Weekly Vulnerabilities Reports > June 5 to 11, 2017

Overview

278 new vulnerabilities reported during this period, including 47 critical vulnerabilities and 36 high severity vulnerabilities. This weekly summary report vulnerabilities in 305 products from 123 vendors including Google, IBM, Vmware, Redhat, and Cybozu. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Untrusted Search Path", and "Improper Access Control".

  • 236 reported vulnerabilities are remotely exploitables.
  • 17 reported vulnerabilities have public exploit available.
  • 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 228 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 27 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 21 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

47 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-06-11 CVE-2017-9542 D Link Improper Authentication vulnerability in D-Link Dir-615 Firmware

D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi.

10.0
2017-06-09 CVE-2016-7836 Skygroup Improper Authentication vulnerability in Skygroup Skysea Client View

SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.

10.0
2017-06-09 CVE-2016-7806 Iodata OS Command Injection vulnerability in Iodata Wfs-Sr01 Firmware

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.

10.0
2017-06-08 CVE-2017-4918 Vmware Command Injection vulnerability in VMWare Horizon View

VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script.

10.0
2017-06-08 CVE-2014-8687 Seagate USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Seagate Business NAS Firmware 2014.00319

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens.

10.0
2017-06-08 CVE-2017-6640 Cisco Allocation of Resources Without Limits OR Throttling vulnerability in Cisco Prime Data Center Network Manager 10.1.0/10.1(1)/10.1(2)

A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password.

10.0
2017-06-08 CVE-2017-6639 Cisco Missing Authorization vulnerability in Cisco Prime Data Center Network Manager 10.1.0/10.1(1)/10.1(2)

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system.

10.0
2017-06-06 CVE-2016-9961 Game Music EMU Project
Fedoraproject
Opensuse
Opensuse Project
Novell
Numeric Errors vulnerability in multiple products

game-music-emu before 0.6.1 mishandles unspecified integer values.

10.0
2017-06-09 CVE-2017-2219 Baidu Untrusted Search Path vulnerability in Baidu Simeji 1.0.0.7

Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2214 Jiransoft Untrusted Search Path vulnerability in Jiransoft Appcheck and Appcheck PRO

Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.

9.3
2017-06-09 CVE-2017-2213 GSI Untrusted Search Path vulnerability in GSI Semidynaexe 1.0.2

Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver.

9.3
2017-06-09 CVE-2017-2212 GSI Untrusted Search Path vulnerability in GSI Tky2Jgd 1.3.79

Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver.

9.3
2017-06-09 CVE-2017-2211 GSI Untrusted Search Path vulnerability in GSI Patchjgd 1.0.1

Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) ver.

9.3
2017-06-09 CVE-2017-2210 GSI Uncontrolled Search Path Element vulnerability in GSI Patchjgd 1.0.1

Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver.

9.3
2017-06-09 CVE-2017-2193 Tera Term Project Untrusted Search Path vulnerability in Tera Term Project Tera Term

Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2192 Sharp Untrusted Search Path vulnerability in Sharp Rw-5100 1.1.0.0/1.2.0.0

Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2191 Sharp Untrusted Search Path vulnerability in Sharp products

Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 version 1.0.1.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2190 Sharp Untrusted Search Path vulnerability in Sharp Rw-4040 1.2.0.0

Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2189 Sharp Untrusted Search Path vulnerability in Sharp Rw-4040 2.27

Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2017-2176 Jasdf Untrusted Search Path vulnerability in Jasdf Screensavers

Untrusted search path vulnerability in screensaver installers (jasdf_01.exe, jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, jasdf_05.exe, scramble_setup.exe, clock_01_setup.exe, clock_02_setup.exe) available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-09 CVE-2016-4902 Jpki Untrusted Search Path vulnerability in Jpki products

Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)" Ver3.0.1 and earlier and The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-06-08 CVE-2015-2252 Huawei Code Injection vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts.

9.3
2017-06-07 CVE-2015-5232 OPA FF Project
OPA FM Project
Race Condition vulnerability in multiple products

Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197.

9.3
2017-06-06 CVE-2016-10297 Google Race Condition vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.

9.3
2017-06-06 CVE-2015-9007 Google Double Free vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

9.3
2017-06-06 CVE-2015-9006 Google Improper Access Control vulnerability in Google Android

In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist.

9.3
2017-06-06 CVE-2015-9005 Google Integer Overflow OR Wraparound vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9952 Google Improper Authentication vulnerability in Google Android

In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9950 Google Improper Authorization vulnerability in Google Android

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9949 Google Null Pointer Dereference vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9948 Google Improper Validation of Array Index vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9946 Google USE After Free vulnerability in Google Android

In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9945 Google Improper Authorization vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9944 Google Integer Overflow OR Wraparound vulnerability in Google Android

In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9943 Google Null Pointer Dereference vulnerability in Google Android

In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9942 Google Improper Initialization vulnerability in Google Android

In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9930 Google USE After Free vulnerability in Google Android

In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9929 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9928 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9927 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9926 Google USE After Free vulnerability in Google Android

In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9925 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.

9.3
2017-06-06 CVE-2014-9924 Google Numeric Errors vulnerability in Google Android

In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur.

9.3
2017-06-06 CVE-2014-9923 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.

9.3
2017-06-09 CVE-2016-7820 Iodata Buffer Errors vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors.

9.0
2017-06-09 CVE-2016-7819 Iodata OS Command Injection vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware

I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.

9.0
2017-06-06 CVE-2017-9462 Mercurial
Debian
Redhat
Incorrect Permission Assignment FOR Critical Resource vulnerability in multiple products

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.

9.0

36 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-06-05 CVE-2017-7669 Apache Improper Input Validation vulnerability in Apache Hadoop 2.8.0/3.0.0

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation.

8.5
2017-06-08 CVE-2015-3913 Huawei Improper Input Validation vulnerability in Huawei products

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.

7.8
2017-06-08 CVE-2015-2800 Huawei Improper Authentication vulnerability in Huawei products

The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.

7.8
2017-06-08 CVE-2017-6648 Cisco Denial of Service vulnerability in Cisco TelePresence Endpoint

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.

7.8
2017-06-07 CVE-2015-7888 Samsung Path Traversal vulnerability in Samsung Galaxy S6 Edge Firmware G925Vvru1Aoe2

Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a ..

7.8
2017-06-06 CVE-2014-9941 Google Race Condition vulnerability in Google Android

In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.

7.6
2017-06-08 CVE-2016-9698 IBM XXE vulnerability in IBM Rational Rhapsody Design Manager

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.

7.5
2017-06-08 CVE-2016-4473 PHP
Suse
USE After Free vulnerability in multiple products

/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code.

7.5
2017-06-08 CVE-2016-7050 Redhat Deserialization of Untrusted Data vulnerability in Redhat products

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

7.5
2017-06-08 CVE-2016-3690 Redhat Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform

The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.

7.5
2017-06-08 CVE-2016-2034 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass

SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.

7.5
2017-06-08 CVE-2017-5878 Red5 Deserialization of Untrusted Data vulnerability in Red5 Media Server

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized Java data.

7.5
2017-06-08 CVE-2017-4907 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare Horizon View and Unified Access Gateway

VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.

7.5
2017-06-08 CVE-2017-4901 Vmware Buffer Errors vulnerability in VMWare Fusion and Workstation

The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability.

7.5
2017-06-07 CVE-2015-7346 Zcms Project SQL Injection vulnerability in Zcms Project Zcms 1.1

SQL injection vulnerability in ZCMS 1.1.

7.5
2017-06-07 CVE-2017-4914 Vmware Deserialization of Untrusted Data vulnerability in VMWare Vsphere Data Protection

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue.

7.5
2017-06-07 CVE-2015-7326 Milton XXE vulnerability in Milton Webdav

XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3.

7.5
2017-06-07 CVE-2017-7312 Personifycorp Improper Privilege Management vulnerability in Personifycorp Personify360 7.5.2/7.6/7.6.1

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1.

7.5
2017-06-06 CVE-2016-0726 Nagios USE of Hard-Coded Credentials vulnerability in Nagios

The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.

7.5
2017-06-05 CVE-2017-9436 Teampass SQL Injection vulnerability in Teampass

TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.

7.5
2017-06-05 CVE-2017-9435 Dolibarr SQL Injection vulnerability in Dolibarr

Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).

7.5
2017-06-05 CVE-2017-8841 Peplink Path Traversal vulnerability in Peplink products

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

7.5
2017-06-05 CVE-2017-8835 Peplink SQL Injection vulnerability in Peplink products

SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

7.5
2017-06-05 CVE-2017-9430 Dnstracer Project Buffer Errors vulnerability in Dnstracer Project Dnstracer 1.9

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0].

7.5
2017-06-05 CVE-2017-9433 Libmwaw Project Buffer Errors vulnerability in Libmwaw Project Libmwaw 0.3.11

Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.

7.5
2017-06-05 CVE-2017-9432 Libstaroffice Project Out-Of-Bounds Write vulnerability in Libstaroffice Project Libstaroffice 0.0.3

Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.

7.5
2017-06-05 CVE-2017-9431 Grpc Out-Of-Bounds Write vulnerability in Grpc

Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c.

7.5
2017-06-08 CVE-2017-6638 Cisco Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client

A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account.

7.2
2017-06-07 CVE-2015-6240 Redhat Link Following vulnerability in Redhat Ansible

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.

7.2
2017-06-07 CVE-2017-4904 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage.

7.2
2017-06-07 CVE-2017-4903 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA.

7.2
2017-06-07 CVE-2017-4902 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA.

7.2
2017-06-07 CVE-2015-7724 AMD Link Following vulnerability in AMD Fglrx-Driver

AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack.

7.2
2017-06-07 CVE-2015-7723 AMD Link Following vulnerability in AMD Fglrx-Driver 14.4.2

AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack.

7.2
2017-06-06 CVE-2017-8083 Compulab Missing Authorization vulnerability in Compulab Intense PC Firmware and Mintbox 2 Firmware

CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges.

7.2
2017-06-05 CVE-2017-1000368 Sudo Project Improper Input Validation vulnerability in Sudo Project Sudo

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

7.2

168 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-06-09 CVE-2017-9525 Cron Project
Canonical
Debian
Link Following vulnerability in Cron Project Cron

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.

6.9
2017-06-08 CVE-2017-4913 Vmware Integer Overflow OR Wraparound vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-4912 Vmware Out-Of-Bounds Read vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-4911 Vmware Out-Of-Bounds Write vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-4910 Vmware Out-Of-Bounds Read vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-4909 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-4908 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare Horizon View and Workstation

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll.

6.9
2017-06-08 CVE-2017-7180 Networklookout Unquoted Search Path OR Element vulnerability in Networklookout NET Monitor FOR Employee

Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented "Block applications" design goal.

6.9
2017-06-07 CVE-2017-4898 Vmware DLL Loading Remote Code Execution vulnerability in Multiple VMware Workstation Products

VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable.

6.9
2017-06-05 CVE-2017-1000367 Sudo Project Race Condition vulnerability in Sudo Project Sudo

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.

6.9
2017-06-11 CVE-2017-9527 Mruby USE After Free vulnerability in Mruby 1.0.0/1.1.0/1.2.0

The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file.

6.8
2017-06-09 CVE-2017-2209 Santeikohyo Untrusted Search Path vulnerability in Santeikohyo Installer of Houkokusyo Sakusei Shien Tool 2.0/3.02/3.03

Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2017-06-09 CVE-2017-2207 Saat Untrusted Search Path vulnerability in Saat Personal

Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2017-06-09 CVE-2017-2206 Saat Untrusted Search Path vulnerability in Saat Netizen 1.2.10.510

Untrusted search path vulnerability in the installer of SaAT Netizen ver.1.2.10.510 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2017-06-09 CVE-2017-2182 IPA Unspecified vulnerability in IPA Appgoat 3.0.0/3.0.1

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than CVE-2017-2179 and CVE-2017-2181.

6.8
2017-06-09 CVE-2017-2181 IPA Unspecified vulnerability in IPA Appgoat 3.0.0/3.0.1

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than CVE-2017-2179 and CVE-2017-2182.

6.8
2017-06-09 CVE-2017-2179 IPA Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182.

6.8
2017-06-09 CVE-2017-2178 Atla Untrusted Search Path vulnerability in Atla Electronic Tendering and BID Opening System

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2017-06-09 CVE-2017-2177 Shogyo Untrusted Search Path vulnerability in Shogyo Touki Denshi

Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2017-06-09 CVE-2016-7838 Winsparkle Untrusted Search Path vulnerability in Winsparkle

Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.

6.8
2017-06-09 CVE-2016-7822 Buffalotech Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech Wnc01Wh Firmware

Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors.

6.8
2017-06-09 CVE-2016-7818 Japan Pension Service Permissions, Privileges, and Access Controls vulnerability in Japan Pension Service products

Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver.

6.8
2017-06-09 CVE-2016-7809 Corega Cross-Site Request Forgery (CSRF) vulnerability in Corega Cg-Wlr300Nx Firmware

Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver.

6.8
2017-06-09 CVE-2016-4907 Cybozu Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.

6.8
2017-06-08 CVE-2015-1786 Zend Cross-Site Request Forgery (CSRF) vulnerability in Zend Framework

Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.

6.8
2017-06-08 CVE-2017-9519 Atmail Cross-Site Request Forgery (CSRF) vulnerability in Atmail

atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.

6.8
2017-06-08 CVE-2017-9518 Atmail Cross-Site Request Forgery (CSRF) vulnerability in Atmail

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails.

6.8
2017-06-08 CVE-2017-9517 Atmail Cross-Site Request Forgery (CSRF) vulnerability in Atmail

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.

6.8
2017-06-07 CVE-2017-7966 Schneider Electric Uncontrolled Search Path Element vulnerability in Schneider-Electric Somachine 2.1.0

A DLL Hijacking vulnerability in the programming software in Schneider Electric's SoMachine HVAC v2.1.0 allows a remote attacker to execute arbitrary code on the targeted system.

6.8
2017-06-07 CVE-2016-0254 IBM XXE vulnerability in IBM Cognos Business Intelligence

IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.

6.8
2017-06-07 CVE-2017-7563 ARM Incorrect Permission Assignment FOR Critical Resource vulnerability in ARM Trusted Firmware

In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism.

6.8
2017-06-06 CVE-2017-9461 Samba
Redhat
Debian
Infinite Loop vulnerability in multiple products

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.

6.8
2017-06-06 CVE-2017-5243 Rapid7 USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Rapid7 Nexpose

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions.

6.8
2017-06-05 CVE-2017-9444 Bigtreecms Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS

BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the index.php/admin/developer/upgrade/set-ftp-directory/ URI.

6.8
2017-06-05 CVE-2017-8836 Peplink Cross-Site Request Forgery (CSRF) vulnerability in Peplink products

CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

6.8
2017-06-09 CVE-2017-2195 Multi Feed Reader Project SQL Injection vulnerability in Multi Feed Reader Project Multi Feed Reader

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2017-06-09 CVE-2016-7824 Buffalotech Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.

6.5
2017-06-09 CVE-2016-7803 Cybozu SQL Injection vulnerability in Cybozu Garoon

SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.

6.5
2017-06-08 CVE-2016-4471 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms

ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.

6.5
2017-06-08 CVE-2014-3498 Redhat Improper Input Validation vulnerability in Redhat Ansible

The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands.

6.5
2017-06-07 CVE-2015-5202 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Satellite 6.0

Red Hat Satellite 6 allows remote authenticated users with privileged access on a content host to authenticate to the capsule broker or server broker.

6.5
2017-06-07 CVE-2016-9977 IBM Improper Input Validation vulnerability in IBM products

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate an existing session identifier.

6.5
2017-06-06 CVE-2017-9449 Bigtreecms SQL Injection vulnerability in Bigtreecms Bigtree CMS

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php.

6.5
2017-06-05 CVE-2017-9443 Bigtreecms SQL Injection vulnerability in Bigtreecms Bigtree CMS

** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package.

6.5
2017-06-05 CVE-2017-9442 Bigtreecms Code Injection vulnerability in Bigtreecms Bigtree CMS

** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php.

6.5
2017-06-05 CVE-2017-9437 Openbravo SQL Injection vulnerability in Openbravo ERP 3.0

Openbravo Business Suite 3.0 is affected by SQL injection.

6.5
2017-06-05 CVE-2017-8438 Elastic Improper Privilege Management vulnerability in Elastic X-Pack

Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality.

6.5
2017-06-09 CVE-2016-7835 H2O Project USE After Free vulnerability in H2O Project H2O

Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.

6.4
2017-06-09 CVE-2016-7833 Cybozu Improper Access Control vulnerability in Cybozu Dezie

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

6.4
2017-06-08 CVE-2015-2692 Adblock Improper Access Control vulnerability in Adblock

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.

6.4
2017-06-08 CVE-2016-9991 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling Selling and Fulfillment Foundation

IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.0
2017-06-09 CVE-2016-7831 Fenrir INC Open Redirect vulnerability in Fenrir-Inc Sleipnir 4.5.3

Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage.

5.8
2017-06-09 CVE-2016-7830 Sony Missing Authentication for Critical Function vulnerability in Sony products

Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.

5.8
2017-06-09 CVE-2016-7811 Corega Improper Access Control vulnerability in Corega Cg-Wlr300Nx Firmware

Corega CG-WLR300NX firmware Ver.

5.8
2017-06-06 CVE-2017-9465 Virustotal Out-Of-Bounds Read vulnerability in Virustotal Yara 3.6.1

The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.

5.8
2017-06-08 CVE-2016-6098 IBM Improper Access Control vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

5.5
2017-06-09 CVE-2017-0376 Torproject
Debian
Reachable Assertion vulnerability in multiple products

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.

5.0
2017-06-09 CVE-2017-0375 Torproject Reachable Assertion vulnerability in Torproject TOR

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.

5.0
2017-06-09 CVE-2016-7832 Cybozu Information Exposure vulnerability in Cybozu Dezie

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

5.0
2017-06-09 CVE-2016-7814 Iodata Information Exposure vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware

I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors.

5.0
2017-06-09 CVE-2016-7807 Iodata Improper Access Control vulnerability in Iodata Wfs-Sr01 Firmware

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.

5.0
2017-06-08 CVE-2017-1319 IBM Inadequate Encryption Strength vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.1/6.2.2

IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie.

5.0
2017-06-08 CVE-2016-9736 IBM Information Exposure vulnerability in IBM Websphere Application Server 8.0/8.5/9.0

IBM WebSphere Application Server using malformed SOAP requests could allow a remote attacker to obtain sensitive information.

5.0
2017-06-08 CVE-2016-6093 IBM Credentials Management vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2017-06-08 CVE-2015-3634 Slideshow Project Information Exposure vulnerability in Slideshow Project Slideshow

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values.

5.0
2017-06-08 CVE-2015-1379 Dest Unreach Improper Input Validation vulnerability in Dest-Unreach Socat

The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash).

5.0
2017-06-08 CVE-2016-6594 Bluecoat 7PK - Security Features vulnerability in Bluecoat Advanced Secure Gateway, Cacheflow and Proxysg

Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning.

5.0
2017-06-08 CVE-2014-7919 Google Null Pointer Dereference vulnerability in Google Android

b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash).

5.0
2017-06-08 CVE-2016-5416 Redhat Information Exposure vulnerability in Redhat products

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.

5.0
2017-06-08 CVE-2016-5405 Redhat Information Management Errors vulnerability in Redhat products

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.

5.0
2017-06-08 CVE-2016-4992 Redhat Information Exposure vulnerability in Redhat products

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.

5.0
2017-06-08 CVE-2016-3099 Redhat USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Redhat products

mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.

5.0
2017-06-08 CVE-2016-4457 Redhat Cryptographic Issues vulnerability in Redhat Cloudforms Management Engine 5.7

CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.

5.0
2017-06-08 CVE-2016-3112 Pulpproject Improper Access Control vulnerability in Pulpproject Pulp

client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.

5.0
2017-06-08 CVE-2016-3091 Cloud Foundry Data Processing Errors vulnerability in Cloud Foundry Diego 0.1468.0/0.1469.0/0.1470.0

Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service.

5.0
2017-06-08 CVE-2017-9022 Strongswan
Debian
Canonical
Improper Input Validation vulnerability in multiple products

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

5.0
2017-06-08 CVE-2015-2251 Huawei Information Exposure vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript.

5.0
2017-06-08 CVE-2014-4843 IBM Improperly Implemented Security Check FOR Standard vulnerability in IBM Curam Social Program Management

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.

5.0
2017-06-07 CVE-2015-3295 Markdown IT Project Improper Access Control vulnerability in Markdown-It Project Markdown-It 4.0.3

markdown-it before 4.1.0 does not block data: URLs.

5.0
2017-06-07 CVE-2015-8235 Call CC Path Traversal vulnerability in Call-Cc Spiffy

Directory traversal vulnerability in Spiffy before 5.4.

5.0
2017-06-07 CVE-2015-5175 Apache Improper Input Validation vulnerability in Apache CXF Fediz

Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers to cause a denial of service.

5.0
2017-06-07 CVE-2017-4917 Vmware USE of A Broken OR Risky Cryptographic Algorithm vulnerability in VMWare Vsphere Data Protection

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption.

5.0
2017-06-07 CVE-2017-1196 IBM Weak Password Requirements vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2017-06-07 CVE-2016-9710 IBM Information Exposure vulnerability in IBM Cognos Business Intelligence Server

IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files.

5.0
2017-06-07 CVE-2016-6087 IBM Improper Input Validation vulnerability in IBM Domino

IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation.

5.0
2017-06-07 CVE-2016-5959 IBM Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1

IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters.

5.0
2017-06-07 CVE-2017-7564 ARM Improper Input Validation vulnerability in ARM Trusted Firmware

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.

5.0
2017-06-07 CVE-2017-7314 Personify Improper Authentication vulnerability in Personify Personify360 E-Business

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1.

5.0
2017-06-07 CVE-2017-7313 Personify Information Exposure vulnerability in Personify Personify360 E-Business

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1.

5.0
2017-06-07 CVE-2017-9469 Irssi
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory.

5.0
2017-06-07 CVE-2017-9468 Irssi
Debian
Null Pointer Dereference vulnerability in multiple products

In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer.

5.0
2017-06-06 CVE-2016-0768 Postgresql Improper Access Control vulnerability in Postgresql

PostgreSQL PL/Java after 9.0 does not honor access controls on large objects.

5.0
2017-06-06 CVE-2017-5664 Apache Improper Handling of Exceptional Conditions vulnerability in Apache Tomcat

The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page.

5.0
2017-06-05 CVE-2017-9438 Virustotal Uncontrolled Recursion vulnerability in Virustotal Yara 3.5.0

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.

5.0
2017-06-05 CVE-2017-9434 Cryptopp Out-Of-Bounds Read vulnerability in Cryptopp Crypto++

Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.

5.0
2017-06-05 CVE-2017-8840 Peplink Information Exposure vulnerability in Peplink products

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

5.0
2017-06-05 CVE-2017-8837 Peplink Insufficiently Protected Credentials vulnerability in Peplink products

Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

5.0
2017-06-09 CVE-2016-7837 Bluez Buffer Errors vulnerability in Bluez 5.41

Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.

4.6
2017-06-08 CVE-2017-8108 Cisofy Link Following vulnerability in Cisofy Lynis

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.

4.6
2017-06-07 CVE-2016-4973 GNU Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Libssp

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.

4.6
2017-06-07 CVE-2017-7965 Schneider Electric Buffer Errors vulnerability in Schneider-Electric Somachine Hvac 2.1.0

A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.

4.6
2017-06-11 CVE-2017-9526 Gnupg Information Exposure vulnerability in Gnupg Libgcrypt

In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key.

4.3
2017-06-09 CVE-2017-5004 EMC Cross-Site Scripting vulnerability in EMC products

EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

4.3
2017-06-09 CVE-2017-5003 EMC Cross-Site Scripting vulnerability in EMC products

EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Reflected Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system.

4.3
2017-06-09 CVE-2017-2187 Codecabin Cross-Site Scripting vulnerability in Codecabin WP Live Chat Support

Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-06-09 CVE-2017-2180 IPA Information Exposure vulnerability in IPA Appgoat 3.0.0/3.0.1

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors.

4.3
2017-06-09 CVE-2016-7821 Buffalotech Improper Input Validation vulnerability in Buffalotech Wnc01Wh Firmware

Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.

4.3
2017-06-09 CVE-2016-7817 Simple Keitai Chat Project Cross-Site Scripting vulnerability in Simple Keitai Chat Project Simple Keitai Chat 2.0

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-06-09 CVE-2016-7816 Cybozu Improper Certificate Validation vulnerability in Cybozu Kintone

The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-06-09 CVE-2016-7813 Emon CMS Cross-Site Scripting vulnerability in Emon-Cms Deraemon-Cms

Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the parameters hostname, database and username.

4.3
2017-06-09 CVE-2016-7808 Corega Cross-Site Scripting vulnerability in Corega Cg-Wlbaragm Firmware and Cg-Wlbargnl Firmware

Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-06-09 CVE-2016-7805 Unisys Improper Certificate Validation vulnerability in Unisys Mobigate

The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2017-06-09 CVE-2016-4909 Cybozu Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon

Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.

4.3
2017-06-09 CVE-2016-4906 Cybozu Cross-Site Scripting vulnerability in Cybozu Garoon

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.

4.3
2017-06-09 CVE-2017-9523 Sophos Cross-Site Scripting vulnerability in Sophos web Appliance

The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.

4.3
2017-06-08 CVE-2017-1179 IBM Inadequate Encryption Strength vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

4.3
2017-06-08 CVE-2015-1588 Open Xchange Cross-Site Scripting vulnerability in Open-Xchange Appsuite and Open-Xchange Server

Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21.

4.3
2017-06-08 CVE-2016-5648 Acer Improper Certificate Validation vulnerability in Acer Portal 3.9.3.2006

Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate.

4.3
2017-06-08 CVE-2017-9023 Strongswan Infinite Loop vulnerability in Strongswan

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.

4.3
2017-06-08 CVE-2015-2255 Huawei Data Processing Errors vulnerability in Huawei Ar1220 Firmware

Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port.

4.3
2017-06-08 CVE-2017-9520 Radare USE After Free vulnerability in Radare Radare2 1.5.0

The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.

4.3
2017-06-07 CVE-2014-9310 Wordpress Backup TO Dropbox Project Cross-Site Scripting vulnerability in Wordpress Backup TO Dropbox Project Wordpress Backup TO Dropbox

Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dropbox plugin before 4.1 for WordPress.

4.3
2017-06-07 CVE-2015-8538 Libdwarf Project Improper Input Validation vulnerability in Libdwarf Project Libdwarf

dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).

4.3
2017-06-07 CVE-2015-6540 Igcb Cross-Site Scripting vulnerability in Igcb Intellect Digital Core

Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software.

4.3
2017-06-07 CVE-2017-9355 Subsonic Server-Side Request Forgery (SSRF) vulnerability in Subsonic 6.1.1

XML external entity (XXE) vulnerability in the import playlist feature in Subsonic 6.1.1 might allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted XSPF playlist file.

4.3
2017-06-07 CVE-2017-1178 IBM Cross-Site Scripting vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70

IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting.

4.3
2017-06-07 CVE-2017-9501 Imagemagick Reachable Assertion vulnerability in Imagemagick 7.0.57

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-06-07 CVE-2017-9500 Imagemagick Reachable Assertion vulnerability in Imagemagick 7.0.58

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-06-07 CVE-2017-9499 Imagemagick Reachable Assertion vulnerability in Imagemagick 7.0.57

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-06-07 CVE-2016-9834 Sophos Cross-Site Scripting vulnerability in Sophos Cyberoam Firmware

An XSS vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware through 10.6.4.

4.3
2017-06-07 CVE-2017-9474 Ytnef Project Out-Of-Bounds Read vulnerability in Ytnef Project Ytnef 1.9.2

In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-06-07 CVE-2017-9473 Ytnef Project
Canonical
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
4.3
2017-06-07 CVE-2017-9472 Ytnef Project Out-Of-Bounds Read vulnerability in Ytnef Project Ytnef 1.9.2

In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-06-07 CVE-2017-9471 Ytnef Project
Canonical
Out-Of-Bounds Read vulnerability in multiple products

In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-06-07 CVE-2017-9470 Ytnef Project Null Pointer Dereference vulnerability in Ytnef Project Ytnef 1.9.2

In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

4.3
2017-06-06 CVE-2016-5004 Apache Resource Exhaustion vulnerability in Apache Ws-Xmlrpc 3.1.3

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.

4.3
2017-06-06 CVE-2015-3830 Google Improper Input Validation vulnerability in Google Android

The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.

4.3
2017-06-06 CVE-2015-1207 Google
Debian
Double Free vulnerability in multiple products

Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.

4.3
2017-06-06 CVE-2017-9451 Flatcore Cross-Site Scripting vulnerability in Flatcore 1.4.6

Cross site scripting (XSS) vulnerability in pages.edit_form.php in flatCore 1.4.6 allows remote attackers to inject arbitrary JavaScript via the PATH_INFO in an acp.php URL, due to use of unsanitized $_SERVER['PHP_SELF'] to generate URLs.

4.3
2017-06-06 CVE-2017-8920 Cgiirc Cross-Site Scripting vulnerability in Cgiirc Cgi:Irc

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.

4.3
2017-06-06 CVE-2017-9332 Pivotx Cross-Site Scripting vulnerability in Pivotx 2.3.11

The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.

4.3
2017-06-06 CVE-2017-7515 Freedesktop Uncontrolled Recursion vulnerability in Freedesktop Poppler

poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.

4.3
2017-06-06 CVE-2014-9951 Google Information Exposure vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist.

4.3
2017-06-06 CVE-2014-9947 Google Information Exposure vulnerability in Google Android

In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist.

4.3
2017-06-05 CVE-2017-9420 Sunnythemes Cross-Site Scripting vulnerability in Sunnythemes Spiffy Calendar

Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.

4.3
2017-06-05 CVE-2017-9440 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.55

In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-06-05 CVE-2017-9439 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.55

In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-06-05 CVE-2017-8839 Peplink Cross-Site Scripting vulnerability in Peplink products

XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

4.3
2017-06-05 CVE-2017-8838 Peplink Cross-Site Scripting vulnerability in Peplink products

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.

4.3
2017-06-05 CVE-2017-8440 Elastic Cross-Site Scripting vulnerability in Elastic Kibana

Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

4.3
2017-06-05 CVE-2017-8439 Elastic Cross-Site Scripting vulnerability in Elastic Kibana 5.4.0

Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder.

4.3
2017-06-09 CVE-2017-2165 Groupsession Information Exposure vulnerability in Groupsession

GroupSession versions 4.6.4 and earlier allows remote authenticated attackers to bypass access restrictions to obtain sensitive information such as emails via unspecified vectors.

4.0
2017-06-09 CVE-2016-7826 Buffalotech Path Traversal vulnerability in Buffalotech Wnc01Wh Firmware

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.

4.0
2017-06-09 CVE-2016-7825 Buffalotech Path Traversal vulnerability in Buffalotech Wnc01Wh Firmware

Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.

4.0
2017-06-09 CVE-2016-7802 Cybozu Path Traversal vulnerability in Cybozu Garoon

Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

4.0
2017-06-09 CVE-2016-7801 Cybozu Improper Access Control vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.

4.0
2017-06-09 CVE-2016-4910 Cybozu Improper Access Control vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors.

4.0
2017-06-09 CVE-2016-4908 Cybozu Improper Access Control vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.

4.0
2017-06-08 CVE-2016-8987 IBM Information Exposure vulnerability in IBM Maximo Asset Management 7.1/7.5/7.6

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.

4.0
2017-06-08 CVE-2014-6031 F5 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F5 products

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.

4.0
2017-06-07 CVE-2016-3051 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Security Access Manager 9.0 Firmware

IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server.

4.0
2017-06-07 CVE-2016-3019 IBM Inadequate Encryption Strength vulnerability in IBM Security Access Manager 9.0 Firmware

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

4.0
2017-06-07 CVE-2015-7514 Openstack Information Exposure vulnerability in Openstack Ironic 4.2.0/4.2.1

OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information.

4.0
2017-06-06 CVE-2016-3077 Redhat Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Ovirt-Engine

The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs.

4.0
2017-06-06 CVE-2016-3066 Spice GTK Project Information Exposure vulnerability in Spice-Gtk Project Spice-Gtk

The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.

4.0
2017-06-06 CVE-2016-2192 Tada AB Improper Access Control vulnerability in Tada AB Postgre SQL Pl/Java

PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.

4.0
2017-06-06 CVE-2016-0767 Tada AB Improper Access Control vulnerability in Tada AB Postgre SQL Pl/Java

PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath.

4.0
2017-06-05 CVE-2017-8441 Elastic Information Exposure vulnerability in Elastic X-Pack

Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases.

4.0

27 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-06-08 CVE-2016-3108 Pulpproject Link Following vulnerability in Pulpproject Pulp

The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.

3.6
2017-06-07 CVE-2016-6089 IBM Improper Access Control vulnerability in IBM Websphere MQ 9.0.0.0/9.0.1

IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls.

3.6
2017-06-07 CVE-2015-8326 Iptables Parse Project Link Following vulnerability in Iptables-Parse Project Iptables-Parse Module

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.

3.6
2017-06-09 CVE-2016-7810 Corega Cross-Site Scripting vulnerability in Corega Cg-Wlr300Nx Firmware

Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver.

3.5
2017-06-09 CVE-2016-7469 F5 Cross-Site Scripting vulnerability in F5 products

A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML.

3.5
2017-06-08 CVE-2017-1140 IBM Cross-Site Scripting vulnerability in IBM Business Process Manager

IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site scripting.

3.5
2017-06-08 CVE-2015-2253 Huawei Information Exposure vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101

The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document.

3.5
2017-06-08 CVE-2017-9516 Craftcms Cross-Site Scripting vulnerability in Craftcms Craft CMS

Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.

3.5
2017-06-07 CVE-2015-6959 Vindula Cross-Site Scripting vulnerability in Vindula 1.9

Cross-site scripting (XSS) vulnerability in Vindula 1.9.

3.5
2017-06-07 CVE-2017-1305 IBM Cross-Site Scripting vulnerability in IBM Rational Doors Next Generation 6.0.2/6.0.3

IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting.

3.5
2017-06-06 CVE-2017-9452 Piwigo Cross-Site Scripting vulnerability in Piwigo

Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.

3.5
2017-06-06 CVE-2017-9448 Bigtreecms Cross-Site Scripting vulnerability in Bigtreecms Bigtree CMS

Cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter.

3.5
2017-06-05 CVE-2017-9441 Bigtreecms Cross-Site Scripting vulnerability in Bigtreecms Bigtree CMS

** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML by uploading a crafted package, triggering mishandling of the (1) title or (2) version or (3) author_name parameter in manifest.json.

3.5
2017-06-09 CVE-2016-7823 Buffalotech Cross-Site Scripting vulnerability in Buffalotech Wnc01Wh Firmware

Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

2.3
2017-06-08 CVE-2016-3095 Fedoraproject
Pulpproject
Information Exposure vulnerability in multiple products

server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key.

2.1
2017-06-08 CVE-2016-3111 Pulpproject Information Exposure vulnerability in Pulpproject Pulp

pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running.

2.1
2017-06-08 CVE-2016-3107 Pulpproject Improper Access Control vulnerability in Pulpproject Pulp

The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.

2.1
2017-06-07 CVE-2017-4905 Vmware Information Exposure vulnerability in VMWare products

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage.

2.1
2017-06-07 CVE-2017-4900 Vmware Null Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO

VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver.

2.1
2017-06-07 CVE-2017-1125 IBM Information Exposure vulnerability in IBM Cognos Business Intelligence Server

IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file.

2.1
2017-06-07 CVE-2016-8939 IBM Information Exposure vulnerability in IBM Tivoli Storage Manager

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised.

2.1
2017-06-07 CVE-2016-5960 IBM Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1

IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user.

2.1
2017-06-06 CVE-2016-9960 Game Music EMU Project
Fedoraproject
Opensuse
Opensuse Project
Novell
Divide BY Zero vulnerability in multiple products

game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

2.1
2017-06-06 CVE-2014-8180 Mongodb
Redhat
Improper Authentication vulnerability in Mongodb

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

2.1
2017-06-08 CVE-2017-9330 Qemu
Debian
Infinite Loop vulnerability in multiple products

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.

1.9
2017-06-08 CVE-2017-9310 Qemu
Debian
Infinite Loop vulnerability in multiple products

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer.

1.9
2017-06-07 CVE-2017-4899 Vmware Out-Of-Bounds Read vulnerability in VMWare Workstation Player and Workstation PRO

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver.

1.9