Weekly Vulnerabilities Reports > May 8 to 14, 2017

Overview

300 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 167 high severity vulnerabilities. This weekly summary report vulnerabilities in 281 products from 75 vendors including Microsoft, Linux, Google, Nvidia, and Basercms. Vulnerabilities are notably categorized as "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", and "Permissions, Privileges, and Access Controls".

  • 149 reported vulnerabilities are remotely exploitables.
  • 34 reported vulnerabilities have public exploit available.
  • 47 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 225 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 59 reported vulnerabilities.
  • Veritas has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-12 CVE-2017-8923 PHP Out-of-bounds Write vulnerability in PHP

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

9.8
2017-05-12 CVE-2016-10329 Synology Command Injection vulnerability in Synology Photo Station

Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.

9.8
2017-05-12 CVE-2017-7474 Keycloak Unspecified vulnerability in Keycloak Keycloak-Nodejs-Auth-Utils

It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly.

9.8
2017-05-12 CVE-2017-8911 Tnef Project Integer Underflow (Wrap or Wraparound) vulnerability in Tnef Project Tnef 1.4.14

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14.

9.8
2017-05-11 CVE-2017-8898 Invisioncommunity Cross-site Scripting vulnerability in Invisioncommunity Invision Power Board

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin.

9.8
2017-05-11 CVE-2017-8798 Miniupnp Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

9.8
2017-05-11 CVE-2017-5461 Mozilla Out-of-bounds Write vulnerability in Mozilla Network Security Services

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

9.8
2017-05-10 CVE-2017-8895 Veritas Use After Free vulnerability in Veritas Backup Exec

In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution.

9.8
2017-05-10 CVE-2017-7888 Dolibarr Inadequate Encryption Strength vulnerability in Dolibarr Erp/Crm 4.0.4

Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.

9.8
2017-05-10 CVE-2017-7886 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm 4.0.4

Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.

9.8
2017-05-09 CVE-2017-8859 Veritas Unspecified vulnerability in Veritas Netbackup Appliance

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.

9.8
2017-05-09 CVE-2017-8858 Veritas Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.

9.8
2017-05-09 CVE-2017-8857 Veritas Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.

9.8
2017-05-09 CVE-2017-8856 Veritas Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.

9.8
2017-05-08 CVE-2017-4982 EMC Improper Privilege Management vulnerability in EMC Mainframe Enablers Resourcepak Base 7.6.0/8.0.0/8.1.0

EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system.

9.8
2017-05-10 CVE-2017-8872 Xmlsoft Out-of-bounds Read vulnerability in Xmlsoft Libxml2 2.9.4

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.

9.1
2017-05-08 CVE-2017-8827 Genixcms Improper Authentication vulnerability in Genixcms 1.0.2

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.

9.1

167 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-14 CVE-2017-8930 Simpleinvoices Cross-Site Request Forgery (CSRF) vulnerability in Simpleinvoices Simple Invoices 2013.1

Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can (1) create new administrator user accounts and take over the entire application, (2) create regular user accounts, or (3) change configuration parameters such as tax rates and the enable/disable status of PayPal payment modules.

8.8
2017-05-14 CVE-2017-8928 Mailcow Cross-Site Request Forgery (CSRF) vulnerability in Mailcow Mailcow: Dockerized 0.14

mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.

8.8
2017-05-12 CVE-2016-4887 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4886 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4885 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4884 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4882 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4881 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4879 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4878 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2017-05-12 CVE-2016-4876 Basercms Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10

Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors.

8.8
2017-05-12 CVE-2017-0222 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226.

8.8
2017-05-11 CVE-2017-8905 XEN Incorrect Calculation vulnerability in XEN

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.

8.8
2017-05-11 CVE-2017-8904 XEN Unspecified vulnerability in XEN 4.8.0/4.8.1

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.

8.8
2017-05-11 CVE-2017-8903 XEN Unspecified vulnerability in XEN 4.8.0/4.8.1

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.

8.8
2017-05-11 CVE-2016-9092 Symantec Cross-Site Request Forgery (CSRF) vulnerability in Symantec Content Analysis and Mail Threat Defense

The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability.

8.8
2017-05-10 CVE-2017-4895 Vmware Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection.

8.8
2017-05-10 CVE-2016-5889 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Interact

IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

8.8
2017-05-10 CVE-2017-8874 Acquia Cross-Site Request Forgery (CSRF) vulnerability in Acquia Mautic 1.4.1

Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.

8.8
2017-05-10 CVE-2017-5891 Asus Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266

ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.

8.8
2017-05-09 CVE-2017-3074 Adobe
Redhat
Out-of-bounds Write vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class.

8.8
2017-05-09 CVE-2017-3073 Adobe
Redhat
Use After Free vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption.

8.8
2017-05-09 CVE-2017-3072 Adobe
Redhat
Out-of-bounds Write vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class.

8.8
2017-05-09 CVE-2017-3071 Adobe
Redhat
Use After Free vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects.

8.8
2017-05-09 CVE-2017-3070 Adobe
Redhat
Out-of-bounds Write vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class.

8.8
2017-05-09 CVE-2017-3069 Adobe
Redhat
Out-of-bounds Write vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class.

8.8
2017-05-09 CVE-2017-3068 Adobe
Redhat
Out-of-bounds Write vulnerability in multiple products

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine.

8.8
2017-05-09 CVE-2016-9251 F5 Permissions, Privileges, and Access Controls vulnerability in F5 products

In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.

8.8
2017-05-08 CVE-2016-8202 Broadcom Permissions, Privileges, and Access Controls vulnerability in Broadcom Fabric Operating System

A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface.

8.8
2017-05-12 CVE-2017-0233 Microsoft Unspecified vulnerability in Microsoft Edge

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241.

8.3
2017-05-12 CVE-2017-0272 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability".

8.1
2017-05-11 CVE-2017-8899 Invisioncommunity Information Exposure vulnerability in Invisioncommunity Invision Power Board

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP.

8.1
2017-05-10 CVE-2017-1137 IBM Unspecified vulnerability in IBM Websphere Application Server 8.0/8.5/8.5.5

IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security.

8.1
2017-05-10 CVE-2017-1103 IBM XXE vulnerability in IBM Rational Quality Manager and Rational Team Concert

IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.

8.1
2017-05-14 CVE-2017-7487 Linux
Debian
Use After Free vulnerability in multiple products

The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.

7.8
2017-05-12 CVE-2017-8246 Google Use After Free vulnerability in Google Android

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data.

7.8
2017-05-12 CVE-2017-8245 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

7.8
2017-05-12 CVE-2017-2167 Softbank Untrusted Search Path vulnerability in Softbank Primedrive Desktop Application 1.4.3/1.4.4

Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.

7.8
2017-05-12 CVE-2016-4838 Moneyforward Improper Input Validation vulnerability in Moneyforward products

The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc.

7.8
2017-05-12 CVE-2017-0604 Google Always-Incorrect Control Flow Implementation vulnerability in Google Android

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.8
2017-05-12 CVE-2017-0597 Google Integer Overflow or Wraparound vulnerability in Google Android

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

7.8
2017-05-12 CVE-2017-0596 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

7.8
2017-05-12 CVE-2017-0595 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

7.8
2017-05-12 CVE-2017-0594 Google Classic Buffer Overflow vulnerability in Google Android

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

7.8
2017-05-12 CVE-2017-0593 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions.

7.8
2017-05-12 CVE-2017-0592 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2017-0591 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2017-0590 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2017-0589 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2017-0588 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2017-0587 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

7.8
2017-05-12 CVE-2016-10277 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader.

7.8
2017-05-12 CVE-2016-10276 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.8
2017-05-12 CVE-2016-10275 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.8
2017-05-12 CVE-2016-10274 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.8
2017-05-12 CVE-2017-0281 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Server 2010 SP2, Word 2016, and Skype for Business 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability".

7.8
2017-05-12 CVE-2017-0265 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Powerpoint for mac 2011

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

7.8
2017-05-12 CVE-2017-0264 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Powerpoint for mac 2011

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

7.8
2017-05-12 CVE-2017-0263 Microsoft Use After Free vulnerability in Microsoft products

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

7.8
2017-05-12 CVE-2017-0262 Microsoft Unspecified vulnerability in Microsoft Office 2010/2013/2016

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability".

7.8
2017-05-12 CVE-2017-0261 Microsoft Use After Free vulnerability in Microsoft Office 2010/2013/2016

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability".

7.8
2017-05-12 CVE-2017-0254 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Office Word Viewer, SharePoint Enterprise Server 2016, and Word 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

7.8
2017-05-12 CVE-2017-0077 Microsoft Unspecified vulnerability in Microsoft products

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain information, or in Windows 7 and later, cause denial of service, aka "Win32k Information Disclosure Vulnerability."

7.8
2017-05-11 CVE-2016-9100 Broadcom Credentials Management vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability.

7.8
2017-05-10 CVE-2017-8852 SAP Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Sapcar 721.510

SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability.

7.8
2017-05-10 CVE-2017-8890 Linux
Debian
Double Free vulnerability in multiple products

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

7.8
2017-05-10 CVE-2017-7698 Swftools Use After Free vulnerability in Swftools

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.

7.8
2017-05-09 CVE-2017-0352 Nvidia Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia GPU Driver

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges

7.8
2017-05-09 CVE-2017-0351 Nvidia NULL Pointer Dereference vulnerability in Nvidia GPU Driver

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0350 Nvidia Improper Input Validation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0349 Nvidia NULL Pointer Dereference vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0348 Nvidia NULL Pointer Dereference vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0347 Nvidia Improper Validation of Array Index vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0346 Nvidia Improper Input Validation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0345 Nvidia Improper Validation of Array Index vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to denial of service or potential escalation of privileges

7.8
2017-05-09 CVE-2017-0344 Nvidia Unspecified vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape may allow users to gain access to arbitrary physical memory, leading to escalation of privileges.

7.8
2017-05-09 CVE-2017-0342 Nvidia Incorrect Calculation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-0341 Nvidia NULL Pointer Dereference vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to denial of service or potential escalation of privileges.

7.8
2017-05-09 CVE-2017-8854 Wolfssl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wolfssl

wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.

7.8
2017-05-09 CVE-2017-0290 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability."

7.8
2017-05-08 CVE-2016-10369 Lxterminal Project Improper Access Control vulnerability in Lxterminal Project Lxterminal 0.3.0

unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

7.8
2017-05-08 CVE-2017-6953 Gemalto Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gemalto Smartdiag Diagnosis Tool 2.5

Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow with SEH Overwrite via long "Register a new card" input fields.

7.8
2017-05-08 CVE-2017-8844 Long Range ZIP Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.

7.8
2017-05-08 CVE-2017-8829 Debian Deserialization of Untrusted Data vulnerability in Debian Lintian

Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.

7.8
2017-05-12 CVE-2017-0212 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows Hyper-V allows an elevation of privilege vulnerability when Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 fail to properly validate vSMB packet data, aka "Windows Hyper-V vSMB Elevation of Privilege Vulnerability".

7.6
2017-05-14 CVE-2017-8929 Virustotal Use After Free vulnerability in Virustotal Yara 3.5.0

The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.

7.5
2017-05-12 CVE-2017-5654 Apache XML Injection (aka Blind XPath Injection) vulnerability in Apache Ambari 2.4.0/2.4.1/2.5.0

In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

7.5
2017-05-12 CVE-2016-10331 Synology Path Traversal vulnerability in Synology Photo Station

Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.

7.5
2017-05-12 CVE-2017-8921 Flightgear Path Traversal vulnerability in Flightgear

In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML).

7.5
2017-05-12 CVE-2017-7486 Postgresql Information Exposure vulnerability in Postgresql

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.

7.5
2017-05-12 CVE-2017-7484 Postgresql Information Exposure vulnerability in Postgresql

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information.

7.5
2017-05-12 CVE-2017-2163 N I Agroinformatics Path Traversal vulnerability in N-I-Agroinformatics SOY CMS

Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 allows authenticated attackers to read arbitrary files via shop_id.

7.5
2017-05-12 CVE-2016-4864 Dena Use of Externally-Controlled Format String vulnerability in Dena H2O

H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.

7.5
2017-05-12 CVE-2017-0266 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."

7.5
2017-05-12 CVE-2017-0248 Microsoft Improper Certificate Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."

7.5
2017-05-12 CVE-2017-0247 Microsoft Improper Input Validation vulnerability in Microsoft products

A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests.

7.5
2017-05-12 CVE-2017-0240 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0227.

7.5
2017-05-12 CVE-2017-0238 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236.

7.5
2017-05-12 CVE-2017-0236 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0235 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0234 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0230 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0229 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0228 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0227 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and CVE-2017-0240.

7.5
2017-05-12 CVE-2017-0226 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0222.

7.5
2017-05-12 CVE-2017-0224 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

7.5
2017-05-12 CVE-2017-0221 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.

7.5
2017-05-11 CVE-2016-10370 Oneplus Improper Access Control vulnerability in Oneplus Oxygenos

An issue was discovered on OnePlus devices such as the 3T.

7.5
2017-05-11 CVE-2016-7476 F5 Improper Input Validation vulnerability in F5 products

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic.

7.5
2017-05-11 CVE-2015-5436 HP Unspecified vulnerability in HP Integrated Lights-Out Firmware

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30.

7.5
2017-05-10 CVE-2016-9250 F5 Permissions, Privileges, and Access Controls vulnerability in F5 products

In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.

7.5
2017-05-10 CVE-2017-8868 Flatcore Path Traversal vulnerability in Flatcore Flatcore-Cms 1.4.7

acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php.

7.5
2017-05-10 CVE-2017-5892 Asus Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266

ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.

7.5
2017-05-09 CVE-2017-8855 Wolfssl Unspecified vulnerability in Wolfssl

wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.

7.5
2017-05-09 CVE-2017-8853 Fiyo Path Traversal vulnerability in Fiyo CMS 2.0.7

Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.

7.5
2017-05-09 CVE-2017-3067 Adobe Information Exposure vulnerability in Adobe Experience Manager Forms 6.0/6.1/6.2

Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.

7.5
2017-05-09 CVE-2016-9256 F5 Race Condition vulnerability in F5 products

In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request.

7.5
2017-05-09 CVE-2016-9253 F5 Improper Input Validation vulnerability in F5 products

In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.

7.5
2017-05-09 CVE-2016-6799 Apache Information Exposure Through Log Files vulnerability in Apache Cordova

Product: Apache Cordova Android 5.2.2 and earlier.

7.5
2017-05-08 CVE-2016-8209 Brocade Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade products

Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

7.5
2017-05-08 CVE-2017-8825 Libetpan Project NULL Pointer Dereference vulnerability in Libetpan Project Libetpan

A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2.

7.5
2017-05-12 CVE-2017-2157 Jpki Untrusted Search Path vulnerability in Jpki the Public Certification Service for Individuals 2.6/3.0.1/3.1

Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)", The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier that were available until April 27, 2017 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.

7.3
2017-05-12 CVE-2017-0249 Microsoft Improper Input Validation vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

7.3
2017-05-12 CVE-2017-0213 Microsoft Unspecified vulnerability in Microsoft products

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability".

7.3
2017-05-12 CVE-2017-8912 Cmsmadesimple Code Injection vulnerability in Cmsmadesimple CMS Made Simple 2.1.6

CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions.

7.2
2017-05-11 CVE-2016-9097 Broadcom Permissions, Privileges, and Access Controls vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users.

7.2
2017-05-12 CVE-2016-10330 Synology Path Traversal vulnerability in Synology Photo Station

Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.

7.1
2017-05-12 CVE-2017-8244 Google Race Condition vulnerability in Google Android

In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks.

7.0
2017-05-12 CVE-2017-0623 Linux Unspecified vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader.

7.0
2017-05-12 CVE-2017-0622 Linux Improper Handling of Exceptional Conditions vulnerability in Linux Kernel 3.10

An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0621 Linux Unspecified vulnerability in Linux Kernel 3.10

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0620 Linux
Google
Incorrect Calculation of Buffer Size vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0619 Linux
Google
An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
7.0
2017-05-12 CVE-2017-0618 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0617 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0616 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0615 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0614 Linux Classic Buffer Overflow vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0613 Linux Improper Input Validation vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0612 Linux Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0611 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0610 Linux Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0609 Linux Unspecified vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0608 Linux Out-of-bounds Write vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0607 Linux Incorrect Type Conversion or Cast vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0606 Linux Unspecified vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0465 Linux
Google
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10291 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10

An elevation of privilege vulnerability in the Qualcomm Slimbus driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10290 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10289 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10288 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10287 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10286 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10285 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.18

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10284 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10283 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10282 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10281 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2016-10280 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.0
2017-05-12 CVE-2017-0279 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability".

7.0
2017-05-12 CVE-2017-0278 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability".

7.0
2017-05-12 CVE-2017-0277 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability".

7.0
2017-05-12 CVE-2017-0246 Microsoft Unspecified vulnerability in Microsoft products

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application or in Windows 7 for x64-based Systems and later, cause denial of service, aka "Win32k Elevation of Privilege Vulnerability."

7.0
2017-05-12 CVE-2017-0214 Microsoft Unspecified vulnerability in Microsoft products

Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when Windows fails to properly validate input before loading type libraries, aka "Windows COM Elevation of Privilege Vulnerability".

7.0
2017-05-09 CVE-2017-0343 Nvidia Race Condition vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges.

7.0
2017-05-08 CVE-2017-6051 Blftech Uncontrolled Search Path Element vulnerability in Blftech Visualview HMI 9.9.14.0

An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior.

7.0

113 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-10 CVE-2017-8879 Dolibarr Improper Authentication vulnerability in Dolibarr Erp/Crm 4.0.4

Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.

6.8
2017-05-12 CVE-2017-0244 Microsoft Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008

The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privilege Vulnerability."

6.7
2017-05-12 CVE-2017-0064 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 10/11/9

A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability."

6.5
2017-05-11 CVE-2016-2126 Samba Permissions, Privileges, and Access Controls vulnerability in Samba

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum.

6.5
2017-05-11 CVE-2017-6865 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0).

6.5
2017-05-11 CVE-2017-2681 Siemens Resource Exhaustion vulnerability in Siemens products

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product.

6.5
2017-05-11 CVE-2017-2680 Siemens Resource Exhaustion vulnerability in Siemens products

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2).

6.5
2017-05-10 CVE-2017-8878 Asus Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266

ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.

6.5
2017-05-10 CVE-2017-8877 Asus Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266

ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.

6.5
2017-05-10 CVE-2017-8875 Codection Cross-Site Request Forgery (CSRF) vulnerability in Codection Clean Login 1.7.12

CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.

6.5
2017-05-09 CVE-2017-5527 Tibco SQL Injection vulnerability in Tibco products

TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized users to perform SQL injection attacks.

6.5
2017-05-08 CVE-2017-8848 Allen Disk Project Cross-Site Request Forgery (CSRF) vulnerability in Allen Disk Project Allen Disk 1.6

Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password.

6.5
2017-05-08 CVE-2017-8830 Imagemagick Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56

In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.

6.5
2017-05-08 CVE-2017-8831 Linux
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.

6.4
2017-05-12 CVE-2017-2164 N I Agroinformatics Cross-site Scripting vulnerability in N-I-Agroinformatics SOY CMS

Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2017-05-12 CVE-2016-4859 Splunk Open Redirect vulnerability in Splunk

Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.3 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

6.1
2017-05-12 CVE-2016-4857 Splunk Open Redirect vulnerability in Splunk

Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

6.1
2017-05-12 CVE-2016-4855 Adodb Project Cross-site Scripting vulnerability in Adodb Project Adodb

Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2017-05-11 CVE-2017-8897 Invisioncommunity Cross-site Scripting vulnerability in Invisioncommunity Invision Power Board

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector.

6.1
2017-05-11 CVE-2016-9099 Broadcom Open Redirect vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability.

6.1
2017-05-10 CVE-2017-8892 Opentext Cross-site Scripting vulnerability in Opentext Tempo BOX 10.0.3

Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image.

6.1
2017-05-10 CVE-2017-3894 Blackberry Cross-site Scripting vulnerability in Blackberry Enterprise Service and Unified Endpoint Manager

A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions in the context of a Management Console administrator by uploading a malicious script and then persuading a target administrator to view the specific location of the malicious script within the Management Console.

6.1
2017-05-10 CVE-2017-7887 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 4.0.4

Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter.

6.1
2017-05-10 CVE-2017-8876 Getsymphony Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.11

Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php.

6.1
2017-05-09 CVE-2016-9257 F5 Cross-site Scripting vulnerability in F5 Big-Ip Access Policy Manager

In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing the non-authenticated user to carry out a Cross Site Scripting (XSS) attack against the Administrative user.

6.1
2017-05-08 CVE-2017-8833 ZEN Cart Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.6.0

Zen Cart 1.6.0 has XSS in the main_page parameter to index.php.

6.1
2017-05-08 CVE-2017-8832 Allen Disk Project Cross-site Scripting vulnerability in Allen Disk Project Allen Disk 1.6

Allen Disk 1.6 has XSS in the id parameter to downfile.php.

6.1
2017-05-12 CVE-2017-7485 Postgresql Missing Encryption of Sensitive Data vulnerability in Postgresql

In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server.

5.9
2017-05-12 CVE-2017-0280 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".

5.9
2017-05-12 CVE-2017-0276 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0275 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0274 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0273 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".

5.9
2017-05-12 CVE-2017-0271 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0270 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0269 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".

5.9
2017-05-12 CVE-2017-0268 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0267 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

5.9
2017-05-12 CVE-2017-0171 Microsoft Improper Input Validation vulnerability in Microsoft products

Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".

5.9
2017-05-11 CVE-2017-8851 Oneplus Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos

An issue was discovered on OnePlus One and X devices.

5.9
2017-05-11 CVE-2017-8850 Oneplus Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices.

5.9
2017-05-11 CVE-2017-5948 Oneplus Improper Input Validation vulnerability in Oneplus Oxygenos

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices.

5.9
2017-05-09 CVE-2017-6137 F5 Unspecified vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations.

5.9
2017-05-12 CVE-2017-8925 Linux
Debian
Improper Resource Shutdown or Release vulnerability in multiple products

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

5.5
2017-05-12 CVE-2016-4839 Moneyforward Information Exposure vulnerability in Moneyforward products

The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc.

5.5
2017-05-12 CVE-2017-0635 Google NULL Pointer Dereference vulnerability in Google Android

A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.

5.5
2017-05-12 CVE-2017-0626 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to access data outside of its permission levels.

5.5
2017-05-12 CVE-2017-0625 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels.

5.5
2017-05-12 CVE-2017-0624 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels.

5.5
2017-05-12 CVE-2017-0602 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications.

5.5
2017-05-12 CVE-2017-0601 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android

An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission.

5.5
2017-05-12 CVE-2017-0600 Google Unspecified vulnerability in Google Android

A remote denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.

5.5
2017-05-12 CVE-2017-0599 Google Unchecked Return Value vulnerability in Google Android

A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.

5.5
2017-05-12 CVE-2017-0598 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

5.5
2017-05-12 CVE-2017-0493 Google Insecure Storage of Sensitive Information vulnerability in Google Android 7.0/7.1.0/7.1.1

An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen.

5.5
2017-05-12 CVE-2016-10292 Linux Resource Management Errors vulnerability in Linux Kernel 3.10/3.18

A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem.

5.5
2017-05-12 CVE-2017-0242 Microsoft Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008

An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."

5.5
2017-05-12 CVE-2017-8908 Artifex Out-of-bounds Read vulnerability in Artifex Ghostscript 9.21

The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.

5.5
2017-05-12 CVE-2017-8360 Conexant Information Exposure vulnerability in Conexant Mictray64 1.0.0.46

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process.

5.5
2017-05-11 CVE-2017-8906 Multicorewareinc Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265 High Efficiency Video Coding 2.4

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products.

5.5
2017-05-11 CVE-2017-7472 Linux Improper Resource Shutdown or Release vulnerability in Linux Kernel

The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.

5.5
2017-05-10 CVE-2017-8891 Dropbox DEPRECATED: Use of Uninitialized Resource vulnerability in Dropbox Lepton 1.2.1

Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.

5.5
2017-05-10 CVE-2016-10371 Libtiff Improper Input Validation vulnerability in Libtiff 4.0.6

The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.

5.5
2017-05-09 CVE-2017-0355 Nvidia Improper Input Validation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where it may access paged memory while holding a spinlock, leading to a denial of service.

5.5
2017-05-09 CVE-2017-0353 Nvidia Improper Input Validation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where due to improper locking on certain conditions may lead to a denial of service

5.5
2017-05-09 CVE-2017-7967 Schneider Electric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Vampset 2.2.145

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used.

5.5
2017-05-08 CVE-2017-8847 Long Range ZIP Project NULL Pointer Dereference vulnerability in Long Range ZIP Project Long Range ZIP 0.631

The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.

5.5
2017-05-08 CVE-2017-8846 Long Range ZIP Project
Debian
Use After Free vulnerability in multiple products

The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.

5.5
2017-05-08 CVE-2017-8845 Long Range ZIP Project Out-of-bounds Read vulnerability in Long Range ZIP Project Long Range ZIP 0.631

The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.

5.5
2017-05-08 CVE-2017-8843 Long Range ZIP Project NULL Pointer Dereference vulnerability in Long Range ZIP Project Long Range ZIP 0.631

The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.

5.5
2017-05-08 CVE-2017-8842 Long Range ZIP Project Divide By Zero vulnerability in Long Range ZIP Project Long Range ZIP 0.631

The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.

5.5
2017-05-12 CVE-2017-2122 Tenable Cross-site Scripting vulnerability in Tenable Nessus

Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

5.4
2017-05-12 CVE-2016-4883 Basercms Cross-site Scripting vulnerability in Basercms 3.0.10

Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.4
2017-05-12 CVE-2016-4880 Basercms Cross-site Scripting vulnerability in Basercms 3.0.10

Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

5.4
2017-05-12 CVE-2016-4877 Basercms Cross-site Scripting vulnerability in Basercms and Mail

Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

5.4
2017-05-12 CVE-2017-0255 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation 2013

Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability".

5.4
2017-05-10 CVE-2016-6035 IBM Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert

IBM Rational Quality Manager is vulnerable to cross-site scripting.

5.4
2017-05-10 CVE-2016-5888 IBM Cross-site Scripting vulnerability in IBM Interact

IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting.

5.4
2017-05-10 CVE-2016-3032 IBM Cross-site Scripting vulnerability in IBM Cognos Analytics

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.

5.4
2017-05-08 CVE-2017-0893 Nextcloud Cross-site Scripting vulnerability in Nextcloud Server

Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vulnerable JavaScript library for sanitizing untrusted user-input which suffered from a XSS vulnerability caused by a behaviour change in Safari 10.1 and 10.2.

5.4
2017-05-08 CVE-2017-0891 Nextcloud Cross-site Scripting vulnerability in Nextcloud Server

Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.

5.4
2017-05-08 CVE-2017-0890 Nextcloud Cross-site Scripting vulnerability in Nextcloud Server

Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module.

5.4
2017-05-12 CVE-2017-0256 Microsoft Improper Input Validation vulnerability in Microsoft products

A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

5.3
2017-05-12 CVE-2017-0241 Microsoft Unspecified vulnerability in Microsoft Edge

An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233.

5.3
2017-05-09 CVE-2017-0302 F5 Range Error vulnerability in F5 Big-Ip Access Policy Manager

In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.

5.3
2017-05-11 CVE-2017-6867 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.

4.9
2017-05-12 CVE-2016-4858 Splunk Cross-site Scripting vulnerability in Splunk

Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.8
2017-05-12 CVE-2016-4856 Splunk Cross-site Scripting vulnerability in Splunk

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

4.8
2017-05-10 CVE-2016-6037 IBM Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert

IBM Rational Team Concert (RTC) is vulnerable to HTML injection.

4.8
2017-05-12 CVE-2017-0634 Linux Information Exposure vulnerability in Linux Kernel 3.18

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0633 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious component to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0632 Linux Information Exposure vulnerability in Linux Kernel 3.10

An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0631 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0630 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0629 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0628 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0627 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0603 Google Integer Overflow or Wraparound vulnerability in Google Android

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.

4.7
2017-05-12 CVE-2016-10296 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2016-10295 Linux Information Exposure vulnerability in Linux Kernel 3.18

An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2016-10294 Linux Information Exposure vulnerability in Linux Kernel 3.10/3.18

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2016-10293 Linux Information Exposure vulnerability in Linux Kernel 3.10

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels.

4.7
2017-05-12 CVE-2017-0259 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258.

4.7
2017-05-12 CVE-2017-0258 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259.

4.7
2017-05-12 CVE-2017-0245 Microsoft Information Exposure vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

4.7
2017-05-12 CVE-2017-0220 Microsoft Information Exposure vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0258, and CVE-2017-0259.

4.7
2017-05-12 CVE-2017-0175 Microsoft Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CVE-2017-0259.

4.7
2017-05-09 CVE-2017-0354 Nvidia Improper Input Validation vulnerability in Nvidia GPU Driver

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service.

4.7
2017-05-12 CVE-2017-8924 Linux
Debian
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.

4.6
2017-05-12 CVE-2017-8900 Lightdm Project Unspecified vulnerability in Lightdm Project Lightdm

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

4.6
2017-05-12 CVE-2017-0190 Microsoft Information Exposure vulnerability in Microsoft products

The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."

4.4
2017-05-12 CVE-2017-0231 Microsoft Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer

A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability."

4.3
2017-05-08 CVE-2017-0894 Nextcloud Incorrect Authorization vulnerability in Nextcloud Server

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error.

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-05-10 CVE-2017-4896 Vmware Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox

Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application.

3.8
2017-05-08 CVE-2017-0895 Nextcloud Information Exposure vulnerability in Nextcloud Server

Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users.

3.5
2017-05-08 CVE-2017-0892 Nextcloud Session Fixation vulnerability in Nextcloud Server

Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.

3.5