Weekly Vulnerabilities Reports > May 22 to 28, 2017
Overview
323 new vulnerabilities reported during this period, including 72 critical vulnerabilities and 145 high severity vulnerabilities. This weekly summary report vulnerabilities in 252 products from 93 vendors including Apple, Autotrace Project, Debian, Cisco, and Pivotal Software. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Out-of-bounds Read", "Information Exposure", and "Out-of-bounds Write".
- 239 reported vulnerabilities are remotely exploitables.
- 96 reported vulnerabilities have public exploit available.
- 64 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 283 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 78 reported vulnerabilities.
- Autotrace Project has the most reported critical vulnerabilities, with 33 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
72 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-05-28 | CVE-2017-9232 | Canonical | Missing Authorization vulnerability in Canonical Juju Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root. | 9.8 |
2017-05-28 | CVE-2015-9059 | Picocom Project | Command Injection vulnerability in Picocom Project Picocom picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely. | 9.8 |
2017-05-26 | CVE-2017-6862 | Netgear | Classic Buffer Overflow vulnerability in Netgear products NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. | 9.8 |
2017-05-26 | CVE-2016-10375 | Yodl Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Yodl Project Yodl 3.06.00 Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c. | 9.8 |
2017-05-26 | CVE-2017-9034 | Trendmicro | Improper Input Validation vulnerability in Trendmicro Serverprotect 3.0 Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates. | 9.8 |
2017-05-25 | CVE-2016-0761 | Pivotal Software Cloudfoundry | Data Processing Errors vulnerability in multiple products Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host. | 9.8 |
2017-05-25 | CVE-2014-3527 | Vmware | Improper Authentication vulnerability in VMWare Spring Security When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. | 9.8 |
2017-05-24 | CVE-2017-9228 | Oniguruma Project PHP | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
2017-05-24 | CVE-2017-9227 | Oniguruma Project PHP | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
2017-05-24 | CVE-2017-9226 | Oniguruma Project PHP | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
2017-05-24 | CVE-2017-9225 | Oniguruma Project Ruby Lang PHP | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
2017-05-24 | CVE-2017-9224 | Oniguruma Project PHP | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
2017-05-24 | CVE-2017-2801 | Botan Project | Out-of-bounds Read vulnerability in Botan Project Botan 2.0.1 A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. | 9.8 |
2017-05-24 | CVE-2017-2800 | Wolfssl | Improper Certificate Validation vulnerability in Wolfssl A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. | 9.8 |
2017-05-23 | CVE-2017-9214 | Openvswitch Debian Redhat | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. | 9.8 |
2017-05-23 | CVE-2017-6131 | F5 | Use of Hard-coded Credentials vulnerability in F5 products In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. | 9.8 |
2017-05-23 | CVE-2017-9200 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. | 9.8 |
2017-05-23 | CVE-2017-9199 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. | 9.8 |
2017-05-23 | CVE-2017-9198 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. | 9.8 |
2017-05-23 | CVE-2017-9197 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. | 9.8 |
2017-05-23 | CVE-2017-9196 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. | 9.8 |
2017-05-23 | CVE-2017-9195 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27. | 9.8 |
2017-05-23 | CVE-2017-9194 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29. | 9.8 |
2017-05-23 | CVE-2017-9193 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33. | 9.8 |
2017-05-23 | CVE-2017-9192 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7. | 9.8 |
2017-05-23 | CVE-2017-9191 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15. | 9.8 |
2017-05-23 | CVE-2017-9188 | Autotrace Project | Improper Input Validation vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "left shift ... | 9.8 |
2017-05-23 | CVE-2017-9187 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. | 9.8 |
2017-05-23 | CVE-2017-9186 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17. | 9.8 |
2017-05-23 | CVE-2017-9185 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. | 9.8 |
2017-05-23 | CVE-2017-9184 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. | 9.8 |
2017-05-23 | CVE-2017-9183 | Autotrace Project | Incorrect Type Conversion or Cast vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7. | 9.8 |
2017-05-23 | CVE-2017-9173 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29. | 9.8 |
2017-05-23 | CVE-2017-9172 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29. | 9.8 |
2017-05-23 | CVE-2017-9171 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24. | 9.8 |
2017-05-23 | CVE-2017-9170 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25. | 9.8 |
2017-05-23 | CVE-2017-9169 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25. | 9.8 |
2017-05-23 | CVE-2017-9168 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25. | 9.8 |
2017-05-23 | CVE-2017-9167 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25. | 9.8 |
2017-05-23 | CVE-2017-9166 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11. | 9.8 |
2017-05-23 | CVE-2017-9165 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11. | 9.8 |
2017-05-23 | CVE-2017-9164 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11. | 9.8 |
2017-05-23 | CVE-2017-9163 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54. | 9.8 |
2017-05-23 | CVE-2017-9162 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2. | 9.8 |
2017-05-23 | CVE-2017-9161 | Autotrace Project | Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23. | 9.8 |
2017-05-23 | CVE-2017-9160 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12. | 9.8 |
2017-05-23 | CVE-2017-9153 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13. | 9.8 |
2017-05-23 | CVE-2017-9152 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41. | 9.8 |
2017-05-23 | CVE-2017-9151 | Autotrace Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12. | 9.8 |
2017-05-23 | CVE-2017-6821 | Synacor | Path Traversal vulnerability in Synacor Zimbra Collaboration Suite Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | 9.8 |
2017-05-23 | CVE-2017-6813 | Synacor | Unspecified vulnerability in Synacor Zimbra Collaboration Suite A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations. | 9.8 |
2017-05-23 | CVE-2016-9843 | Zlib Opensuse Debian Canonical Oracle Redhat Apple Netapp Mariadb Nodejs | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 9.8 |
2017-05-23 | CVE-2016-9841 | Zlib Opensuse Debian Canonical Oracle Redhat Apple Netapp Nodejs | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 9.8 |
2017-05-23 | CVE-2016-7979 | Artifex | Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. | 9.8 |
2017-05-23 | CVE-2016-7978 | Artifex | Use After Free vulnerability in Artifex Ghostscript 9.20 Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. | 9.8 |
2017-05-23 | CVE-2016-5178 | Google Opensuse Debian Redhat Fedoraproject | Improper Input Validation vulnerability in multiple products Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | 9.8 |
2017-05-23 | CVE-2015-4455 | Aviary Image Editor ADD ON FOR Gravity Forms Project | Unrestricted Upload of File with Dangerous Type vulnerability in Aviary Image Editor Add-On for Gravity Forms Project Aviary Image Editor Add-On for Gravity Forms 3.0 Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/gform_aviary. | 9.8 |
2017-05-22 | CVE-2017-1092 | IBM | Unspecified vulnerability in IBM Informix Open Admin Tool 11.5/11.7/12.1 IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. | 9.8 |
2017-05-22 | CVE-2016-4905 | WP Olivecart | SQL Injection vulnerability in Wp-Olivecart Olivecart and Olivecartpro SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2017-05-22 | CVE-2017-2527 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2524 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2523 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2522 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2520 | Apple Debian | Out-of-bounds Write vulnerability in multiple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2519 | Apple Debian | An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2518 | Apple Debian | Use After Free vulnerability in multiple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2513 | Apple | Use After Free vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-26 | CVE-2016-6256 | SAP | XXE vulnerability in SAP Business ONE 1.2.3 SAP Business One for Android 1.2.3 allows remote attackers to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i.vplatform.runtime/INB_WS_CALL_SYNC_XPT/INB_WS_CALL_SYNC_XPT.ipo/proc, aka SAP Security Note 2378065. | 9.6 |
2017-05-25 | CVE-2015-5211 | Vmware Debian | Files or Directories Accessible to External Parties vulnerability in multiple products Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. | 9.6 |
2017-05-27 | CVE-2017-7337 | Fortinet | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Fortiportal An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion request. | 9.1 |
2017-05-23 | CVE-2015-5609 | Image Export Project | Path Traversal vulnerability in Image-Export Project Image-Export 1.1 Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote attackers to read and delete arbitrary files via a full pathname in the file parameter to download.php. | 9.1 |
2017-05-25 | CVE-2016-4435 | Pivotal | Permissions, Privileges, and Access Controls vulnerability in Pivotal Bosh Stemcell 3146.13/3232.4 An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. | 9.0 |
145 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-05-26 | CVE-2017-7505 | Theforeman | Improper Privilege Management vulnerability in Theforeman Foreman Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global admin accounts including changing their passwords. | 8.8 |
2017-05-26 | CVE-2017-9033 | Trendmicro | Cross-Site Request Forgery (CSRF) vulnerability in Trendmicro Serverprotect 3.0 Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update from an arbitrary source via a crafted request to SProtectLinux/scanoption_set.cgi, related to the lack of anti-CSRF tokens. | 8.8 |
2017-05-25 | CVE-2016-4977 | Pivotal | Data Processing Errors vulnerability in Pivotal Spring Security Oauth When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type. | 8.8 |
2017-05-25 | CVE-2015-3191 | Pivotal Software Cloudfoundry | Cross-Site Request Forgery (CSRF) vulnerability in multiple products With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. | 8.8 |
2017-05-25 | CVE-2014-0225 | Pivotal Software Vmware | XXE vulnerability in multiple products When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. | 8.8 |
2017-05-23 | CVE-2017-8913 | SAP | XXE vulnerability in SAP Netweaver Application Server Java 7.50 The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873. | 8.8 |
2017-05-23 | CVE-2016-9842 | Zlib Opensuse Debian Canonical Oracle Redhat Apple Nodejs | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | 8.8 |
2017-05-23 | CVE-2016-9840 | Zlib Opensuse Debian Canonical Oracle Redhat Apple Nodejs | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 8.8 |
2017-05-23 | CVE-2016-5177 | Google Opensuse Debian Redhat Fedoraproject | Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | 8.8 |
2017-05-22 | CVE-2016-6112 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. | 8.8 |
2017-05-22 | CVE-2017-6891 | GNU Debian Apache | Out-of-bounds Write vulnerability in multiple products Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. | 8.8 |
2017-05-22 | CVE-2017-9146 | Ytnef Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. | 8.8 |
2017-05-22 | CVE-2016-4904 | WP Olivecart | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Olivecart Olivecart and Olivecartpro Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors. | 8.8 |
2017-05-22 | CVE-2016-4854 | Nttdocomo | Cross-Site Request Forgery (CSRF) vulnerability in Nttdocomo L-04D Firmware V10A/V10B Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows remote attackers to hijack the authentication of administrators to perform arbitrary operations via unspecified vectors. | 8.8 |
2017-05-22 | CVE-2017-6991 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-6984 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-6983 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-6980 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2547 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2544 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2539 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2538 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2536 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2531 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2530 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2526 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2525 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2521 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2515 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2514 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2506 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2505 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-2496 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
2017-05-22 | CVE-2017-6634 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Ethernet 1000 Series Firmware 1.3Base A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |
2017-05-22 | CVE-2017-6977 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 8.6 |
2017-05-22 | CVE-2017-2534 | Apple | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 8.6 |
2017-05-23 | CVE-2017-8914 | SAP | Unspecified vulnerability in SAP Hana XS 1.00/2.00 sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694. | 8.3 |
2017-05-22 | CVE-2017-1289 | IBM | XXE vulnerability in IBM SDK IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. | 8.2 |
2017-05-25 | CVE-2016-3084 | Pivotal Software Cloudfoundry | Permissions, Privileges, and Access Controls vulnerability in multiple products The UAA reset password flow in Cloud Foundry release v236 and earlier versions, UAA release v3.3.0 and earlier versions, all versions of Login-server, UAA release v10 and earlier versions and Pivotal Elastic Runtime versions prior to 1.7.2 is vulnerable to a brute force attack due to multiple active codes at a given time. | 8.1 |
2017-05-24 | CVE-2017-2824 | Zabbix | OS Command Injection vulnerability in Zabbix An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. | 8.1 |
2017-05-23 | CVE-2015-6817 | Pgbouncer | Improper Authentication vulnerability in Pgbouncer 1.6 PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username. | 8.1 |
2017-05-22 | CVE-2017-5657 | Apache | Cross-Site Request Forgery (CSRF) vulnerability in Apache Archiva Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. | 8.0 |
2017-05-26 | CVE-2017-8541 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. | 7.8 |
2017-05-26 | CVE-2017-8540 | Microsoft | Out-of-bounds Write vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. | 7.8 |
2017-05-26 | CVE-2017-8538 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. | 7.8 |
2017-05-26 | CVE-2017-9036 | Trendmicro | Missing Authorization vulnerability in Trendmicro Serverprotect 3.0 Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory. | 7.8 |
2017-05-24 | CVE-2017-2823 | Poweriso | Use After Free vulnerability in Poweriso 6.8 A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. | 7.8 |
2017-05-24 | CVE-2017-2819 | Hancom | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Hangul Word Processor and Thinkfree Office NEO An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. | 7.8 |
2017-05-24 | CVE-2017-2817 | Poweriso | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Poweriso 6.8 A stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO 6.8. | 7.8 |
2017-05-24 | CVE-2017-2799 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. | 7.8 |
2017-05-24 | CVE-2017-2798 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. | 7.8 |
2017-05-23 | CVE-2017-8311 | Videolan | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Videolan VLC Media Player Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. | 7.8 |
2017-05-23 | CVE-2017-0374 | Config Model Project | Unspecified vulnerability in Config-Model Project Config-Model lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . | 7.8 |
2017-05-23 | CVE-2017-2797 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. | 7.8 |
2017-05-23 | CVE-2017-2794 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. | 7.8 |
2017-05-23 | CVE-2017-2793 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. | 7.8 |
2017-05-23 | CVE-2017-2783 | Marklogic | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.06 An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. | 7.8 |
2017-05-23 | CVE-2016-5735 | Pngquant | Integer Overflow or Wraparound vulnerability in Pngquant 2.7.0 Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | 7.8 |
2017-05-23 | CVE-2016-1876 | Lenovo | Permissions, Privileges, and Access Controls vulnerability in Lenovo Solution Center 3.3.0001 The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | 7.8 |
2017-05-23 | CVE-2015-8089 | Huawei | Permissions, Privileges, and Access Controls vulnerability in Huawei P7-L00 Firmware, P7-L05 Firmware and P7-L09 Firmware The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application. | 7.8 |
2017-05-22 | CVE-2017-2175 | IPA | Untrusted Search Path vulnerability in IPA Empirical Project Monitor - Extended Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-05-22 | CVE-2016-7804 | 7 ZIP | Untrusted Search Path vulnerability in 7-Zip Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-05-22 | CVE-2016-4901 | National TAX Agency | Untrusted Search Path vulnerability in National TAX Agency E-Tax Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-05-22 | CVE-2016-4900 | Evernote | Untrusted Search Path vulnerability in Evernote Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-05-22 | CVE-2017-4915 | Vmware | Incorrect Authorization vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. | 7.8 |
2017-05-22 | CVE-2017-6999 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6998 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6997 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6996 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6995 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6994 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6989 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6986 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6985 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6981 | Apple | Link Following vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6978 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2548 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2546 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2545 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2543 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2542 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2541 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2537 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2535 | Apple | Resource Exhaustion vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2512 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2503 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2499 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-2494 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
2017-05-22 | CVE-2017-6650 | Cisco | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
2017-05-22 | CVE-2017-6649 | Cisco | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
2017-05-28 | CVE-2017-9250 | Jerryscript | NULL Pointer Dereference vulnerability in Jerryscript 1.0 The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed JavaScript source code, related to the jmem_heap_free_block function. | 7.5 |
2017-05-28 | CVE-2017-7295 | Contiki OS | Use After Free vulnerability in Contiki-Os Contiki 3.0 An issue was discovered in Contiki Operating System 3.0. | 7.5 |
2017-05-27 | CVE-2017-7731 | Fortinet | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fortinet Fortiportal A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows attacker to carry out information disclosure via the Forgotten Password feature. | 7.5 |
2017-05-27 | CVE-2017-7338 | Fortinet | Information Exposure vulnerability in Fortinet Fortiportal A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View. | 7.5 |
2017-05-26 | CVE-2017-7439 | Netapp | Information Exposure vulnerability in Netapp Oncommand Unified Manager Core Package NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages. | 7.5 |
2017-05-26 | CVE-2017-7236 | Netapp | SQL Injection vulnerability in Netapp Oncommand Unified Manager Core Package SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2017-05-25 | CVE-2016-5007 | Pivotal Software Vmware | Permissions, Privileges, and Access Controls vulnerability in multiple products Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. | 7.5 |
2017-05-25 | CVE-2016-0780 | Pivotal Software Cloudfoundry | Resource Management Errors vulnerability in multiple products It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. | 7.5 |
2017-05-24 | CVE-2017-9230 | Bitcoin | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Bitcoin The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. | 7.5 |
2017-05-24 | CVE-2017-9229 | Oniguruma Project Ruby Lang PHP | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 7.5 |
2017-05-24 | CVE-2017-9217 | Systemd Project | NULL Pointer Dereference vulnerability in Systemd Project Systemd systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. | 7.5 |
2017-05-23 | CVE-2017-9212 | Bavarian Motor Works | Use of Externally-Controlled Format String vulnerability in Bavarian Motor Works Bluetooth Stack The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name. | 7.5 |
2017-05-23 | CVE-2017-9190 | Autotrace Project | Use After Free vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5. | 7.5 |
2017-05-23 | CVE-2017-9189 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11. | 7.5 |
2017-05-23 | CVE-2017-9182 | Autotrace Project | Use After Free vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to the GET_COLOR function in color.c:16:11. | 7.5 |
2017-05-23 | CVE-2017-9181 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c. | 7.5 |
2017-05-23 | CVE-2017-9180 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:440:14. | 7.5 |
2017-05-23 | CVE-2017-9179 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:425:14. | 7.5 |
2017-05-23 | CVE-2017-9178 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:421:11. | 7.5 |
2017-05-23 | CVE-2017-9177 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:390:12. | 7.5 |
2017-05-23 | CVE-2017-9176 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:370:25. | 7.5 |
2017-05-23 | CVE-2017-9175 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:353:25. | 7.5 |
2017-05-23 | CVE-2017-9174 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23. | 7.5 |
2017-05-23 | CVE-2017-9159 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_rawpbm function in input-pnm.c:391:15. | 7.5 |
2017-05-23 | CVE-2017-9158 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11. | 7.5 |
2017-05-23 | CVE-2017-9157 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:306:14. | 7.5 |
2017-05-23 | CVE-2017-9156 | Autotrace Project | Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12. | 7.5 |
2017-05-23 | CVE-2017-9155 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3. | 7.5 |
2017-05-23 | CVE-2017-9154 | Autotrace Project | Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1 libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11. | 7.5 |
2017-05-23 | CVE-2017-8915 | SAP | Reachable Assertion vulnerability in SAP Hana XS 1.00/2.00 sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar sign) or % (percent) character, aka SAP Security Note 2407694. | 7.5 |
2017-05-23 | CVE-2017-8309 | Qemu Debian Redhat | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. | 7.5 |
2017-05-23 | CVE-2016-10073 | Vanillaforums | Information Exposure vulnerability in Vanillaforums Vanilla The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request. | 7.5 |
2017-05-23 | CVE-2015-6586 | Huawei | Information Exposure vulnerability in Huawei products The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. | 7.5 |
2017-05-23 | CVE-2015-5682 | Powerplay Gallery Project | Permissions, Privileges, and Access Controls vulnerability in Powerplay Gallery Project Powerplay Gallery 3.3 upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. | 7.5 |
2017-05-23 | CVE-2015-5469 | MDC Youtube Downloader Project | Path Traversal vulnerability in MDC Youtube Downloader Project MDC Youtube Downloader 2.1.0 Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php. | 7.5 |
2017-05-23 | CVE-2015-5468 | Wpshopstyling | Path Traversal vulnerability in Wpshopstyling WP E-Commerce Shop Styling 2.5 Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. | 7.5 |
2017-05-23 | CVE-2015-5401 | Teradata | Improper Input Validation vulnerability in Teradata Express and Teradata Gateway Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message. | 7.5 |
2017-05-23 | CVE-2015-5383 | Roundcube | Information Exposure vulnerability in Roundcube Webmail and Webmail Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory. | 7.5 |
2017-05-23 | CVE-2015-4704 | Download ZIP Attachments Project | Path Traversal vulnerability in Download ZIP Attachments Project Download ZIP Attachments 1.0 Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. | 7.5 |
2017-05-23 | CVE-2015-4054 | Pgbouncer | NULL Pointer Dereference vulnerability in Pgbouncer PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet. | 7.5 |
2017-05-23 | CVE-2015-1529 | Integer Overflow or Wraparound vulnerability in Google Android Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors. | 7.5 | |
2017-05-22 | CVE-2017-9149 | Metadata Anonymisation Toolkit Project | Information Exposure vulnerability in Metadata Anonymisation Toolkit Project Metadata Anonymisation Toolkit 0.6/0.6.1 Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted. | 7.5 |
2017-05-22 | CVE-2017-2498 | Apple | Improper Certificate Validation vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.5 |
2017-05-22 | CVE-2017-6653 | Cisco | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Identity Services Engine 2.1(0.474) A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. | 7.5 |
2017-05-22 | CVE-2017-6641 | Cisco | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system. | 7.5 |
2017-05-22 | CVE-2017-6633 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Computing System 3.0(0.234) A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2017-05-22 | CVE-2017-6632 | Cisco | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. | 7.5 |
2017-05-26 | CVE-2017-9035 | Trendmicro | Cleartext Transmission of Sensitive Information vulnerability in Trendmicro Serverprotect 3.0 Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers. | 7.4 |
2017-05-25 | CVE-2014-0097 | Vmware | Improper Authentication vulnerability in VMWare Spring Security The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. | 7.3 |
2017-05-23 | CVE-2017-0373 | Config Model Project | Improper Input Validation vulnerability in Config-Model Project Config-Model The gen_class_pod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model (aka libconfig-model-perl) before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file. | 7.3 |
2017-05-27 | CVE-2017-3134 | Fortinet | Improper Input Validation vulnerability in Fortinet Fortiwlc-Sd An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command 'copy running-config'. | 7.2 |
2017-05-23 | CVE-2015-4046 | Alienvault | Command Injection vulnerability in Alienvault Open Source Security Information Management The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php. | 7.2 |
2017-05-22 | CVE-2017-6979 | Apple | Race Condition vulnerability in Apple products An issue was discovered in certain Apple products. | 7.0 |
2017-05-22 | CVE-2017-2533 | Apple | Race Condition vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.0 |
2017-05-22 | CVE-2017-2501 | Apple | Race Condition vulnerability in Apple products An issue was discovered in certain Apple products. | 7.0 |
104 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-05-26 | CVE-2017-5646 | Apache | Origin Validation Error vulnerability in Apache Knox For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. | 6.8 |
2017-05-23 | CVE-2017-5965 | Sitecore | Unspecified vulnerability in Sitecore CRM 8.1 The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload this archive and extract its contents, and visiting a URI under sitecore/ to execute the .asp file. | 6.7 |
2017-05-23 | CVE-2015-4045 | Alienvault | Permissions, Privileges, and Access Controls vulnerability in Alienvault Open Source Security Information Management The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script. | 6.7 |
2017-05-26 | CVE-2017-9239 | Exiv2 Canonical | Divide By Zero vulnerability in multiple products An issue was discovered in Exiv2 0.26. | 6.5 |
2017-05-25 | CVE-2016-2165 | Pivotal Software Cloudfoundry | Improper Input Validation vulnerability in multiple products The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. | 6.5 |
2017-05-25 | CVE-2015-1834 | Pivotal Software Cloudfoundry | Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. | 6.5 |
2017-05-24 | CVE-2017-9216 | Artifex Debian | NULL Pointer Dereference vulnerability in multiple products libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. | 6.5 |
2017-05-23 | CVE-2017-9207 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.1 The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | 6.5 |
2017-05-23 | CVE-2017-9206 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.1 The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | 6.5 |
2017-05-23 | CVE-2017-9205 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.1 The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | 6.5 |
2017-05-23 | CVE-2017-9204 | Entropymine | Out-of-bounds Read vulnerability in Entropymine Imageworsener 1.3.1 The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | 6.5 |
2017-05-23 | CVE-2017-9203 | Entropymine | Out-of-bounds Write vulnerability in Entropymine Imageworsener 1.3.1 imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c. | 6.5 |
2017-05-23 | CVE-2017-9202 | Entropymine | Divide By Zero vulnerability in Entropymine Imageworsener 1.3.1 imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | 6.5 |
2017-05-23 | CVE-2017-9201 | Entropymine | Divide By Zero vulnerability in Entropymine Imageworsener 1.3.1 imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | 6.5 |
2017-05-23 | CVE-2017-8379 | Qemu Debian Redhat | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. | 6.5 |
2017-05-23 | CVE-2015-5382 | Roundcube | Information Exposure vulnerability in Roundcube Webmail and Webmail program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard. | 6.5 |
2017-05-22 | CVE-2017-9147 | Libtiff | Out-of-bounds Read vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. | 6.5 |
2017-05-22 | CVE-2017-9144 | Imagemagick Debian | Improper Input Validation vulnerability in multiple products In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | 6.5 |
2017-05-22 | CVE-2017-9143 | Imagemagick Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. | 6.5 |
2017-05-22 | CVE-2017-9142 | Imagemagick Debian | Reachable Assertion vulnerability in multiple products In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. | 6.5 |
2017-05-22 | CVE-2017-9141 | Imagemagick Debian | Reachable Assertion vulnerability in multiple products In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c. | 6.5 |
2017-05-22 | CVE-2017-4916 | Vmware | NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. | 6.5 |
2017-05-22 | CVE-2017-2511 | Apple | Improper Input Validation vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.5 |
2017-05-22 | CVE-2017-2495 | Apple | Improper Input Validation vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 6.5 |
2017-05-22 | CVE-2017-6637 | Cisco | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
2017-05-22 | CVE-2017-6636 | Cisco | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. | 6.5 |
2017-05-22 | CVE-2017-6635 | Cisco | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
2017-05-28 | CVE-2017-9252 | Finecms Project | Cross-site Scripting vulnerability in Finecms Project Finecms andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action. | 6.1 |
2017-05-28 | CVE-2017-9251 | Finecms Project | Cross-site Scripting vulnerability in Finecms Project Finecms andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the sitename parameter to admin.php. | 6.1 |
2017-05-28 | CVE-2017-9243 | Aries Networks | Cross-site Scripting vulnerability in Aries Networks Qwr-1104 Wireless-N Router Firmware Wrc.253.2.0913 Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point. | 6.1 |
2017-05-28 | CVE-2017-7296 | Contiki OS | Cross-site Scripting vulnerability in Contiki-Os Contiki 3.0 An issue was discovered in Contiki Operating System 3.0. | 6.1 |
2017-05-27 | CVE-2017-7343 | Fortinet | Open Redirect vulnerability in Fortinet Fortiportal An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter. | 6.1 |
2017-05-27 | CVE-2017-7339 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortiportal A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality. | 6.1 |
2017-05-27 | CVE-2017-3129 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortiweb A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature. | 6.1 |
2017-05-27 | CVE-2017-3126 | Fortinet | Open Redirect vulnerability in Fortinet Fortianalyzer Firmware and Fortimanager Firmware An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter. | 6.1 |
2017-05-26 | CVE-2017-1325 | IBM | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
2017-05-26 | CVE-2017-9037 | Trendmicro | Cross-site Scripting vulnerability in Trendmicro Serverprotect 3.0 Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) S44, (2) S5, (3) S_action_fail, (4) S_ptn_update, (5) T113, (6) T114, (7) T115, (8) T117117, (9) T118, (10) T_action_fail, (11) T_ptn_update, (12) textarea, (13) textfield5, or (14) tmLastConfigFileModifiedDate parameter to notification.cgi. | 6.1 |
2017-05-26 | CVE-2017-9032 | Trendmicro | Cross-site Scripting vulnerability in Trendmicro Serverprotect 3.0 Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) T1 or (2) tmLastConfigFileModifiedDate parameter to log_management.cgi. | 6.1 |
2017-05-26 | CVE-2017-5868 | Openvpn | CRLF Injection vulnerability in Openvpn Access Server 2.1.4 CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/. | 6.1 |
2017-05-25 | CVE-2016-0781 | Pivotal Software Cloudfoundry | Cross-site Scripting vulnerability in multiple products The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in either the OAuth scopes (SCIM groups) or SCIM group descriptions. | 6.1 |
2017-05-25 | CVE-2015-3190 | Pivotal Software Cloudfoundry | Open Redirect vulnerability in multiple products With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter. | 6.1 |
2017-05-23 | CVE-2017-7288 | Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-05-23 | CVE-2015-8477 | Redmine | Cross-site Scripting vulnerability in Redmine Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering. | 6.1 |
2017-05-23 | CVE-2015-5381 | Roundcube | Cross-site Scripting vulnerability in Roundcube Webmail and Webmail Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. | 6.1 |
2017-05-22 | CVE-2017-2174 | IPA | Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-05-22 | CVE-2017-2171 | Bestwebsoft | XML Injection (aka Blind XPath Injection) vulnerability in Bestwebsoft products Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to version 1.3.2, Custom Search prior to version 1.36, Donate prior to version 2.1.1, Email Queue prior to version 1.1.2, Error Log Viewer prior to version 1.0.6, Facebook Button prior to version 2.54, Featured Posts prior to version 1.0.1, Gallery Categories prior to version 1.0.9, Gallery prior to version 4.5.0, Google +1 prior to version 1.3.4, Google AdSense prior to version 1.44, Google Analytics prior to version 1.7.1, Google Captcha (reCAPTCHA) prior to version 1.28, Google Maps prior to version 1.3.6, Google Shortlink prior to version 1.5.3, Google Sitemap prior to version 3.0.8, Htaccess prior to version 1.7.6, Job Board prior to version 1.1.3, Latest Posts prior to version 0.3, Limit Attempts prior to version 1.1.8, LinkedIn prior to version 1.0.5, Multilanguage prior to version 1.2.2, PDF & Print prior to version 1.9.4, Pagination prior to version 1.0.7, Pinterest prior to version 1.0.5, Popular Posts prior to version 1.0.5, Portfolio prior to version 2.4, Post to CSV prior to version 1.3.1, Profile Extra prior to version 1.0.7. | 6.1 |
2017-05-22 | CVE-2017-2169 | Maxbuttons Project | Cross-site Scripting vulnerability in Maxbuttons Project Maxbuttons Cross-site scripting vulnerability in MaxButtons prior to version 6.19 and MaxButtons Pro prior to version 6.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-05-22 | CVE-2017-2168 | Wpbookingsystem | Cross-site Scripting vulnerability in Wpbookingsystem WP Booking System 1.3.3/3.6 Cross-site scripting vulnerability in WP Booking System Free version prior to version 1.4 and WP Booking System Premium version prior to version 3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-05-22 | CVE-2016-4903 | WP Olivecart | Cross-site Scripting vulnerability in Wp-Olivecart Olivecart and Olivecartpro Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-05-22 | CVE-2017-9140 | Progress | Cross-site Scripting vulnerability in Progress Sitefinity CMS and Telerik Reporting Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd. | 6.1 |
2017-05-22 | CVE-2017-2549 | Apple | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-2528 | Apple | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-2510 | Apple | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-2508 | Apple | Cross-site Scripting vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-2504 | Apple | Cross-site Scripting vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-2497 | Apple | Open Redirect vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 6.1 |
2017-05-22 | CVE-2017-6654 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5)/11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
2017-05-22 | CVE-2017-6988 | Apple | Improper Certificate Validation vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.9 |
2017-05-27 | CVE-2017-9242 | Linux | Improper Input Validation vulnerability in Linux Kernel The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. | 5.5 |
2017-05-26 | CVE-2017-8542 | Microsoft | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
2017-05-26 | CVE-2017-8539 | Microsoft | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
2017-05-26 | CVE-2017-8537 | Microsoft | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
2017-05-26 | CVE-2017-8536 | Microsoft | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
2017-05-26 | CVE-2017-8535 | Microsoft | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
2017-05-23 | CVE-2017-8314 | Kodi Debian | Path Traversal vulnerability in multiple products Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles. | 5.5 |
2017-05-23 | CVE-2017-8313 | Videolan | Out-of-bounds Read vulnerability in Videolan VLC Media Player Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. | 5.5 |
2017-05-23 | CVE-2017-8312 | Videolan Debian | Out-of-bounds Read vulnerability in multiple products Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. | 5.5 |
2017-05-23 | CVE-2017-8310 | Videolan | Out-of-bounds Read vulnerability in Videolan VLC Media Player Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file. | 5.5 |
2017-05-23 | CVE-2017-9211 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL pointer dereference) via a crafted application. | 5.5 |
2017-05-23 | CVE-2017-9210 | Qpdf Project Canonical | Infinite Loop vulnerability in multiple products libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3. | 5.5 |
2017-05-23 | CVE-2017-9209 | Qpdf Project Canonical | Infinite Loop vulnerability in multiple products libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2. | 5.5 |
2017-05-23 | CVE-2017-9208 | Qpdf Project Canonical | Infinite Loop vulnerability in multiple products libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1. | 5.5 |
2017-05-23 | CVE-2016-7977 | Artifex | Information Exposure vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | 5.5 |
2017-05-22 | CVE-2017-9150 | Linux | Information Exposure vulnerability in Linux Kernel The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls. | 5.5 |
2017-05-22 | CVE-2017-6990 | Apple | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-6987 | Apple | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-6982 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-2540 | Apple | Improper Input Validation vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-2509 | Apple | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-2507 | Apple | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 5.5 |
2017-05-22 | CVE-2017-2502 | Apple | Unspecified vulnerability in Apple products An issue was discovered in certain Apple products. | 5.5 |
2017-05-28 | CVE-2017-9249 | Allen Disk Project | Cross-site Scripting vulnerability in Allen Disk Project Allen Disk 1.6 Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. | 5.4 |
2017-05-26 | CVE-2017-1291 | IBM | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response splitting attacks. | 5.4 |
2017-05-23 | CVE-2017-5870 | Vimbadmin | Cross-site Scripting vulnerability in Vimbadmin 3.0.15 Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) transport parameter to domain/add; the (3) name parameter to mailbox/add/did/<domain id>; the (4) goto parameter to alias/add/did/<domain id>; or the (5) captchatext parameter to auth/lost-password. | 5.4 |
2017-05-22 | CVE-2017-1320 | IBM | Cross-site Scripting vulnerability in IBM Tivoli Federated Identity Manager IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. | 5.4 |
2017-05-22 | CVE-2017-1282 | IBM | Cross-site Scripting vulnerability in IBM Content Navigator IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. | 5.4 |
2017-05-22 | CVE-2017-1159 | IBM | Open Redirect vulnerability in IBM Business Process Manager IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
2017-05-22 | CVE-2017-2173 | IPA | Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2017-05-26 | CVE-2017-1292 | IBM | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.5 and 7.6 generates error messages that could reveal sensitive information that could be used in further attacks against the system. | 5.3 |
2017-05-22 | CVE-2017-6647 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Temporary File information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6646 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6645 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Temporary Directory information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6644 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6643 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6642 | Cisco | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 5.3 |
2017-05-22 | CVE-2017-6630 | Cisco | Unspecified vulnerability in Cisco IP Phone 8800 Series Firmware 11.0(0.1) A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.3 |
2017-05-22 | CVE-2017-2516 | Apple | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.0 |
2017-05-23 | CVE-2017-5966 | Sitecore | Path Traversal vulnerability in Sitecore CRM 8.1 Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter. | 4.9 |
2017-05-23 | CVE-2017-3128 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortios A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter. | 4.8 |
2017-05-22 | CVE-2017-2500 | Apple | Improper Input Validation vulnerability in Apple Safari An issue was discovered in certain Apple products. | 4.7 |
2017-05-28 | CVE-2016-10376 | Gajim | Cryptographic Issues vulnerability in Gajim Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. | 4.5 |
2017-05-26 | CVE-2015-0269 | Contao | Path Traversal vulnerability in Contao CMS Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors. | 4.3 |
2017-05-22 | CVE-2017-2162 | Toshiba | Unspecified vulnerability in Toshiba Flashair FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a web browser. | 4.3 |
2017-05-22 | CVE-2016-4863 | Toshiba | Improper Authentication vulnerability in Toshiba Flashair The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir II Class 10 model W-02 series with firmware version 2.00.02 and later, FlashAir III Class 10 model W-03 series, FlashAir Class 6 model with firmware version 1.00.04 and later, FlashAir W-02 series Class 10 model with firmware version 2.00.02 and later, FlashAir W-03 series Class 10 model does not require authentication on accepting a connection from STA side LAN when "Internet pass-thru Mode" is enabled, which allows attackers with access to STA side LAN can obtain files or data. | 4.3 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-05-25 | CVE-2015-3189 | Pivotal Software Cloudfoundry | Weak Password Recovery Mechanism for Forgotten Password vulnerability in multiple products With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. | 3.7 |
2017-05-22 | CVE-2017-2161 | Toshiba | Forced Browsing vulnerability in Toshiba Flashair FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | 3.5 |