Weekly Vulnerabilities Reports > July 10 to 16, 2017

Overview

153 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 41 high severity vulnerabilities. This weekly summary report vulnerabilities in 95 products from 42 vendors including Microsoft, IBM, Cisco, Apache, and Finecms Project. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Preservation of Permissions", "Improper Input Validation", and "Information Exposure".

  • 130 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 131 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 54 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

9 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-11 CVE-2017-8589 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

10.0
2017-07-11 CVE-2017-8578 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

9.3
2017-07-11 CVE-2017-8570 Microsoft Unspecified vulnerability in Microsoft Office

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3
2017-07-11 CVE-2017-8565 Microsoft Unspecified vulnerability in Microsoft products

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShell Remote Code Execution Vulnerability".

9.3
2017-07-11 CVE-2017-8502 Microsoft Buffer Errors vulnerability in Microsoft Excel 2010/2013/2016

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2017-07-11 CVE-2017-8501 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2017-07-11 CVE-2017-8463 Microsoft Unspecified vulnerability in Microsoft products

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and shares during rename operations, aka "Windows Explorer Remote Code Execution Vulnerability".

9.3
2017-07-11 CVE-2017-0243 Microsoft Buffer Errors vulnerability in Microsoft products

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3
2017-07-10 CVE-2017-7175 Nfsen OS Command Injection vulnerability in Nfsen 1.2.3

NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).

9.0

41 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-11 CVE-2017-8584 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."

7.9
2017-07-12 CVE-2017-9845 SAP Resource Exhaustion vulnerability in SAP Netweaver 7.40

disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918.

7.8
2017-07-12 CVE-2017-11188 Imagemagick Excessive Iteration vulnerability in Imagemagick 7.0.60

The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

7.8
2017-07-11 CVE-2017-7730 Ismartalarm Improper Input Validation vulnerability in Ismartalarm Cube ONE Firmware

iSmartAlarm cube devices allow Denial of Service.

7.8
2017-07-11 CVE-2017-11164 Pcre Uncontrolled Recursion vulnerability in Pcre 8.41

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

7.8
2017-07-10 CVE-2017-11142 PHP Resource Exhaustion vulnerability in PHP

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.

7.8
2017-07-13 CVE-2017-6249 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-07-11 CVE-2017-8619 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8618, CVE-2017-9598 and CVE-2017-8609.

7.6
2017-07-11 CVE-2017-8618 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8619, CVE-2017-9598 and CVE-2017-8609.

7.6
2017-07-11 CVE-2017-8617 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."

7.6
2017-07-11 CVE-2017-8610 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8609 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8608 Microsoft Buffer Errors vulnerability in Microsoft Edge and Internet Explorer

Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8607 Microsoft Buffer Errors vulnerability in Microsoft Edge and Internet Explorer

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8606 Microsoft Buffer Errors vulnerability in Microsoft Edge and Internet Explorer

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8605 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8604 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8603 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8601 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8598 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8596 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8595 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8594 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6
2017-07-11 CVE-2017-8588 Microsoft Unspecified vulnerability in Microsoft products

Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka "WordPad Remote Code Execution Vulnerability".

7.6
2017-07-12 CVE-2017-11174 Xoops SQL Injection vulnerability in Xoops 2.5.8.1

In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses.

7.5
2017-07-12 CVE-2017-9844 SAP Deserialization of Untrusted Data vulnerability in SAP Netweaver 7400.12.21.30308

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.

7.5
2017-07-12 CVE-2017-4053 Mcafee OS Command Injection vulnerability in Mcafee Advanced Threat Defense

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.

7.5
2017-07-12 CVE-2017-4052 Mcafee Missing Authentication FOR Critical Function vulnerability in Mcafee Advanced Threat Defense

Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter.

7.5
2017-07-12 CVE-2017-11167 Finecms Project Code Injection vulnerability in Finecms Project Finecms 2.1.0

FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value.

7.5
2017-07-11 CVE-2017-7728 Ismartalarm Unspecified vulnerability in Ismartalarm Cube ONE Firmware

On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography.

7.5
2017-07-10 CVE-2017-5640 Apache Improper Authentication vulnerability in Apache Impala 2.7.0/2.8.0

It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not).

7.5
2017-07-10 CVE-2017-9791 Apache Improper Input Validation vulnerability in Apache Struts

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

7.5
2017-07-10 CVE-2017-11139 Graphicsmagick
Debian
Double Free vulnerability in multiple products

GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.

7.5
2017-07-10 CVE-2017-11125 XAR Project Null Pointer Dereference vulnerability in XAR Project XAR 1.6.1

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.

7.5
2017-07-10 CVE-2017-11124 XAR Project Null Pointer Dereference vulnerability in XAR Project XAR 1.6.1

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.

7.5
2017-07-11 CVE-2017-11176 Linux
Debian
USE After Free vulnerability in Linux Kernel

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic.

7.2
2017-07-10 CVE-2017-6735 Cisco Improper Input Validation vulnerability in Cisco Firesight System Software 6.2.0/6.2.1

A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system.

7.2
2017-07-10 CVE-2017-6732 Cisco Improper Privilege Management vulnerability in Cisco Prime Network

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges.

7.2
2017-07-10 CVE-2017-11166 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.56

The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.

7.1
2017-07-10 CVE-2017-11141 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.56

The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.

7.1
2017-07-10 CVE-2017-11140 Graphicsmagick Resource Exhaustion vulnerability in Graphicsmagick 1.3.26

The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

7.1

86 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-11 CVE-2017-8577 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8574 Microsoft Improper Preservation of Permissions vulnerability in Microsoft Windows 10 and Windows Server 2016

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8573 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8562 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8561 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8556 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability".

6.9
2017-07-11 CVE-2017-8467 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

6.9
2017-07-10 CVE-2017-6728 Cisco Improper Privilege Management vulnerability in Cisco IOS XR

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary code at the root privilege level on an affected system, because of Incorrect Permissions.

6.9
2017-07-13 CVE-2017-11310 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files.

6.8
2017-07-13 CVE-2017-11103 Heimdal Project
Freebsd
Samba
Apple
Debian
Insufficient Verification of Data Authenticity vulnerability in multiple products

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification.

6.8
2017-07-13 CVE-2017-11173 Rack Cors Project
Debian
Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests.
6.8
2017-07-12 CVE-2017-11196 Pulsesecure Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0

Pulse Connect Secure 8.3R1 has CSRF in logout.cgi.

6.8
2017-07-12 CVE-2017-11193 Pulsesecure Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0

Pulse Connect Secure 8.3R1 has CSRF in diag.cgi.

6.8
2017-07-12 CVE-2017-2863 Iceni Out-Of-Bounds Write vulnerability in Iceni Infix 7.1.5

An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5.

6.8
2017-07-12 CVE-2017-2820 Freedesktop Integer Overflow OR Wraparound vulnerability in Freedesktop Poppler 0.53.0

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0.

6.8
2017-07-12 CVE-2017-2818 Freedesktop Buffer Errors vulnerability in Freedesktop Poppler 0.53.0

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.

6.8
2017-07-12 CVE-2017-2814 Freedesktop Buffer Errors vulnerability in Freedesktop Poppler 0.53.0

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.

6.8
2017-07-12 CVE-2017-11190 Rarzilla Buffer Errors vulnerability in Rarzilla Unrar-Free 0.0.1

unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via an RAR archive containing a long filename.

6.8
2017-07-11 CVE-2017-11170 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.56

The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.

6.8
2017-07-13 CVE-2017-11200 Finecms Project SQL Injection vulnerability in Finecms Project Finecms

SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter.

6.5
2017-07-12 CVE-2017-4057 Mcafee Unspecified vulnerability in Mcafee Advanced Threat Defense

Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands.

6.5
2017-07-12 CVE-2017-4054 Mcafee Command Injection vulnerability in Mcafee Advanced Threat Defense

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.

6.5
2017-07-11 CVE-2017-8569 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Server 2016

Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request to an affected SharePoint server, aka "SharePoint Server XSS Vulnerability".

6.5
2017-07-13 CVE-2017-9788 Apache
Debian
Apple
Netapp
Redhat
Oracle
Improper Input Validation vulnerability in multiple products

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest.

6.4
2017-07-12 CVE-2016-8638 Ipsilon Project Session Fixation vulnerability in Ipsilon Project Ipsilon

A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users.

6.4
2017-07-10 CVE-2017-11147 PHP Out-Of-Bounds Read vulnerability in PHP

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.

6.4
2017-07-11 CVE-2017-8580 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

6.2
2017-07-11 CVE-2017-8495 Microsoft Improper Authentication vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with the SNAME field during ticket exchange, aka "Kerberos SNAME Security Feature Bypass Vulnerability" or Orpheus' Lyre.

6.0
2017-07-10 CVE-2017-8032 Pivotal Software Improper Privilege Management vulnerability in Pivotal Software products

In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.17, 24.x versions prior to v24.12.

6.0
2017-07-12 CVE-2016-8947 IBM Open Redirect vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2017-07-11 CVE-2017-8621 Microsoft Open Redirect vulnerability in Microsoft Exchange Server 2010/2013/2016

Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an open redirect vulnerability that could lead to spoofing, aka "Microsoft Exchange Open Redirect Vulnerability".

5.8
2017-07-10 CVE-2017-1398 IBM Open Redirect vulnerability in IBM Websphere Commerce

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2017-07-11 CVE-2017-8563 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol, aka "Windows Elevation of Privilege Vulnerability".

5.1
2017-07-13 CVE-2017-9789 Apache USE After Free vulnerability in Apache Http Server 2.4.26

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

5.0
2017-07-13 CVE-2017-9787 Apache Unspecified vulnerability in Apache Struts

When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack.

5.0
2017-07-13 CVE-2016-8964 IBM Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool

IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

5.0
2017-07-13 CVE-2016-8951 IBM Improper Authentication vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack.

5.0
2017-07-13 CVE-2017-7529 Nginx
Puppet
Integer Overflow OR Wraparound vulnerability in multiple products

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

5.0
2017-07-12 CVE-2017-9977 AVG
Apple
Unspecified vulnerability in AVG Anti-Virus

AVG AntiVirus for MacOS with scan engine before 4668 might allow remote attackers to bypass malware detection by leveraging failure to scan inside disk image (aka DMG) files.

5.0
2017-07-12 CVE-2017-4055 Mcafee Missing Authentication FOR Critical Function vulnerability in Mcafee Advanced Threat Defense

Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to bypass ATD detection via loose enforcement of authentication and authorization.

5.0
2017-07-12 CVE-2017-11187 Phpmyfaq Improper Restriction of Excessive Authentication Attempts vulnerability in PHPmyfaq

phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.

5.0
2017-07-12 CVE-2017-11165 Datataker Information Exposure vulnerability in Datataker Dt80 DEX Firmware 1.50.012

dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.

5.0
2017-07-12 CVE-2017-11178 Finecms Project Insufficient Verification of Data Authenticity vulnerability in Finecms Project Finecms 2.1.0

In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action.

5.0
2017-07-11 CVE-2017-8585 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.

5.0
2017-07-11 CVE-2017-7729 Ismartalarm Missing Encryption of Sensitive Data vulnerability in Ismartalarm Cube ONE Firmware

On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted in cleartext.

5.0
2017-07-11 CVE-2017-7726 Ismartalarm Improper Certificate Validation vulnerability in Ismartalarm Cube ONE Firmware

iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability.

5.0
2017-07-10 CVE-2017-6731 Cisco Buffer Errors vulnerability in Cisco IOS XR 4.3.2.Mcast/6.0.2.Base

A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition.

5.0
2017-07-10 CVE-2017-6730 Cisco Information Exposure vulnerability in Cisco Wide Area Application Services 4.4(7)/6.2(1)/6.2(3)

A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system, aka Information Disclosure.

5.0
2017-07-10 CVE-2017-6729 Cisco Unspecified vulnerability in Cisco ASR 5000 Software

A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition.

5.0
2017-07-10 CVE-2017-6727 Cisco Improper Input Validation vulnerability in Cisco Wide Area Application Services 6.2(3A)

A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly and creating Core Dump files.

5.0
2017-07-10 CVE-2017-5652 Apache Cleartext Transmission of Sensitive Information vulnerability in Apache Impala 2.7.0/2.8.0

During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS.

5.0
2017-07-10 CVE-2017-7670 Apache Resource Exhaustion vulnerability in Apache Traffic Control

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack.

5.0
2017-07-10 CVE-2017-11145 PHP Information Exposure vulnerability in PHP

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function.

5.0
2017-07-10 CVE-2017-11144 PHP Improper Check FOR Unusual OR Exceptional Conditions vulnerability in PHP

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

5.0
2017-07-10 CVE-2017-11143 PHP USE After Free vulnerability in PHP

In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.

5.0
2017-07-10 CVE-2016-10397 PHP Improper Input Validation vulnerability in PHP

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example.com/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).

5.0
2017-07-12 CVE-2016-8953 IBM Open Redirect vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

4.9
2017-07-11 CVE-2017-11171 Gnome Infinite Loop vulnerability in Gnome Gnome-Session

Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie).

4.9
2017-07-11 CVE-2017-8590 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way that the Windows Common Log File System (CLFS) driver handles objects in memory, aka "Windows CLFS Elevation of Privilege Vulnerability".

4.6
2017-07-11 CVE-2017-10600 Canonical Session Fixation vulnerability in Canonical Ubuntu-Image 1.0

ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user.

4.6
2017-07-11 CVE-2017-8566 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM class, aka "Windows IME Elevation of Privilege Vulnerability".

4.4
2017-07-13 CVE-2017-7672 Apache Improper Input Validation vulnerability in Apache Struts

If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.

4.3
2017-07-13 CVE-2017-11202 Finecms Project Cross-Site Scripting vulnerability in Finecms Project Finecms

FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180.

4.3
2017-07-13 CVE-2017-11198 Finecms Project Cross-Site Scripting vulnerability in Finecms Project Finecms

Cross-site scripting (XSS) vulnerability in /application/lib/ajax/get_image.php in FineCMS through 2017-07-12 allows remote attackers to inject arbitrary web script or HTML via the folder, id, or name parameter.

4.3
2017-07-12 CVE-2017-11195 Pulsesecure Cross-Site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi.

4.3
2017-07-12 CVE-2017-11194 Pulsesecure Cross-Site Scripting vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0

Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi.

4.3
2017-07-12 CVE-2017-1321 IBM Cross-Site Scripting vulnerability in IBM products

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting.

4.3
2017-07-12 CVE-2017-11189 Rarzilla Null Pointer Dereference vulnerability in Rarzilla Unrar-Free 0.0.1

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application.

4.3
2017-07-12 CVE-2017-7678 Apache Cross-Site Scripting vulnerability in Apache Spark

In Apache Spark before 2.2.0, it is possible for an attacker to take advantage of a user's trust in the server to trick them into visiting a link that points to a shared Spark cluster and submits data including MHTML to the Spark master, or history server.

4.3
2017-07-12 CVE-2017-11180 Finecms Project Cross-Site Scripting vulnerability in Finecms Project Finecms

FineCMS through 2017-07-11 has stored XSS in the logging functionality, as demonstrated by an XSS payload in (1) the User-Agent header of an HTTP request or (2) the username entered on the login screen.

4.3
2017-07-12 CVE-2017-11179 Finecms Project Cross-Site Scripting vulnerability in Finecms Project Finecms

FineCMS through 2017-07-11 has stored XSS in route=admin when modifying user information, and in route=register when registering a user account.

4.3
2017-07-11 CVE-2017-8611 Microsoft Improper Input Validation vulnerability in Microsoft Edge

Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."

4.3
2017-07-11 CVE-2017-8602 Microsoft Improper Input Validation vulnerability in Microsoft Edge and Internet Explorer

Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a spoofing vulnerability in the way they parse HTTP content, aka "Microsoft Browser Spoofing Vulnerability."

4.3
2017-07-11 CVE-2017-8599 Microsoft Improper Input Validation vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability".

4.3
2017-07-11 CVE-2017-8592 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, aka "Microsoft Browser Security Feature Bypass".

4.3
2017-07-11 CVE-2017-8587 Microsoft Unspecified vulnerability in Microsoft products

Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511 allows a denial of service vulnerability when it attempts to open a non-existent file, aka "Windows Explorer Denial of Service Vulnerability".

4.3
2017-07-11 CVE-2017-8582 Microsoft Information Exposure vulnerability in Microsoft products

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memory, aka "Https.sys Information Disclosure Vulnerability".

4.3
2017-07-11 CVE-2017-8560 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013/2016

Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka "Microsoft Exchange Cross-Site Scripting Vulnerability".

4.3
2017-07-11 CVE-2017-8559 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013/2016

Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka "Microsoft Exchange Cross-Site Scripting Vulnerability".

4.3
2017-07-11 CVE-2017-0170 Microsoft XXE vulnerability in Microsoft products

Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability due to the way it parses XML input, aka "Windows Performance Monitor Information Disclosure Vulnerability".

4.3
2017-07-10 CVE-2017-6733 Cisco Cross-Site Scripting vulnerability in Cisco Identity Services Engine 2.1(102.101)/2.2(0.283)/2.3(0.151)

A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system.

4.3
2017-07-10 CVE-2017-1337 IBM Insufficiently Protected Credentials vulnerability in IBM Websphere MQ 9.0.1/9.0.2

IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text.

4.3
2017-07-10 CVE-2017-11126 Mpg123 Out-Of-Bounds Read vulnerability in Mpg123

The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870.

4.3
2017-07-13 CVE-2017-1308 IBM Files OR Directories Accessible TO External Parties vulnerability in IBM Daeja Viewone 4.1.5/4.1.5.1/5.0

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls.

4.0
2017-07-12 CVE-2017-1285 IBM Improper Input Validation vulnerability in IBM Websphere MQ 9.0.1/9.0.2

IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages.

4.0
2017-07-12 CVE-2017-9843 SAP Denial of Service vulnerability in SAP Netweaver Abap 7.40

SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841.

4.0

17 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-11 CVE-2017-8581 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

3.7
2017-07-13 CVE-2016-8952 IBM Cross-Site Scripting vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting.

3.5
2017-07-13 CVE-2016-6019 IBM Cross-Site Scripting vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting.

3.5
2017-07-13 CVE-2017-11201 Finecms Project Cross-Site Scripting vulnerability in Finecms Project Finecms

application/core/controller/images.php in FineCMS through 2017-07-12 allows remote authenticated admins to conduct XSS attacks by uploading an image via a route=images action.

3.5
2017-07-12 CVE-2016-8950 IBM Cross-Site Scripting vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting.

3.5
2017-07-12 CVE-2016-8948 IBM Cross-Site Scripting vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting.

3.5
2017-07-12 CVE-2016-8946 IBM Cross-Site Scripting vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting.

3.5
2017-07-12 CVE-2016-6114 IBM Cross-Site Scripting vulnerability in IBM Emptoris Sourcing

IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting.

3.5
2017-07-12 CVE-2017-11182 Fairsketch Cross-Site Scripting vulnerability in Fairsketch Rise Ultimate Project Manager 1.8

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section.

3.5
2017-07-12 CVE-2017-11181 Fairsketch Cross-Site Scripting vulnerability in Fairsketch Rise Ultimate Project Manager 1.8

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the Messaging section.

3.5
2017-07-10 CVE-2017-6734 Cisco Cross-Site Scripting vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected device, related to the Guest Portal.

3.5
2017-07-10 CVE-2017-11163 Cacti Cross-Site Scripting vulnerability in Cacti 1.1.12

Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable.

3.5
2017-07-11 CVE-2017-8564 Microsoft Information Exposure vulnerability in Microsoft products

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-07-11 CVE-2017-8557 Microsoft XXE vulnerability in Microsoft products

Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability improperly parses XML input containing a reference to an external entity, aka "Windows System Information Console Information Disclosure Vulnerability".

2.1
2017-07-10 CVE-2017-6726 Cisco Information Exposure vulnerability in Cisco Prime Network 4.2(1.0)P1

A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information.

2.1
2017-07-11 CVE-2017-8486 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure due to the way it handles objects in memory, aka "Win32k Information Disclosure Vulnerability".

1.9
2017-07-10 CVE-2017-1284 IBM Information Exposure vulnerability in IBM Websphere MQ 9.0.1/9.0.2

IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials.

1.9