Weekly Vulnerabilities Reports > May 1 to 7, 2017

Overview

154 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 26 high severity vulnerabilities. This weekly summary report vulnerabilities in 305 products from 92 vendors including Accellion, GNU, IBM, Openssl, and Cisco. Vulnerabilities are notably categorized as "Improper Certificate Validation", "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Out-of-bounds Read".

  • 144 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 62 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 135 reported vulnerabilities are exploitable by an anonymous user.
  • Accellion has the most reported vulnerabilities, with 12 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-04 CVE-2017-8768 Atlassian OS Command Injection vulnerability in Atlassian Sourcetree

Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme.

10.0
2017-05-02 CVE-2017-5689 Intel Privilege Escalation vulnerability in Multiple Intel Products

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).

10.0
2017-05-02 CVE-2017-0331 Google
Linux
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

9.3
2017-05-02 CVE-2015-9004 Linux
Google
Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

9.3
2017-05-05 CVE-2016-9691 IBM XXE vulnerability in IBM Websphere Cast Iron Solution

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.

9.0
2017-05-02 CVE-2015-8257 Axis Command Injection vulnerability in Axis Network Camera Firmware

The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.

9.0
2017-05-01 CVE-2016-8649 Linuxcontainers Permissions, Privileges, and Access Controls vulnerability in Linuxcontainers LXC

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.

9.0

26 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-01 CVE-2017-8403 360Fly Improper Authentication vulnerability in 360Fly 4K Camera Firmware 2.1.4

360fly 4K cameras allow unauthenticated Wi-Fi password changes and complete access with REST by using the Bluetooth Low Energy pairing procedure, which is available at any time and does not require a password.

8.3
2017-05-07 CVE-2017-8804 GNU Deserialization of Untrusted Data vulnerability in GNU Glibc 2.25

** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779.

7.8
2017-05-05 CVE-2016-9692 IBM Improper Input Validation vulnerability in IBM Websphere Cast Iron Solution

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input.

7.8
2017-05-04 CVE-2017-8779 Rpcbind Project
Libtirpc Project
Ntirpc Project
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.

7.8
2017-05-02 CVE-2014-9940 Linux
Google
Use After Free vulnerability in Linux Kernel

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

7.6
2017-05-06 CVE-2017-7927 Dahuasecurity Use of Hard-coded Credentials vulnerability in Dahuasecurity products

A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices.

7.5
2017-05-06 CVE-2017-7921 Hikvision Improper Authentication vulnerability in Hikvision products

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices.

7.5
2017-05-06 CVE-2017-7909 Advantech B B Smartworx Improper Authentication vulnerability in Advantech B+B Smartworx Mesr901 Firmware

A Use of Client-Side Authentication issue was discovered in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior.

7.5
2017-05-05 CVE-2017-8799 Irods OS Command Injection vulnerability in Irods 4.1.10/4.2.0

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames.

7.5
2017-05-05 CVE-2017-8796 Accellion SQL Injection vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

7.5
2017-05-05 CVE-2017-8790 Accellion LDAP Injection vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

7.5
2017-05-05 CVE-2017-8789 Accellion SQL Injection vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

7.5
2017-05-05 CVE-2017-8303 Accellion Improper Encoding or Escaping of Output vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

7.5
2017-05-05 CVE-2017-8786 Pcre Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Pcre2 10.23

pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.

7.5
2017-05-04 CVE-2017-8775 Quickheal Out-of-bounds Write vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.

7.5
2017-05-04 CVE-2017-8774 Quickheal Out-of-bounds Write vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.

7.5
2017-05-04 CVE-2017-8773 Quickheal Out-of-bounds Write vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED.

7.5
2017-05-03 CVE-2017-7432 Novell
Netiq
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.
7.5
2017-05-02 CVE-2017-7476 Gnulib Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnulib

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable.

7.5
2017-05-02 CVE-2017-6551 Pexip Improper Input Validation vulnerability in Pexip Infinity 7.0

Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes.

7.5
2017-05-02 CVE-2016-10243 Debian
Fedoraproject
TUG
Improper Input Validation vulnerability in multiple products

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

7.5
2017-05-01 CVE-2017-8399 Pcre Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Pcre2

PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures."

7.5
2017-05-01 CVE-2017-8378 Podofo Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.5

Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size.

7.5
2017-05-06 CVE-2017-6024 Rockwellautomation Resource Exhaustion vulnerability in Rockwellautomation products

A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011.

7.1
2017-05-04 CVE-2017-8765 Imagemagick Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55

The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.

7.1
2017-05-02 CVE-2017-8421 GNU Missing Release of Resource after Effective Lifetime vulnerability in GNU Binutils 2.28

The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file.

7.1

108 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-06 CVE-2017-6031 Certec EDV Gmbh Injection vulnerability in Certec EDV Gmbh Atvise Scada

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0.

6.8
2017-05-05 CVE-2017-1156 IBM Open Redirect vulnerability in IBM Websphere Portal 8.5/9.0

IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

6.8
2017-05-05 CVE-2017-8793 Accellion Origin Validation Error vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

6.8
2017-05-05 CVE-2017-8787 Podofo Project Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5

The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.

6.8
2017-05-03 CVE-2016-9976 IBM Improper Access Control vulnerability in IBM products

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files.

6.8
2017-05-03 CVE-2017-5236 Rapid7 Untrusted Search Path vulnerability in Rapid7 Appspider PRO

Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.

6.8
2017-05-03 CVE-2017-8455 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

6.8
2017-05-03 CVE-2017-8454 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

6.8
2017-05-03 CVE-2017-8453 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

6.8
2017-05-03 CVE-2017-7431 Novell
Netiq
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.

6.8
2017-05-02 CVE-2017-8419 Lame Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lame Project Lame 3.99.5

LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as demonstrated by mishandling of num_channels.

6.8
2017-05-01 CVE-2017-8400 Swftools Out-of-bounds Write vulnerability in Swftools

In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755.

6.8
2017-05-01 CVE-2017-8373 Underbit Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Underbit MAD Libmad 0.15.1B

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

6.8
2017-05-06 CVE-2017-7911 Cybervision Code Injection vulnerability in Cybervision KAA IOT Platform 0.7.4

A Code Injection issue was discovered in CyberVision Kaa IoT Platform, Version 0.7.4.

6.5
2017-05-05 CVE-2017-8080 Atlassian Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian Hipchat Server

Atlassian Hipchat Server before 2.2.4 allows remote authenticated users with user level privileges to execute arbitrary code via vectors involving image uploads.

6.5
2017-05-05 CVE-2017-6557 Xirrus SQL Injection vulnerability in Xirrus Arrayos

SQL injection vulnerability in ArrayOS before AG 9.4.0.135, when the portal bookmark function is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2017-05-01 CVE-2017-6565 Franklinfueling Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service.

6.5
2017-05-01 CVE-2017-8377 Genixcms SQL Injection vulnerability in Genixcms 1.0.2

GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter.

6.5
2017-05-05 CVE-2017-8794 Accellion Server-Side Request Forgery (SSRF) vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

6.4
2017-05-03 CVE-2017-7229 Vaultive Inadequate Encryption Strength vulnerability in Vaultive Office 365 Security 4.5.19

PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21) frontend via IMAP or SMTP have their Content-Type changed from 'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="abc123abc123"' to 'Content-Type: text/plain' - this results in the encrypted message being structured in such a way that most PGP/MIME-capable mail user agents are unable to decrypt it cleanly.

6.4
2017-05-01 CVE-2017-6520 Bose Channel and Path Errors vulnerability in Bose Soundtouch 30

The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.

6.4
2017-05-01 CVE-2017-6519 Avahi
Canonical
Origin Validation Error vulnerability in multiple products

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets.

6.4
2017-05-03 CVE-2016-10368 Opsview Open Redirect vulnerability in Opsview

Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the /login URI.

5.8
2017-05-03 CVE-2015-9058 Proxmox Open Redirect vulnerability in Proxmox Mail Gateway

Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.

5.8
2017-05-06 CVE-2017-7929 Advantech Path Traversal vulnerability in Advantech Webaccess

An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior.

5.5
2017-05-03 CVE-2017-6625 Cisco Unspecified vulnerability in Cisco Firepower Threat Defense

A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.

5.5
2017-05-06 CVE-2017-7925 Dahuasecurity Insufficiently Protected Credentials vulnerability in Dahuasecurity products

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices.

5.0
2017-05-04 CVE-2017-3733 Openssl
HP
Improper Input Validation vulnerability in multiple products

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite).

5.0
2017-05-04 CVE-2017-3731 Openssl Out-of-bounds Read vulnerability in Openssl

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash.

5.0
2017-05-04 CVE-2017-3730 Openssl
Oracle
NULL Pointer Dereference vulnerability in multiple products

In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash.

5.0
2017-05-04 CVE-2016-7054 Openssl Improper Access Control vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B

In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads.

5.0
2017-05-04 CVE-2016-7053 Openssl NULL Pointer Dereference vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference.

5.0
2017-05-04 CVE-2017-8776 Quickheal Unspecified vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.

5.0
2017-05-03 CVE-2017-6629 Cisco Path Traversal vulnerability in Cisco Unity Connection 10.5(2)

A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device.

5.0
2017-05-03 CVE-2017-6626 Cisco Information Exposure vulnerability in Cisco Unified Contact Center Enterprise 11.5(1)/11.6(1)

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop.

5.0
2017-05-03 CVE-2017-6624 Cisco Improper Authentication vulnerability in Cisco IOS 15.5(3)M

A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls.

5.0
2017-05-03 CVE-2017-6620 Cisco Improper Input Validation vulnerability in Cisco Small Business RV Series Router Firmware 1.0.1.19

A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL.

5.0
2017-05-03 CVE-2016-2930 IBM Improper Access Control vulnerability in IBM Bigfix Remote Control 9.1.3

IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication.

5.0
2017-05-03 CVE-2017-5240 Rapid7 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rapid7 Appspider PRO

Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component.

5.0
2017-05-03 CVE-2016-10367 Opsview Path Traversal vulnerability in Opsview

In Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch), an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple URL encoding bypass, %252f instead of /.

5.0
2017-05-03 CVE-2017-7428 Netiq Improper Input Validation vulnerability in Netiq Imanager

NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.

5.0
2017-05-02 CVE-2017-7483 Rxvt Project Out-of-bounds Read vulnerability in Rxvt Project Rxvt

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read.

5.0
2017-05-02 CVE-2016-5063 BMC Improper Authorization vulnerability in BMC Server Automation

The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors.

5.0
2017-05-02 CVE-2016-5006 Pivotal Software Information Exposure vulnerability in Pivotal Software Cloud Foundry and Cloud Foundry Elastic Runtime

The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors.

5.0
2017-05-02 CVE-2016-4442 Miniprofiler Information Exposure vulnerability in Miniprofiler Rack-Mini-Profiler

The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.

5.0
2017-05-01 CVE-2017-8398 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28

dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary.

5.0
2017-05-01 CVE-2017-8397 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses.

5.0
2017-05-01 CVE-2017-8396 GNU Improper Input Validation vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field.

5.0
2017-05-01 CVE-2017-8395 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function.

5.0
2017-05-01 CVE-2017-8394 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section.

5.0
2017-05-01 CVE-2017-8393 GNU Out-of-bounds Read vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix.

5.0
2017-05-01 CVE-2017-8392 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function.

5.0
2017-05-01 CVE-2017-8388 Genixcms Unspecified vulnerability in Genixcms 1.0.2

GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSG_USER_EMAIL_EXIST protection mechanism via a register.php?act=edit&id=1 request.

5.0
2017-05-01 CVE-2017-6128 F5 Denial of Service vulnerability in Multiple F5 BIG-IP Products

An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

5.0
2017-05-01 CVE-2017-8385 Craftcms Weak Password Recovery Mechanism for Forgotten Password vulnerability in Craftcms Craft CMS

Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message.

5.0
2017-05-01 CVE-2017-8383 Craftcms Unspecified vulnerability in Craftcms Craft CMS

Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.

5.0
2017-05-02 CVE-2017-8112 Qemu
Debian
Infinite Loop vulnerability in multiple products

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

4.9
2017-05-02 CVE-2017-8086 Qemu
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

4.9
2017-05-04 CVE-2017-4983 Dell Unspecified vulnerability in Dell EMC Data Domain OS

EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before 6.0.1.0 is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system.

4.6
2017-05-05 CVE-2017-8801 Trendmicro Cross-site Scripting vulnerability in Trendmicro Officescan 11.0/12.0

Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.

4.3
2017-05-05 CVE-2016-0255 IBM Cross-site Scripting vulnerability in IBM Marketing Platform

IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input.

4.3
2017-05-05 CVE-2017-8795 Accellion Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8792 Accellion Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8791 Accellion CRLF Injection vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8788 Accellion CRLF Injection vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8760 Accellion Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8304 Accellion Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540

An issue was discovered on Accellion FTA devices before FTA_9_12_180.

4.3
2017-05-05 CVE-2017-8060 Watchguard Improper Certificate Validation vulnerability in Watchguard Panda Mobile Security 1.1

Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.

4.3
2017-05-05 CVE-2017-8059 Foxitsoftware Improper Certificate Validation vulnerability in Foxitsoftware Foxit PDF 5.2.1/5.3.2

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in.

4.3
2017-05-05 CVE-2017-8058 Atlassian Improper Certificate Validation vulnerability in Atlassian Hipchat 3.16.1

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.

4.3
2017-05-05 CVE-2017-5919 21St Century Insurance Improper Certificate Validation vulnerability in 21St Century Insurance 21St Century Insurance

The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5918 Banco DE Costa Rica Improper Certificate Validation vulnerability in Banco DE Costa Rica BCR Movil 3.7

The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5916 America S First Federal Credit Union Improper Certificate Validation vulnerability in America'S First Federal Credit Union America'S First FCU Mobile Banking

The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5915 Emirates NBD Bank P J S C Improper Certificate Validation vulnerability in Emirates NBD Bank P.J.S.C Emirates NBD and Emirates NBD KSA

The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5914 Dotit Corp Improper Certificate Validation vulnerability in Dotit-Corp Banque Zitouna 2.1

The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5913 Forex Improper Certificate Validation vulnerability in Forex Tradeking Forex 1.2.1

The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5912 Forex Improper Certificate Validation vulnerability in Forex Forextrader 2.9.12/2.9.13/2.9.14

The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5911 Banco Santander Mexico SA Improper Certificate Validation vulnerability in Banco Santander Mexico SA Supermovil 3.5/3.6/3.7

The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5909 Electronic Funds Source LLC Improper Certificate Validation vulnerability in Electronic Funds Source LLC EFS Mobile Driver Source 2.5

The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5907 Great Southern Bank Improper Certificate Validation vulnerability in Great Southern Bank Great Southern Mobile Banking

The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5906 Everyday Health INC Improper Certificate Validation vulnerability in Check: Blood Glucose & Carb Tracker 3.4.2

The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5905 Dollar Bank Improper Certificate Validation vulnerability in Dollar Bank Dollar Bank Mobile 2.6.3

The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5902 Payquicker Improper Certificate Validation vulnerability in Payquicker Mypayquicker 1.0.0

The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-5901 State Bank OF India Improper Certificate Validation vulnerability in State Bank of India State Bank Anywhere 5.1.0

The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-3213 Think Mutual Bank Improper Certificate Validation vulnerability in Think Mutual Bank Think Mutual Bank Mobile Banking APP 3.1.5

The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-05 CVE-2017-3212 Space Coast Credit Union
Sccu
Improper Certificate Validation vulnerability in Sccu Space Coast Credit Union

The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-05-04 CVE-2017-3732 Openssl Information Exposure vulnerability in Openssl

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d.

4.3
2017-05-04 CVE-2017-8778 Gitlab Cross-site Scripting vulnerability in Gitlab

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.

4.3
2017-05-04 CVE-2017-8295 Wordpress Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wordpress

WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server.

4.3
2017-05-04 CVE-2017-8763 Telaxius Cross-site Scripting vulnerability in Telaxius Epesi

Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URI that lacks the cid parameter.

4.3
2017-05-03 CVE-2017-6628 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco Wide Area Application Services 6.2.1/6.2.1A/6.2.3A

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts.

4.3
2017-05-03 CVE-2017-8459 Brave Unspecified vulnerability in Brave 0.12.4

** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way.

4.3
2017-05-03 CVE-2017-8458 Brave Injection vulnerability in Brave 0.12.4

Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site.

4.3
2017-05-03 CVE-2015-9057 Proxmox Cross-site Scripting vulnerability in Proxmox Mail Gateway

Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm.

4.3
2017-05-03 CVE-2017-7430 Novell
Netiq
Cross-site Scripting vulnerability in multiple products

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.

4.3
2017-05-02 CVE-2017-7440 Kerio Improper Input Validation vulnerability in Kerio products

Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message.

4.3
2017-05-02 CVE-2016-4467 Apache Improper Certificate Validation vulnerability in Apache Qpid Proton

The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChannel-based security layer, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.

4.3
2017-05-01 CVE-2017-8401 Swftools Out-of-bounds Read vulnerability in Swftools

In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724.

4.3
2017-05-01 CVE-2017-5631 KMC Information Systems Cross-site Scripting vulnerability in KMC Information Systems Caseaware

An issue was discovered in KMCIS CaseAware.

4.3
2017-05-01 CVE-2017-8384 Craftcms Cross-site Scripting vulnerability in Craftcms Craft CMS

Craft CMS before 2.6.2976 allows XSS attacks because an array returned by HttpRequestService::getSegments() and getActionSegments() need not be zero-based.

4.3
2017-05-01 CVE-2017-8374 Underbit Out-of-bounds Read vulnerability in Underbit MAD Libmad 0.15.1B

The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

4.3
2017-05-01 CVE-2016-10350 Libarchive Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libarchive 3.2.2

The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-05-01 CVE-2016-10349 Libarchive Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libarchive 3.2.2

The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-05-06 CVE-2017-7923 Hikvision Information Exposure vulnerability in Hikvision products

A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices.

4.0
2017-05-03 CVE-2017-5481 Trendmicro Information Exposure vulnerability in Trendmicro Officescan 11.0/12.0

Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.

4.0
2017-05-02 CVE-2017-7216 Paloaltonetworks Information Exposure vulnerability in Paloaltonetworks Pan-Os

The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.

4.0
2017-05-02 CVE-2016-5810 Advantech Information Exposure vulnerability in Advantech Webaccess

upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors.

4.0
2017-05-01 CVE-2017-6564 Franklinfueling Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory.

4.0

13 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-06 CVE-2017-6029 Certec EDV Gmbh Cross-site Scripting vulnerability in Certec EDV Gmbh Atvise Scada

A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0.

3.5
2017-05-04 CVE-2017-8780 Genixcms Cross-site Scripting vulnerability in Genixcms 1.0.2

GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during a publish operation by an administrator, as demonstrated by a malformed P element.

3.5
2017-05-03 CVE-2017-8762 Genixcms Cross-site Scripting vulnerability in Genixcms 1.0.2

GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a page, as demonstrated by a crafted oncut attribute in a B element.

3.5
2017-05-01 CVE-2017-8376 Genixcms Cross-site Scripting vulnerability in Genixcms 1.0.2

GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator.

3.5
2017-05-05 CVE-2016-6877 Citrix Improper Input Validation vulnerability in Citrix Xenmobile Server

** DISPUTED ** Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page.

2.6
2017-05-04 CVE-2016-7055 Openssl Key Management Errors vulnerability in Openssl

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits.

2.6
2017-05-01 CVE-2017-8372 Underbit Reachable Assertion vulnerability in Underbit MAD Libmad 0.15.1B

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted audio file.

2.6
2017-05-06 CVE-2017-8391 CA
Linux
Microsoft
Incorrect Permission Assignment for Critical Resource vulnerability in CA Client Automation R12.9/R14.0

The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.

2.1
2017-05-05 CVE-2016-8916 IBM Information Exposure vulnerability in IBM Tivoli Storage Manager

IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued.

2.1
2017-05-03 CVE-2016-0382 IBM Information Exposure vulnerability in IBM Tealeaf Consumer Experience

The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS.

2.1
2017-05-02 CVE-2017-8418 Rubocop Project Exposure of Resource to Wrong Sphere vulnerability in Rubocop Project Rubocop

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.

2.1
2017-05-01 CVE-2016-10351 Telegram Desktop Information Exposure vulnerability in Telegram Desktop Telegram Desktop 0.10.19

Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows local users to obtain sensitive authentication information via standard filesystem operations.

2.1
2017-05-03 CVE-2017-7995 XEN
Suse
Novell
Information Exposure vulnerability in multiple products

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure.

1.7