4.3
2017-04-10 CVE-2015-6027 Castlerock Cross-site Scripting vulnerability in Castlerock Snmpc 12.1/9.0

Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.

4.3
2017-04-10 CVE-2015-6021 Spiceworks Cross-site Scripting vulnerability in Spiceworks Desktop

Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response.

4.3
2017-04-14 CVE-2016-5312 Symantec Path Traversal vulnerability in Symantec Messaging Gateway

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a ..

4.0
2017-04-14 CVE-2017-1152 IBM Session Fixation vulnerability in IBM Financial Transaction Manager 3.0.1.0/3.0.2.0

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system.

4.0
2017-04-14 CVE-2016-8926 IBM Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users.

4.0
2017-04-14 CVE-2017-7217 Paloaltonetworks Improper Input Validation vulnerability in Paloaltonetworks Pan-Os

The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.

4.0
2017-04-11 CVE-2017-5672 Kony Information Exposure vulnerability in Kony Enterprise Mobile Management 1.2

Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request.

4.0
2017-04-10 CVE-2017-7646 Solarwinds Information Exposure vulnerability in Solarwinds LOG & Event Manager

SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within.

4.0
2017-04-10 CVE-2016-10310 SAP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SQL Anywhere 11.0/16.0/17.0

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.

4.0
2017-04-10 CVE-2016-10304 SAP Deserialization of Untrusted Data vulnerability in SAP Netweaver 7.5

The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.

4.0
2017-04-10 CVE-2016-5059 Osram Information Exposure vulnerability in Osram Lightify PRO

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application.

4.0
2017-04-10 CVE-2016-4320 Atlassian Path Traversal vulnerability in Atlassian Bitbucket

Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource.

4.0

29 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-14 CVE-2017-7188 Zurmo Cross-site Scripting vulnerability in Zurmo CRM

Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse.

3.5
2017-04-14 CVE-2016-4888 Zohocorp Cross-site Scripting vulnerability in Zohocorp Servicedesk Plus 9.0

Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceDesk Plus before 9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2017-04-14 CVE-2016-8927 IBM Cross-site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting.

3.5
2017-04-13 CVE-2014-3887 Iodata Cross-site Scripting vulnerability in Iodata Rockdisk Firmware

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2017-04-12 CVE-2017-0195 Microsoft Cross-site Scripting vulnerability in Microsoft products

Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft Office XSS Elevation of Privilege Vulnerability."

3.5
2017-04-12 CVE-2017-0191 Microsoft Denial of Service vulnerability in Microsoft Windows

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory.

3.5
2017-04-12 CVE-2017-0164 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."

3.5
2017-04-11 CVE-2016-7467 F5 Improper Input Validation vulnerability in F5 Big-Ip Access Policy Manager

The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector.

3.5
2017-04-10 CVE-2017-5607 Splunk Information Exposure vulnerability in Splunk

Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.

3.5
2017-04-10 CVE-2016-5642 Opmantek Cross-site Scripting vulnerability in Opmantek Network Management Information System

Opmantek NMIS before 8.5.12G has XSS via SNMP.

3.5
2017-04-10 CVE-2016-4318 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

3.5
2017-04-10 CVE-2016-4317 Atlassian Cross-site Scripting vulnerability in Atlassian Confluence

Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.

3.5
2017-04-10 CVE-2015-2883 Philips Cross-site Scripting vulnerability in Philips In.Sight B12037

Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php.

3.5
2017-04-14 CVE-2016-4455 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat products

The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.

3.3
2017-04-13 CVE-2016-7834 Sony Information Exposure vulnerability in Sony SNC Series Firmware

SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure.

3.3
2017-04-14 CVE-2016-7060 Redhat Information Exposure vulnerability in Redhat Quickstart Cloud Installer 1.0

The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the display.

2.1
2017-04-13 CVE-2015-8345 Qemu
Debian
Resource Management Errors vulnerability in multiple products

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.

2.1
2017-04-13 CVE-2016-4032 Samsung Improper Access Control vulnerability in Samsung products

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.

2.1
2017-04-13 CVE-2016-2567 Samsung Improper Input Validation vulnerability in Samsung Galaxy Note 3 Firmware and Galaxy S6 Firmware

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.

2.1
2017-04-13 CVE-2016-2565 Samsung Information Exposure vulnerability in Samsung Galaxy S6 Firmware G920Fxxu2Coh2

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.

2.1
2017-04-13 CVE-2016-2036 Samsung NULL Pointer Dereference vulnerability in Samsung Galaxy Note 3 Firmware and Galaxy S6 Firmware

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036.

2.1
2017-04-13 CVE-2016-10118 Firejail Project Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

2.1
2017-04-12 CVE-2017-0188 Microsoft Information Exposure vulnerability in Microsoft products

A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information.

2.1
2017-04-12 CVE-2017-0167 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory.

2.1
2017-04-11 CVE-2014-8716 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

2.1
2017-04-10 CVE-2017-7616 Linux 7PK - Errors vulnerability in Linux Kernel

Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

2.1
2017-04-14 CVE-2017-7457 Moxa XXE vulnerability in Moxa Mx-Aopc Server 1.5

XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.

1.9
2017-04-12 CVE-2017-0058 Microsoft Information Exposure vulnerability in Microsoft products

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information.

1.9
2017-04-11 CVE-2015-8613 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.

1.9