Weekly Vulnerabilities Reports > April 17 to 23, 2017

Overview

241 new vulnerabilities reported during this period, including 22 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 261 products from 93 vendors including Imagemagick, Cybozu, Cisco, Linux, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Out-of-bounds Read", and "Improper Input Validation".

  • 215 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 71 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 191 reported vulnerabilities are exploitable by an anonymous user.
  • Imagemagick has the most reported vulnerabilities, with 33 reported vulnerabilities.
  • Apache has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

22 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-21 CVE-2016-3109 Shopware Improper Input Validation vulnerability in Shopware

The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code.

10.0
2017-04-21 CVE-2016-1560 Exagrid Use of Hard-coded Credentials vulnerability in Exagrid products

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

10.0
2017-04-21 CVE-2017-8051 Tenable OS Command Injection vulnerability in Tenable Appliance

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI.

10.0
2017-04-21 CVE-2016-1555 Netgear Command Injection vulnerability in Netgear products

(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

10.0
2017-04-19 CVE-2017-7964 Zyxel Insecure Default Initialization of Resource vulnerability in Zyxel Wre6505 Firmware

Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.

10.0
2017-04-17 CVE-2016-6727 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.

10.0
2017-04-17 CVE-2016-6726 Google Security vulnerability in Google Android 'Qualcomm' components

Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.

10.0
2017-04-21 CVE-2016-3067 Cygwin Permissions, Privileges, and Access Controls vulnerability in Cygwin

Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.

9.8
2017-04-21 CVE-2016-1558 Dlink Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink products

Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver.

9.8
2017-04-20 CVE-2016-5762 Novell Integer Overflow or Wraparound vulnerability in Novell Groupwise

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.

9.8
2017-04-20 CVE-2017-7938 MOR PAH NET Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mor-Pah.Net Dmitry Deepmagic Information Gathering Tool 1.3A

Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument.

9.8
2017-04-17 CVE-2017-5645 Apache
Netapp
Redhat
Oracle
Deserialization of Untrusted Data vulnerability in multiple products

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

9.8
2017-04-17 CVE-2017-5651 Apache Unspecified vulnerability in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing.

9.8
2017-04-21 CVE-2016-4846 Securebrain Untrusted Search Path vulnerability in Securebrain Phishwall Client

Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.

9.3
2017-04-20 CVE-2016-4650 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos

Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3
2017-04-20 CVE-2016-8721 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1.

9.1
2017-04-17 CVE-2017-5648 Apache Exposure of Resource to Wrong Sphere vulnerability in Apache Tomcat

While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object.

9.1
2017-04-21 CVE-2017-7220 Opentext Improper Input Validation vulnerability in Opentext Documentum Content Server

OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack.

9.0
2017-04-20 CVE-2017-6619 Cisco Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)

A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system.

9.0
2017-04-20 CVE-2017-6616 Cisco Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)

A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system.

9.0
2017-04-20 CVE-2017-7692 Squirrelmail Improper Input Validation vulnerability in Squirrelmail 1.4.22

SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call.

9.0
2017-04-20 CVE-2017-7283 Unitrends Improper Input Validation vulnerability in Unitrends Enterprise Backup 7.3.0

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php.

9.0

48 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-21 CVE-2016-0720 Clusterlabs
Redhat
Fedoraproject
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.

8.8
2017-04-20 CVE-2017-6607 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache.

8.7
2017-04-20 CVE-2017-6608 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system.

8.6
2017-04-21 CVE-2016-2433 Google Improper Access Control vulnerability in Google Android

The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.

8.3
2017-04-21 CVE-2016-1559 D Link Information Exposure vulnerability in D-Link products

D-Link DAP-1353 H/W vers.

8.1
2017-04-21 CVE-2016-0721 Clusterlabs
Redhat
Fedoraproject
Session Fixation vulnerability in multiple products

Session fixation vulnerability in pcsd in pcs before 0.9.157.

8.1
2017-04-18 CVE-2017-5662 Apache XXE vulnerability in Apache Batik

In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files.

7.9
2017-04-18 CVE-2017-5661 Apache XXE vulnerability in Apache Formatting Objects Processor

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files.

7.9
2017-04-23 CVE-2017-8076 TP Link Inadequate Encryption Strength vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated.

7.8
2017-04-23 CVE-2017-8067 Linux Out-of-bounds Write vulnerability in Linux Kernel

drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.8
2017-04-23 CVE-2017-8064 Linux
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.8
2017-04-23 CVE-2017-8063 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.8
2017-04-23 CVE-2017-8062 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.8
2017-04-21 CVE-2016-5399 PHP Out-of-bounds Write vulnerability in PHP

The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.

7.8
2017-04-21 CVE-2016-0833 Google Denial of Service vulnerability in Google Android

Android allows users to cause a denial of service.

7.8
2017-04-20 CVE-2017-3863 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.

7.8
2017-04-20 CVE-2017-3862 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.

7.8
2017-04-20 CVE-2017-3861 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.

7.8
2017-04-20 CVE-2017-3860 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.

7.8
2017-04-20 CVE-2017-3808 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Communications Manager

A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2017-04-19 CVE-2017-7961 Gnome Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Libcroco 0.6.11/0.6.12

The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file.

7.8
2017-04-19 CVE-2017-7948 Artifex Integer Overflow or Wraparound vulnerability in Artifex Ghostscript 9.21

Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.

7.8
2017-04-17 CVE-2016-5396 Apache Resource Management Errors vulnerability in Apache Traffic Server

Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.

7.8
2017-04-17 CVE-2017-7889 Linux
Debian
Canonical
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

7.8
2017-04-20 CVE-2017-6610 Cisco Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system.

7.7
2017-04-20 CVE-2017-6609 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system.

7.7
2017-04-23 CVE-2017-8073 Weechat
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin.

7.5
2017-04-22 CVE-2017-7991 Exponentcms SQL Injection vulnerability in Exponentcms Exponent CMS

Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php.

7.5
2017-04-21 CVE-2016-5168 Google Origin Validation Error vulnerability in Google Chrome

Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.

7.5
2017-04-21 CVE-2016-2173 Fedoraproject
Pivotal Software
Vmware
Improper Input Validation vulnerability in multiple products

org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.

7.5
2017-04-20 CVE-2016-1219 Cybozu Improper Authentication vulnerability in Cybozu Garoon

Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use.

7.5
2017-04-19 CVE-2017-7963 PHP Allocation of Resources Without Limits or Throttling vulnerability in PHP

The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings.

7.5
2017-04-18 CVE-2017-5656 Apache Session Fixation vulnerability in Apache CXF

Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.

7.5
2017-04-18 CVE-2017-7645 Linux
Debian
Canonical
Improper Input Validation vulnerability in multiple products

The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

7.5
2017-04-17 CVE-2017-1161 IBM Improper Input Validation vulnerability in IBM API Connect 5.0.6.0

IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal.

7.5
2017-04-17 CVE-2017-5650 Apache Improper Resource Shutdown or Release vulnerability in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data.

7.5
2017-04-17 CVE-2017-5647 Apache Information Exposure vulnerability in Apache Tomcat

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed.

7.5
2017-04-23 CVE-2017-8072 Linux 7PK - Errors vulnerability in Linux Kernel

The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.

7.2
2017-04-23 CVE-2017-8070 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-23 CVE-2017-8069 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-23 CVE-2017-8068 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-23 CVE-2017-8066 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-23 CVE-2017-8065 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-23 CVE-2017-8061 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-04-19 CVE-2017-7979 Linux Improper Input Validation vulnerability in Linux Kernel 4.11

The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possibly have unspecified other impact via "tc filter add" commands in certain contexts.

7.2
2017-04-19 CVE-2017-7850 Tenable Incorrect Permission Assignment for Critical Resource vulnerability in Tenable Nessus

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.

7.2
2017-04-20 CVE-2015-8959 Imagemagick Resource Management Errors vulnerability in Imagemagick

coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.

7.1
2017-04-20 CVE-2017-7282 Unitrends Information Exposure vulnerability in Unitrends Enterprise Backup 7.3.0

An issue was discovered in Unitrends Enterprise Backup before 9.1.1.

7.1

156 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-20 CVE-2017-1122 IBM Local Command Injection vulnerability in IBM Security Guardium

IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root.

6.9
2017-04-21 CVE-2016-2347 Opensuse
Debian
Lhasa Project
Integer Overflow or Wraparound vulnerability in multiple products

Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.

6.8
2017-04-21 CVE-2016-1520 Grandstream 7PK - Security Features vulnerability in Grandstream Wave

The Grandstream Wave app 1.0.1.26 and earlier for Android does not use HTTPS when retrieving update information, which might allow man-in-the-middle attackers to execute arbitrary code via a crafted application.

6.8
2017-04-21 CVE-2016-1518 Grandstream Improper Access Control vulnerability in Grandstream Wave

The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have unspecified other impact by leveraging failure to use an HTTPS session for downloading configuration files from http://fm.grandstream.com/gs/.

6.8
2017-04-21 CVE-2017-7951 Wondercms Cross-Site Request Forgery (CSRF) vulnerability in Wondercms

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context.

6.8
2017-04-21 CVE-2017-7990 Openmrs Cross-Site Request Forgery (CSRF) vulnerability in Openmrs Module Reporting 1.12.0

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp.

6.8
2017-04-20 CVE-2017-6614 Cisco Information Exposure vulnerability in Cisco Findit Network Probe 1.0.0

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software.

6.8
2017-04-20 CVE-2017-4969 Cloudfoundry Unspecified vulnerability in Cloudfoundry Cf-Release

The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks.

6.8
2017-04-20 CVE-2016-5401 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss BPM Suite and Jboss Enterprise Brms Platform

Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.

6.8
2017-04-20 CVE-2016-3734 Moodle Cross-Site Request Forgery (CSRF) vulnerability in Moodle

Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.

6.8
2017-04-20 CVE-2017-5156 Aveva Cross-Site Request Forgery (CSRF) vulnerability in Aveva Wonderware Intouch Access Anywhere 11.5.2

A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior.

6.8
2017-04-20 CVE-2017-2784 ARM Improper Certificate Validation vulnerability in ARM Mbed TLS

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2.

6.8
2017-04-20 CVE-2016-4850 Linecorp Improper Access Control vulnerability in Linecorp Line 4.3.0.724

LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.

6.8
2017-04-20 CVE-2016-6338 Redhat Improper Access Control vulnerability in Redhat Enterprise Virtualization 4.0

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries.

6.8
2017-04-20 CVE-2016-4293 Hancom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Office 2014 9.1.0.2176

Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTableStyle and (2) CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via a crafted Hangul Hcell Document (.cell) file.

6.8
2017-04-19 CVE-2017-7975 Artifex Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.

6.8
2017-04-17 CVE-2016-4871 Cybozu Resource Management Errors vulnerability in Cybozu Office

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.

6.8
2017-04-20 CVE-2016-7536 Imagemagick Improper Input Validation vulnerability in Imagemagick

magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.

6.5
2017-04-20 CVE-2016-7535 Imagemagick Out-of-bounds Write vulnerability in Imagemagick

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.

6.5
2017-04-20 CVE-2016-7534 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.

6.5
2017-04-20 CVE-2016-7530 Imagemagick Divide By Zero vulnerability in Imagemagick

The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.

6.5
2017-04-20 CVE-2016-7527 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

6.5
2017-04-20 CVE-2016-7526 Imagemagick Out-of-bounds Write vulnerability in Imagemagick

coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

6.5
2017-04-20 CVE-2016-7525 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

6.5
2017-04-20 CVE-2016-7521 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

6.5
2017-04-20 CVE-2016-7520 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.

6.5
2017-04-20 CVE-2016-7518 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.

6.5
2017-04-20 CVE-2016-7517 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.

6.5
2017-04-20 CVE-2016-7516 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.

6.5
2017-04-20 CVE-2016-4862 CS Cart Improper Input Validation vulnerability in Cs-Cart

Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.

6.5
2017-04-20 CVE-2016-1218 Cybozu SQL Injection vulnerability in Cybozu Garoon

SQL injection vulnerability in Cybozu Garoon before 4.2.2.

6.5
2017-04-19 CVE-2016-7537 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.

6.5
2017-04-19 CVE-2016-7533 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.

6.5
2017-04-19 CVE-2016-7529 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.

6.5
2017-04-19 CVE-2016-7528 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.

6.5
2017-04-19 CVE-2016-7522 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

6.5
2017-04-19 CVE-2016-7519 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

6.5
2017-04-19 CVE-2016-7515 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.

6.5
2017-04-20 CVE-2017-6615 Cisco Race Condition vulnerability in Cisco IOS XE

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE 3.16 could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

6.3
2017-04-20 CVE-2017-5183 Netiq Cross-site Scripting vulnerability in Netiq Access Manager 4.2.2/4.3/4.3.1

NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document.

6.1
2017-04-20 CVE-2016-5761 Novell Cross-site Scripting vulnerability in Novell Groupwise

Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email.

6.1
2017-04-20 CVE-2016-5760 Novell Cross-site Scripting vulnerability in Novell Groupwise

Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allow remote attackers to inject arbitrary web script or HTML via the (1) token parameter to gwadmin-console/install/login.jsp or (2) PATH_INFO to gwadmin-console/index.jsp.

6.1
2017-04-20 CVE-2016-1161 Zohocorp Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Password Manager PRO

Cross-site request forgery (CSRF) vulnerability in ManageEngine Password Manager Pro before 8.5 (Build 8500).

6.0
2017-04-20 CVE-2017-6919 Drupal Access Bypass vulnerability in Drupal

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.

6.0
2017-04-23 CVE-2016-2564 Invisioncommunity Insufficient Entropy vulnerability in Invisioncommunity Invision Power Board

Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag.

5.9
2017-04-21 CVE-2016-4075 Opera Open Redirect vulnerability in Opera Browser and Opera Mini

Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related to the about:blank URL.

5.8
2017-04-20 CVE-2016-1213 Cybozu Open Redirect vulnerability in Cybozu Garoon

The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.

5.8
2017-04-19 CVE-2017-7976 Artifex Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.

5.8
2017-04-17 CVE-2017-7885 Artifex Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.

5.8
2017-04-20 CVE-2017-7718 Qemu
Debian
Out-of-bounds Read vulnerability in multiple products

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

5.5
2017-04-19 CVE-2016-5410 Firewalld
Redhat
Improper Authentication vulnerability in multiple products

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.

5.5
2017-04-21 CVE-2016-6519 Redhat
Openstack
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.

5.4
2017-04-18 CVE-2017-5653 Apache Improper Certificate Validation vulnerability in Apache CXF

JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers.

5.3
2017-04-23 CVE-2017-8078 TP Link Improper Authentication vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2

On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd).

5.0
2017-04-23 CVE-2017-8077 TP Link Use of Hard-coded Credentials vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt).

5.0
2017-04-23 CVE-2017-8075 TP Link Information Exposure Through Log Files vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext.

5.0
2017-04-23 CVE-2017-8074 TP Link Information Exposure Through Log Files vulnerability in Tp-Link Tl-Sg108E Firmware 1.1.2

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal.

5.0
2017-04-22 CVE-2017-8056 Watchguard XXE vulnerability in Watchguard Fireware 11.0.2/11.1

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent.

5.0
2017-04-22 CVE-2017-8055 Watchguard Information Exposure Through Discrepancy vulnerability in Watchguard Fireware 11.0.2/11.1

WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler.

5.0
2017-04-21 CVE-2016-9954 Irregex Project Resource Management Errors vulnerability in Irregex Project Irregex

The backtrack compilation code in the Irregex package (aka IrRegular Expressions) before 0.9.6 for Scheme allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression with a repeating pattern.

5.0
2017-04-21 CVE-2016-3702 Redhat Information Exposure vulnerability in Redhat Cloudforms Management Engine 5.0

Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.

5.0
2017-04-21 CVE-2016-1561 Exagrid Information Exposure vulnerability in Exagrid products

ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image.

5.0
2017-04-21 CVE-2017-8050 Tenable Unspecified vulnerability in Tenable Appliance

Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.

5.0
2017-04-21 CVE-2016-1557 Netgear Information Exposure vulnerability in Netgear products

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.

5.0
2017-04-21 CVE-2016-1556 Netgear Information Exposure vulnerability in Netgear products

Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.

5.0
2017-04-21 CVE-2016-10091 Unrtf Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unrtf Project Unrtf 0.21.9

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the (1) cmd_expand function, (2) cmd_emboss function, or (3) cmd_engrave function.

5.0
2017-04-20 CVE-2017-6613 Cisco Improper Input Validation vulnerability in Cisco Prime Network Registrar

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system.

5.0
2017-04-20 CVE-2016-6368 Cisco Resource Management Errors vulnerability in Cisco Firepower Management Center

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting.

5.0
2017-04-20 CVE-2016-3731 Moodle Information Exposure vulnerability in Moodle

Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions.

5.0
2017-04-20 CVE-2015-8285 Quickheal Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Quickheal Total Security 16.00

The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.

5.0
2017-04-20 CVE-2017-5158 Aveva Information Exposure vulnerability in Aveva Wonderware Intouch Access Anywhere 11.5.2

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior.

5.0
2017-04-20 CVE-2016-6337 Mediawiki Improper Access Control vulnerability in Mediawiki 1.27.0

MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass intended session access restrictions by leveraging a call to the UserGetRights function after Session::getAllowedUserRights.

5.0
2017-04-20 CVE-2016-6335 Mediawiki Information Exposure vulnerability in Mediawiki

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 does not generate head items in the context of a given title, which allows remote attackers to obtain sensitive information via a parse action to api.php.

5.0
2017-04-20 CVE-2016-6332 Mediawiki Information Exposure vulnerability in Mediawiki

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked.

5.0
2017-04-20 CVE-2016-6331 Mediawiki Improper Access Control vulnerability in Mediawiki

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php.

5.0
2017-04-20 CVE-2016-5409 Redhat Information Exposure vulnerability in Redhat Openshift 2.0

Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

5.0
2017-04-19 CVE-2017-7978 Samsung Information Exposure vulnerability in Samsung Mobile

Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot.

5.0
2017-04-19 CVE-2013-7463 Aescrypt Project Use of Insufficiently Random Values vulnerability in Aescrypt Project Aescrypt

The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.

5.0
2017-04-17 CVE-2017-7892 Capnproto Improper Input Validation vulnerability in Capnproto

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization.

5.0
2017-04-17 CVE-2016-3036 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Cognos Business Intelligence 10.1/10.2/10.2.2

IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets.

5.0
2017-04-17 CVE-2017-5659 Apache Improper Input Validation vulnerability in Apache Traffic Server

Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.

5.0
2017-04-17 CVE-2016-7551 Digium
Debian
Resource Management Errors vulnerability in multiple products

chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-cert3 allows remote attackers to cause a denial of service (port exhaustion).

5.0
2017-04-17 CVE-2016-0228 IBM Open Redirect vulnerability in IBM Marketing Platform 10.0

IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts.

4.9
2017-04-18 CVE-2016-10345 Phusion Permissions, Privileges, and Access Controls vulnerability in Phusion Passenger

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

4.6
2017-04-22 CVE-2017-8054 Podofo Project Infinite Loop vulnerability in Podofo Project Podofo 0.9.5

The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.

4.3
2017-04-22 CVE-2017-8053 Podofo Project Infinite Loop vulnerability in Podofo Project Podofo 0.9.5

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).

4.3
2017-04-22 CVE-2017-8052 Craftcms Cross-site Scripting vulnerability in Craftcms Craft CMS

Craft CMS before 2.6.2974 allows XSS attacks.

4.3
2017-04-21 CVE-2016-1519 Grandstream Improper Certificate Validation vulnerability in Grandstream Wave

The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate.

4.3
2017-04-21 CVE-2016-1221 Jetstar Improper Certificate Validation vulnerability in Jetstar

Jetstar App for iOS before 3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-04-21 CVE-2016-1210 THE Hyakugo Bank Improper Certificate Validation vulnerability in the Hyakugo Bank 105 Bank 1.0/1.1

The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-04-21 CVE-2016-1198 NTT Improper Certificate Validation vulnerability in NTT Photopt 1.0.0/1.1.0

Photopt for Android before 2.0.1 does not verify SSL certificates.

4.3
2017-04-21 CVE-2016-1187 Cybozu Information Exposure vulnerability in Cybozu Kunai

Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates.

4.3
2017-04-21 CVE-2016-1186 Cybozu Improper Certificate Validation vulnerability in Cybozu Kintone

Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.

4.3
2017-04-21 CVE-2017-7994 Podofo Project NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5

The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

4.3
2017-04-21 CVE-2017-7992 Heartland Payment Systems Cross-site Scripting vulnerability in Heartland Payment Systems Heartland-PHP

Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv parameter.

4.3
2017-04-21 CVE-2016-4841 Cybozu Improper Input Validation vulnerability in Cybozu Mailwise

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.

4.3
2017-04-21 CVE-2016-4840 Toshiba Improper Certificate Validation vulnerability in Toshiba Coordinate Plus 1.0.2

Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.

4.3
2017-04-21 CVE-2016-4832 Aeon Improper Certificate Validation vulnerability in Aeon Waon

WAON "Service Application" for Android 1.4.1 and earlier does not verify SSL certificates.

4.3
2017-04-21 CVE-2016-4830 Akindo Sushiro Improper Certificate Validation vulnerability in Akindo-Sushiro Sushiro

Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates.

4.3
2017-04-21 CVE-2016-4829 DMM Improper Certificate Validation vulnerability in DMM PPV Play Player

DMM Movie Player App for Android before 1.2.1, and DMM Movie Player App for iPhone/iPad before 2.1.3 does not verify SSL certificates.

4.3
2017-04-21 CVE-2016-1184 Tokyostarbank Improper Certificate Validation vulnerability in Tokyostarbank Tokyo Star Bank 1.3

Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates.

4.3
2017-04-21 CVE-2016-1148 Akerun
Photosynth
Improper Certificate Validation vulnerability in Photosynth Akerun 1.2.3

Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates.

4.3
2017-04-21 CVE-2017-7409 Paloaltonetworks Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os

Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.

4.3
2017-04-20 CVE-2017-6617 Cisco Improper Authentication vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)

A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system.

4.3
2017-04-20 CVE-2017-6611 Cisco Cross-site Scripting vulnerability in Cisco Prime Infrastructure 2.2(2)

A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

4.3
2017-04-20 CVE-2017-2806 Lexmark Out-of-bounds Read vulnerability in Lexmark Perceptive Document Filters 11.3.0.2228/11.3.0.2400

An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality.

4.3
2017-04-20 CVE-2016-7540 Imagemagick Data Processing Errors vulnerability in Imagemagick

coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.

4.3
2017-04-20 CVE-2016-7538 Imagemagick Out-of-bounds Write vulnerability in Imagemagick

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

4.3
2017-04-20 CVE-2016-7532 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

4.3
2017-04-20 CVE-2016-7514 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.

4.3
2017-04-20 CVE-2016-7513 Imagemagick Numeric Errors vulnerability in Imagemagick

Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.

4.3
2017-04-20 CVE-2016-5010 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.

4.3
2017-04-20 CVE-2016-4844 Cybozu Information Exposure vulnerability in Cybozu Mailwise

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.

4.3
2017-04-20 CVE-2016-4843 Cybozu Information Exposure vulnerability in Cybozu Mailwise

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.

4.3
2017-04-20 CVE-2016-4842 Cybozu Information Exposure vulnerability in Cybozu Mailwise

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read.

4.3
2017-04-20 CVE-2016-4818 DMM Improper Certificate Validation vulnerability in DMM products

DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and GAITAMEJAPAN FX Trade for Android 1.4.0 and earlier do not verify SSL certificates.

4.3
2017-04-20 CVE-2016-1217 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.

4.3
2017-04-20 CVE-2016-1216 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.

4.3
2017-04-20 CVE-2016-1215 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2.

4.3
2017-04-20 CVE-2016-1214 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2.

4.3
2017-04-20 CVE-2015-8958 Imagemagick Out-of-bounds Read vulnerability in Imagemagick

coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.

4.3
2017-04-20 CVE-2015-8957 Imagemagick Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick

Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

4.3
2017-04-20 CVE-2016-6347 Redhat Cross-site Scripting vulnerability in Redhat Resteasy

Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-04-20 CVE-2016-6334 Mediawiki Cross-site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links.

4.3
2017-04-20 CVE-2016-6333 Mediawiki Cross-site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in the CSS user subpage preview feature in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via the edit box in Special:MyPage/common.css.

4.3
2017-04-20 CVE-2016-4849 Geeklog Project Cross-site Scripting vulnerability in Geeklog Project Geeklog 2.1.1

Multiple cross-site scripting (XSS) vulnerabilities in Geeklog IVYWE edition 2.1.1 allow remote attackers to inject arbitrary web script or HTML by leveraging use of the COM_getCurrentURL function in (1) public_html/layout/default/header.thtml, (2) public_html/layout/bento/header.thtml, (3) public_html/layout/fotos/header.thtml, or (4) public_html/layout/default/article/article.thtml.

4.3
2017-04-20 CVE-2016-4847 Ossec Cross-site Scripting vulnerability in Ossec web UI

Cross-site scripting (XSS) vulnerability in site/search.php in OSSEC Web UI before 0.9 allows remote attackers to inject arbitrary web script or HTML by leveraging an unanchored regex.

4.3
2017-04-20 CVE-2017-7982 Libimobiledevice Integer Overflow or Wraparound vulnerability in Libimobiledevice Libplist

Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.

4.3
2017-04-19 CVE-2017-7962 Entropymine Divide By Zero vulnerability in Entropymine Imageworsener 1.3.0

The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

4.3
2017-04-19 CVE-2017-7960 Gnome Out-of-bounds Read vulnerability in Gnome Libcroco 0.6.11/0.6.12

The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.

4.3
2017-04-19 CVE-2016-7531 Imagemagick Out-of-bounds Write vulnerability in Imagemagick

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.

4.3
2017-04-19 CVE-2014-9907 Imagemagick Improper Input Validation vulnerability in Imagemagick

coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.

4.3
2017-04-18 CVE-2017-7946 Radare Use After Free vulnerability in Radare Radare2 1.3.0

The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.

4.3
2017-04-18 CVE-2017-7943 Imagemagick
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

4.3
2017-04-18 CVE-2017-7942 Imagemagick Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.54

The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

4.3
2017-04-18 CVE-2017-7941 Imagemagick
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.

4.3
2017-04-18 CVE-2017-7940 Entropymine Resource Exhaustion vulnerability in Entropymine Imageworsener 1.3.0

The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

4.3
2017-04-18 CVE-2017-7939 Entropymine Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.0

The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file.

4.3
2017-04-18 CVE-2017-7897 Mantisbt Cross-site Scripting vulnerability in Mantisbt 2.3.0/2.3.1

A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x before 2.3.2) Timeline include page, used in My View (my_view_page.php) and User Information (view_user_page.php) pages, allows remote attackers to inject arbitrary code (if CSP settings permit it) through crafted PATH_INFO in a URL, due to use of unsanitized $_SERVER['PHP_SELF'] to generate URLs.

4.3
2017-04-18 CVE-2017-7896 Trendmicro Cross-site Scripting vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS.

4.3
2017-04-17 CVE-2015-8256 Axis Cross-site Scripting vulnerability in Axis Network Camera Firmware

Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.

4.3
2017-04-17 CVE-2016-4869 Cybozu Information Exposure vulnerability in Cybozu Office

Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed.

4.3
2017-04-17 CVE-2016-4868 Cybozu Improper Input Validation vulnerability in Cybozu Office

Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.

4.3
2017-04-17 CVE-2017-7891 Sourcebans PP Project Cross-site Scripting vulnerability in Sourcebans-Pp Project Sourcebans-Pp 1.5.4.7

sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.

4.3
2017-04-21 CVE-2016-1194 Cybozu Resource Management Errors vulnerability in Cybozu Garoon 4.2.0

Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service.

4.0
2017-04-20 CVE-2017-3793 Cisco Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition.

4.0
2017-04-20 CVE-2016-9978 IBM Information Exposure vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information.

4.0
2017-04-20 CVE-2016-8923 IBM Information Exposure vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that they should not have access to.

4.0
2017-04-20 CVE-2016-3733 Moodle Improper Access Control vulnerability in Moodle

The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.

4.0
2017-04-20 CVE-2016-3732 Moodle Information Exposure vulnerability in Moodle

The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.

4.0
2017-04-20 CVE-2016-3729 Moodle Improper Access Control vulnerability in Moodle

The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator.

4.0
2017-04-20 CVE-2016-1220 Cybozu Improper Access Control vulnerability in Cybozu Garoon

Cybozu Garoon before 4.2.2 does not properly restrict access.

4.0
2017-04-20 CVE-2016-6336 Mediawiki Improper Access Control vulnerability in Mediawiki

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete.

4.0
2017-04-17 CVE-2016-4873 Cybozu Permission Issues vulnerability in Cybozu Office

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function.

4.0
2017-04-17 CVE-2016-4872 Cybozu Information Exposure vulnerability in Cybozu Office

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restrictions to view the names of unauthorized projects via a breadcrumb trail.

4.0
2017-04-17 CVE-2016-4867 Cybozu Information Exposure vulnerability in Cybozu Office

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function.

4.0

15 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-04-20 CVE-2017-6618 Cisco Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)

A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.

3.5
2017-04-20 CVE-2016-9980 IBM Cross-site Scripting vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.

3.5
2017-04-20 CVE-2016-9979 IBM Cross-site Scripting vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.

3.5
2017-04-20 CVE-2017-5160 Aveva Inadequate Encryption Strength vulnerability in Aveva Wonderware Intouch Access Anywhere 11.5.2

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior.

3.5
2017-04-17 CVE-2017-1160 IBM Cross-site Scripting vulnerability in IBM Financial Transaction Manager

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting.

3.5
2017-04-17 CVE-2016-3038 IBM Cross-site Scripting vulnerability in IBM Cognos Business Intelligence 10.1/10.2/10.2.2

IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting.

3.5
2017-04-17 CVE-2016-3037 IBM Information Exposure vulnerability in IBM Cognos Business Intelligence 10.1/10.2/10.2.2

IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key.

3.5
2017-04-17 CVE-2016-4874 Cybozu Improper Access Control vulnerability in Cybozu Office

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack.

3.5
2017-04-17 CVE-2016-4870 Cybozu Cross-site Scripting vulnerability in Cybozu Office

Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function.

3.5
2017-04-17 CVE-2016-4866 Cybozu Cross-site Scripting vulnerability in Cybozu Office

Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function.

3.5
2017-04-17 CVE-2016-4865 Cybozu Cross-site Scripting vulnerability in Cybozu Office

Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function.

3.5
2017-04-20 CVE-2017-5190 Netiq Information Exposure vulnerability in Netiq Access Manager 4.1/4.2/4.3

NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.

3.1
2017-04-23 CVE-2017-8071 Linux Improper Resource Shutdown or Release vulnerability in Linux Kernel

drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.

2.1
2017-04-20 CVE-2016-6341 Ovirt Information Exposure vulnerability in Ovirt

oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.

2.1
2017-04-19 CVE-2017-7849 Tenable Incorrect Permission Assignment for Critical Resource vulnerability in Tenable Nessus

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode.

2.1