Weekly Vulnerabilities Reports > July 17 to 23, 2017

Overview

445 new vulnerabilities reported during this period, including 65 critical vulnerabilities and 77 high severity vulnerabilities. This weekly summary report vulnerabilities in 362 products from 168 vendors including Apple, Microsoft, Imagemagick, Juniper, and IBM. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "Out-of-bounds Read".

  • 416 reported vulnerabilities are remotely exploitables.
  • 27 reported vulnerabilities have public exploit available.
  • 131 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 376 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 67 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 18 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

65 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-22 CVE-2017-3222 Inmarsat USE of Hard-Coded Credentials vulnerability in Inmarsat Amosconnect

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

10.0
2017-07-22 CVE-2017-2126 Buffalo Improper Authentication vulnerability in Buffalo Wapm-1166D Firmware and Wapm-Apg600H Firmware

WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.

10.0
2017-07-20 CVE-2017-6316 Citrix Improper Input Validation vulnerability in Citrix Netscaler Sd-Wan

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie.

10.0
2017-07-20 CVE-2017-11467 Orientdb Improper Privilege Management vulnerability in Orientdb 2.0.14/2.1.0

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

10.0
2017-07-19 CVE-2017-7977 Unicon Sotware Command Injection vulnerability in Unicon-Software Elux

The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel.

10.0
2017-07-18 CVE-2017-11420 Asuswrt Merlin Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Asuswrt-Merlin Project products

Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.

10.0
2017-07-17 CVE-2017-9811 Kaspersky Improper Input Validation vulnerability in Kaspersky Anti-Virus FOR Linux Server

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312).

10.0
2017-07-17 CVE-2017-8011 EMC USE of Hard-Coded Credentials vulnerability in EMC products

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components.

10.0
2017-07-17 CVE-2017-3099 Adobe
Apple
Linux
Microsoft
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model.

10.0
2017-07-17 CVE-2017-2343 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices.

10.0
2017-07-17 CVE-2017-10601 Juniper Improper Authentication vulnerability in Juniper Junos

A specific device configuration can result in a commit failure condition.

10.0
2017-07-17 CVE-2017-1000060 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root

10.0
2017-07-17 CVE-2017-1000020 Ecos
Greatek
Totolink
Improper Authentication vulnerability in Ecos Embedded web Servers

SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass.

10.0
2017-07-17 CVE-2017-0028 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory.

10.0
2017-07-20 CVE-2017-7069 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7053 Apple
Microsoft
Unspecified vulnerability in Apple Itunes

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7044 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7042 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7041 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7035 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7032 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7027 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7026 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7025 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7024 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7023 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7022 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7021 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7017 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7014 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-07-20 CVE-2017-7009 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-07-17 CVE-2017-2272 Hibara Untrusted Search Path vulnerability in Hibara Attachecase

Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.3.2.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2271 Hibara Untrusted Search Path vulnerability in Hibara Attachecase 2.8.0.0/2.8.2.8/2.8.3.0

Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2270 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.2.0.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2269 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.2.0.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2268 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2267 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2266 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2265 Resume Next Untrusted Search Path vulnerability in Resume-Next Filecapsule Deluxe Portable

Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2253 Yahoo Untrusted Search Path vulnerability in Yahoo Toolbar

Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2252 Sourcenext Untrusted Search Path vulnerability in Sourcenext File Compact

Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2249 Chitora Untrusted Search Path vulnerability in Chitora Lhaz+

Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2248 Chitora Untrusted Search Path vulnerability in Chitora Lhaz+

Untrusted search path vulnerability in Installer of Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2247 Chitora Untrusted Search Path vulnerability in Chitora Lhaz

Untrusted search path vulnerability in Self-extracting archive files created by Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-2246 Chitora Untrusted Search Path vulnerability in Chitora Lhaz

Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-07-17 CVE-2017-11344 Asuswrt Merlin Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Asuswrt-Merlin Project products

Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.

9.3
2017-07-17 CVE-2017-1000034 Akka Deserialization of Untrusted Data vulnerability in Akka

Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.

9.3
2017-07-17 CVE-2017-0152 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers.

9.3
2017-07-22 CVE-2017-2276 Sony Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony Wg-C10 Firmware

Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.

9.0
2017-07-22 CVE-2017-2275 Sony OS Command Injection vulnerability in Sony Wg-C10 Firmware

WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

9.0
2017-07-20 CVE-2017-11495 Phicomm Improper Input Validation vulnerability in Phicomm K2(Psg1218)-Firmware

PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.

9.0
2017-07-20 CVE-2017-11466 Dotcms Unrestricted Upload of File With Dangerous Type vulnerability in Dotcms 4.1.1

Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajax_file_upload.

9.0
2017-07-18 CVE-2017-6320 Barracuda OS Command Injection vulnerability in Barracuda Load Balancer ADC

A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges.

9.0
2017-07-18 CVE-2017-1318 IBM OS Command Injection vulnerability in IBM MQ Appliance

IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution.

9.0
2017-07-17 CVE-2017-6744 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6743 Cisco Buffer Errors vulnerability in Cisco IOS XE

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6742 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6741 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6740 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6739 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6738 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6737 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-6736 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

9.0
2017-07-17 CVE-2017-11361 Intenogroup Improper Privilege Management vulnerability in Intenogroup Inteno Router Firmware

Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus.

9.0
2017-07-17 CVE-2017-2349 Juniper Command Injection vulnerability in Juniper Junos

A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges.

9.0

77 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-20 CVE-2017-7054 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.9
2017-07-20 CVE-2017-7051 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.9
2017-07-20 CVE-2017-7050 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.9
2017-07-18 CVE-2017-11411 Wireshark Improper Input Validation vulnerability in Wireshark

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory.

7.8
2017-07-18 CVE-2017-11410 Wireshark Improper Input Validation vulnerability in Wireshark

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.

7.8
2017-07-18 CVE-2017-11409 Wireshark
Debian
Excessive Iteration vulnerability in multiple products

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop.

7.8
2017-07-18 CVE-2017-11406 Wireshark
Debian
Infinite Loop vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop.

7.8
2017-07-17 CVE-2017-10985 Freeradius Infinite Loop vulnerability in Freeradius

An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.

7.8
2017-07-23 CVE-2017-11543 Tcpdump Buffer Errors vulnerability in Tcpdump 4.9.0

tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.

7.5
2017-07-23 CVE-2017-11542 Tcpdump Out-Of-Bounds Read vulnerability in Tcpdump 4.9.0

tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.

7.5
2017-07-23 CVE-2017-11541 Tcpdump Out-Of-Bounds Read vulnerability in Tcpdump 4.9.0

tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.

7.5
2017-07-22 CVE-2017-7336 Fortinet USE of Hard-Coded Credentials vulnerability in Fortinet Fortiwlm

A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.

7.5
2017-07-22 CVE-2017-2277 Sony Unspecified vulnerability in Sony Wg-C10 Firmware

WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors.

7.5
2017-07-21 CVE-2017-7540 Safemode Project Unspecified vulnerability in Safemode Project Safemode

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax.

7.5
2017-07-21 CVE-2017-7480 Rootkit Hunter Project Channel and Path Errors vulnerability in Rootkit Hunter Project Rootkit Hunter

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

7.5
2017-07-21 CVE-2017-11517 Geutebrueck Buffer Errors vulnerability in Geutebrueck Gcore 1.3.8.42/1.4.2.37

Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request.

7.5
2017-07-21 CVE-2015-3886 Libinfinity Project Improper Certificate Validation vulnerability in Libinfinity Project Libinfinity

libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors.

7.5
2017-07-21 CVE-2017-9980 Greenpacket Command Injection vulnerability in Greenpacket Dx-350 Firmware 2.8.9.5G1.4.8Atheeb

In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter.

7.5
2017-07-21 CVE-2017-9932 Greenpacket USE of Hard-Coded Credentials vulnerability in Greenpacket Dx-350 Firmware 2.8.9.5G1.4.8Atheeb

Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account.

7.5
2017-07-20 CVE-2017-7062 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

7.5
2017-07-20 CVE-2017-9785 Nancyfx Deserialization of Untrusted Data vulnerability in Nancyfx Nancy 2.0.0

Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.

7.5
2017-07-20 CVE-2017-11474 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi

GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.

7.5
2017-07-20 CVE-2017-11471 Idera SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.

7.5
2017-07-20 CVE-2017-11470 Idera SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.

7.5
2017-07-19 CVE-2017-11465 Ruby Lang Out-Of-Bounds Read vulnerability in Ruby-Lang Ruby 2.4.1

The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y.

7.5
2017-07-19 CVE-2016-6798 Apache XXE vulnerability in Apache Sling

In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application.

7.5
2017-07-19 CVE-2017-11445 Intelliants SQL Injection vulnerability in Intelliants Subrion CMS

Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.

7.5
2017-07-19 CVE-2017-11444 Intelliants SQL Injection vulnerability in Intelliants Subrion CMS

Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.

7.5
2017-07-19 CVE-2017-11436 Dlink USE of Hard-Coded Credentials vulnerability in Dlink Dir-615 20.12Ptb01

D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection.

7.5
2017-07-19 CVE-2017-11435 Humax Information Exposure vulnerability in Humax Hg100R Firmware 2.0.6

The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console.

7.5
2017-07-18 CVE-2017-11419 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title'].

7.5
2017-07-18 CVE-2017-11418 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i].

7.5
2017-07-18 CVE-2017-11417 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id'].

7.5
2017-07-18 CVE-2017-11416 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.

7.5
2017-07-18 CVE-2017-11415 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level'].

7.5
2017-07-18 CVE-2017-11414 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id'].

7.5
2017-07-18 CVE-2017-11413 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET['id'].

7.5
2017-07-18 CVE-2017-11412 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET['id'].

7.5
2017-07-17 CVE-2017-9639 Fujielectric Buffer Errors vulnerability in Fujielectric V-Server 3.3.22.0

An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior.

7.5
2017-07-17 CVE-2017-10984 Freeradius Out-Of-Bounds Write vulnerability in Freeradius

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

7.5
2017-07-17 CVE-2017-10979 Freeradius Out-Of-Bounds Write vulnerability in Freeradius

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

7.5
2017-07-17 CVE-2017-7664 Apache XXE vulnerability in Apache Openmeetings

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

7.5
2017-07-17 CVE-2017-2345 Juniper Improper Input Validation vulnerability in Juniper Junos

On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet.

7.5
2017-07-17 CVE-2017-11362 PHP Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function.

7.5
2017-07-17 CVE-2017-11354 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.7

Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name.

7.5
2017-07-17 CVE-2017-11346 Zohocorp Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.

7.5
2017-07-17 CVE-2017-11329 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi

GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.

7.5
2017-07-17 CVE-2017-1000081 Onosproject Unrestricted Upload of File With Dangerous Type vulnerability in Onosproject Onos 1.8.0/1.9.0

Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.

7.5
2017-07-17 CVE-2017-1000075 Creolabs Buffer Errors vulnerability in Creolabs Gravity 1.0

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function

7.5
2017-07-17 CVE-2017-1000074 Creolabs Buffer Errors vulnerability in Creolabs Gravity 1.0

Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.

7.5
2017-07-17 CVE-2017-1000073 Creolabs Buffer Errors vulnerability in Creolabs Gravity 1.0

Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.

7.5
2017-07-17 CVE-2017-1000072 Creolabs Double Free vulnerability in Creolabs Gravity 1.0

Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations

7.5
2017-07-17 CVE-2017-1000056 Kubernetes Missing Authorization vulnerability in Kubernetes

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

7.5
2017-07-17 CVE-2017-1000047 Rbenv Path Traversal vulnerability in Rbenv Project Rbenv

rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution

7.5
2017-07-17 CVE-2017-1000044 Gnome Buffer Errors vulnerability in Gnome Gtk-Vnc 0.4.2

gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering

7.5
2017-07-17 CVE-2017-1000039 Framasoft Improper Input Validation vulnerability in Framasoft Framadate 1.0

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution

7.5
2017-07-17 CVE-2017-1000037 RVM Project Unspecified vulnerability in RVM Project RVM 1.28.0

RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically installs gems as specified by files in $PWD resulting in code execution RVM automatically does "bundle install" on a Gemfile specified by .versions.conf in $PWD resulting in code execution

7.5
2017-07-17 CVE-2017-1000009 Akeneo OS Command Injection vulnerability in Akeneo Product Information Management

Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.

7.5
2017-07-17 CVE-2017-1000004 Atutor SQL Injection vulnerability in Atutor

ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search, Social Friend Search, Social Group Search, File Comment, Gradebook Test Title, User Group Membership, Inbox/Sent Items, Sent Messages, Links, Photo Album, Poll, Social Application, Social Profile, Test, Content Menu, Auto-Login, and Gradebook components resulting in information disclosure, database modification, or potential code execution.

7.5
2017-07-17 CVE-2017-1000003 Atutor Improper Privilege Management vulnerability in Atutor

ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation.

7.5
2017-07-17 CVE-2017-1000002 Atutor Path Traversal vulnerability in Atutor

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution.

7.5
2017-07-20 CVE-2017-11473 Linux
Canonical
Classic Buffer Overflow vulnerability in multiple products

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

7.2
2017-07-17 CVE-2017-3754 Lenovo Unspecified vulnerability in Lenovo Bios

Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS.

7.2
2017-07-17 CVE-2017-2344 Juniper Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Juniper Junos

A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow.

7.2
2017-07-17 CVE-2017-2341 Juniper Improper Authentication vulnerability in Juniper Junos

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges.

7.2
2017-07-17 CVE-2017-10603 Juniper XML Injection (Aka Blind Xpath Injection) vulnerability in Juniper Junos 15.1/15.1X53

An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user.

7.2
2017-07-17 CVE-2017-10602 Juniper Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Juniper Junos

A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges.

7.2
2017-07-17 CVE-2017-1000363 Linux
Debian
Out-Of-Bounds Write vulnerability in Linux Kernel

Linux drivers/char/lp.c Out-of-Bounds Write.

7.2
2017-07-17 CVE-2016-10398 Google Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0

Android 6.0 has an authentication bypass for attackers with root and physical access.

7.2
2017-07-23 CVE-2017-11530 Imagemagick Resource Exhaustion vulnerability in Imagemagick

The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

7.1
2017-07-23 CVE-2017-11527 Imagemagick Resource Exhaustion vulnerability in Imagemagick

The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

7.1
2017-07-23 CVE-2017-11526 Imagemagick Resource Exhaustion vulnerability in Imagemagick

The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.

7.1
2017-07-23 CVE-2017-11525 Imagemagick Allocation of Resources Without Limits OR Throttling vulnerability in Imagemagick

The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

7.1
2017-07-22 CVE-2017-11523 Imagemagick Infinite Loop vulnerability in Imagemagick

The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.

7.1
2017-07-21 CVE-2017-11505 Imagemagick Excessive Iteration vulnerability in Imagemagick

The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.

7.1
2017-07-20 CVE-2017-11478 Imagemagick Infinite Loop vulnerability in Imagemagick

The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.

7.1
2017-07-19 CVE-2017-11446 Imagemagick Infinite Loop vulnerability in Imagemagick 7.0.61

The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.

7.1

274 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-23 CVE-2017-11577 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11575 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.

6.8
2017-07-23 CVE-2017-11574 Fontforge Buffer Errors vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11573 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11572 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11571 Fontforge Buffer Errors vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11570 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11569 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-23 CVE-2017-11568 Fontforge Out-Of-Bounds Read vulnerability in Fontforge 20161012

FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.

6.8
2017-07-22 CVE-2017-2273 Buffalo Cross-Site Request Forgery (CSRF) vulnerability in Buffalo Wmr-433 Firmware and Wmr-433W Firmware

Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

6.8
2017-07-21 CVE-2015-4639 Koha Cross-Site Request Forgery (CSRF) vulnerability in Koha

Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name.

6.8
2017-07-21 CVE-2015-3932 Netlock XML Injection (Aka Blind Xpath Injection) vulnerability in Netlock Mokka

Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object.

6.8
2017-07-21 CVE-2015-3931 Microsec XML Injection (Aka Blind Xpath Injection) vulnerability in Microsec E-Szigno

Microsec e-Szigno before 3.2.7.12 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object.

6.8
2017-07-21 CVE-2017-9930 Greenpacket Cross-Site Request Forgery (CSRF) vulnerability in Greenpacket Dx-350 Firmware 2.8.9.5G1.4.8Atheeb

Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP.

6.8
2017-07-20 CVE-2017-7068 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7061 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7056 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7055 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7052 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7049 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7048 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7047 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7046 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7043 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7040 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7039 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7037 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7034 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7033 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7031 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7030 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7020 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7019 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7018 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7016 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7015 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7013 Apple
Microsoft
Out-Of-Bounds Read vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7012 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7010 Apple
Microsoft
Out-Of-Bounds Read vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-7008 Apple Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos

An issue was discovered in certain Apple products.

6.8
2017-07-20 CVE-2017-9765 Genivia Integer Overflow OR Wraparound vulnerability in Genivia Gsoap

Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document, aka Devil's Ivy.

6.8
2017-07-19 CVE-2017-11464 Gnome Divide BY Zero vulnerability in Gnome Librsvg 2.40.17

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

6.8
2017-07-19 CVE-2017-1218 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.8
2017-07-19 CVE-2017-11450 Imagemagick Improper Input Validation vulnerability in Imagemagick

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.

6.8
2017-07-19 CVE-2017-11449 Imagemagick Improper Input Validation vulnerability in Imagemagick

coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.

6.8
2017-07-18 CVE-2017-10708 Apport Project Path Traversal vulnerability in Apport Project Apport

An issue was discovered in Apport through 2.20.x.

6.8
2017-07-18 CVE-2017-10961 Project Redcap Cross-Site Request Forgery (CSRF) vulnerability in Project-Redcap Redcap

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components.

6.8
2017-07-18 CVE-2017-11403 Graphicsmagick USE After Free vulnerability in Graphicsmagick 1.3.26

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

6.8
2017-07-17 CVE-2017-9810 Kaspersky Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Anti-Virus FOR Linux Server

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312).

6.8
2017-07-17 CVE-2017-9671 Alpinelinux Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Alpinelinux Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.

6.8
2017-07-17 CVE-2017-9669 Alpinelinux Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Alpinelinux Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.

6.8
2017-07-17 CVE-2017-11399 Ffmpeg Out-Of-Bounds Read vulnerability in Ffmpeg

Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.

6.8
2017-07-17 CVE-2017-7666 Apache Cross-Site Request Forgery (CSRF) vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

6.8
2017-07-17 CVE-2017-11345 Asuswrt Merlin Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Asuswrt-Merlin Project products

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.

6.8
2017-07-17 CVE-2017-11335 Libtiff Out-Of-Bounds Write vulnerability in Libtiff 4.0.8

There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c).

6.8
2017-07-17 CVE-2017-11318 Cobiansoft OS Command Injection vulnerability in Cobiansoft Cobian Backup 11

Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed.

6.8
2017-07-17 CVE-2017-11311 Openmpt Buffer Errors vulnerability in Openmpt Libopenmpt and Openmpt

soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.

6.8
2017-07-17 CVE-2017-1000071 Apereo Improper Authentication vulnerability in Apereo PHPcas 1.3.4

Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.

6.8
2017-07-17 CVE-2017-1000069 Oauth2 Proxy Project Cross-Site Request Forgery (CSRF) vulnerability in Oauth2 Proxy Project Oauth2 Proxy 2.1

CSRF in Bitly oauth2_proxy 2.1 during authentication flow

6.8
2017-07-17 CVE-2017-1000053 Plug Project Deserialization of Untrusted Data vulnerability in Plug Project Plug

Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session.

6.8
2017-07-17 CVE-2017-1000010 Audacityteam Uncontrolled Search Path Element vulnerability in Audacityteam Audacity

Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.

6.8
2017-07-17 CVE-2017-1000008 Chyrp Lite Project Cross-Site Request Forgery (CSRF) vulnerability in Chyrp-Lite Project Chyrp Lite 2016.04

Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password.

6.8
2017-07-21 CVE-2017-1373 IBM Unspecified vulnerability in IBM Tririga Application Platform

Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to.

6.5
2017-07-21 CVE-2017-1371 IBM Unspecified vulnerability in IBM Tririga Application Platform

Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to.

6.5
2017-07-21 CVE-2015-3639 Phpmybackuppro Improper Input Validation vulnerability in PHPmybackuppro

phpMyBackupPro 2.5 and earlier does not properly sanitize input strings, which allows remote authenticated users to execute arbitrary PHP code by storing a crafted string in a user configuration file.

6.5
2017-07-21 CVE-2015-3638 Phpmybackuppro Code Injection vulnerability in PHPmybackuppro

phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to scheduled.php, and making requests to injected scripts, or by injecting PHP into a PHP configuration variable via a PHP variable variable.

6.5
2017-07-21 CVE-2017-10993 Contao Path Traversal vulnerability in Contao CMS

Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.

6.5
2017-07-20 CVE-2017-9822 Dnnsoftware Improper Input Validation vulnerability in Dnnsoftware Dotnetnuke

DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."

6.5
2017-07-20 CVE-2017-11475 Glpi Project SQL Injection vulnerability in Glpi-Project Glpi

GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.

6.5
2017-07-18 CVE-2017-7506 Spice Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Spice Project Spice

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.

6.5
2017-07-17 CVE-2017-8004 EMC Improper Input Validation vulnerability in EMC products

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code.

6.5
2017-07-17 CVE-2017-7681 Apache SQL Injection vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection.

6.5
2017-07-17 CVE-2017-2241 Hammock
Apple
SQL Injection vulnerability in Hammock Assetview 9.2

SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via "File Transfer Web Service".

6.5
2017-07-17 CVE-2017-11347 Metinfo Unspecified vulnerability in Metinfo 5.3.17

Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php.

6.5
2017-07-17 CVE-2017-1000067 Modx SQL Injection vulnerability in Modx Revolution

MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.

6.5
2017-07-17 CVE-2017-1000031 Cacti SQL Injection vulnerability in Cacti 0.8.8B

SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters.

6.5
2017-07-17 CVE-2017-1000022 Logicaldoc Incorrect Permission Assignment FOR Critical Resource vulnerability in Logicaldoc

LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation.

6.5
2017-07-17 CVE-2017-1000021 Logicaldoc XXE vulnerability in Logicaldoc

LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents.

6.5
2017-07-17 CVE-2017-1000017 Phpmyadmin Server-Side Request Forgery (SSRF) vulnerability in PHPmyadmin

phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server

6.5
2017-07-17 CVE-2015-0249 Apache Code Injection vulnerability in Apache Roller 5.1.0/5.1.1

The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users with admin privileges for a weblog to execute arbitrary Java code via crafted Velocity Text Language (aka VTL).

6.5
2017-07-17 CVE-2017-7682 Apache Unspecified vulnerability in Apache Openmeetings 3.2.0/3.2.1

Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas.

6.4
2017-07-17 CVE-2016-6793 Apache Deserialization of Untrusted Data vulnerability in Apache Wicket

The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object.

6.4
2017-07-17 CVE-2017-11348 Octopus Path Traversal vulnerability in Octopus Deploy

In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files.

6.3
2017-07-21 CVE-2015-3640 Phpmybackuppro Code Injection vulnerability in PHPmybackuppro

phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the path, filename, and dirs parameters to scheduled.php, and making requests to injected scripts.

6.0
2017-07-19 CVE-2016-7507 Glpi Project Cross-Site Request Forgery (CSRF) vulnerability in Glpi-Project Glpi 0.90.4

Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to submit a request that could lead to the creation of an admin account in the application.

6.0
2017-07-17 CVE-2017-8034 Cloudfoundry Reliance ON Cookies Without Validation and Integrity Checking vulnerability in Cloudfoundry Capi-Release, Cf-Release and Routing-Release

The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA.

6.0
2017-07-19 CVE-2017-1223 IBM Open Redirect vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2017-07-17 CVE-2017-1000070 Oauth2 Proxy Project Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy

The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow.

5.8
2017-07-17 CVE-2017-1000061 Xmlsec Project XXE vulnerability in Xmlsec Project Xmlsec

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service

5.8
2017-07-17 CVE-2017-1000027 Koozali Open Redirect vulnerability in Koozali SME Server

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

5.8
2017-07-17 CVE-2017-1000013 Phpmyadmin Open Redirect vulnerability in PHPmyadmin

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness

5.8
2017-07-19 CVE-2017-1219 IBM XXE vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.5
2017-07-17 CVE-2017-1183 IBM SQL Injection vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used.

5.4
2017-07-17 CVE-2017-1182 IBM Unspecified vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used.

5.4
2017-07-21 CVE-2017-9415 Subsonic Cross-Site Request Forgery (CSRF) vulnerability in Subsonic 6.1.1

Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view.

5.1
2017-07-23 CVE-2017-11565 Debian Unspecified vulnerability in Debian TOR 0.2.9.111

debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same forever), which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism.

5.0
2017-07-23 CVE-2017-11556 Libsass Uncontrolled Recursion vulnerability in Libsass 3.4.5

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5.

5.0
2017-07-23 CVE-2017-11555 Libsass Improper Input Validation vulnerability in Libsass 3.4.5

There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5.

5.0
2017-07-23 CVE-2017-11554 Libsass Uncontrolled Recursion vulnerability in Libsass 3.4.5

There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5.

5.0
2017-07-23 CVE-2017-11553 Exiv2 Improper Input Validation vulnerability in Exiv2 0.26

There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26.

5.0
2017-07-22 CVE-2017-3221 Inmarsat SQL Injection vulnerability in Inmarsat Amosconnect 8

Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords.

5.0
2017-07-22 CVE-2017-11521 Resiprocate Resource Exhaustion vulnerability in Resiprocate 1.10.2

The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections.

5.0
2017-07-22 CVE-2016-10400 Atutor Path Traversal vulnerability in Atutor

Directory Traversal exists in ATutor before 2.2.2 via the icon parameter to /mods/_core/courses/users/create_course.php.

5.0
2017-07-21 CVE-2017-7523 Cygwin Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cygwin

Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string.

5.0
2017-07-21 CVE-2017-11519 TP Link Incorrect Usage of Seeds in Pseudo-Random Number Generator (Prng) vulnerability in Tp-Link Archer C9 (2.0) Firmware 160517

passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed.

5.0
2017-07-21 CVE-2017-1267 IBM Improper Input Validation vulnerability in IBM Security Guardium

IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code.

5.0
2017-07-21 CVE-2015-5300 Fedoraproject
Suse
Opensuse
Redhat
Debian
Canonical
NTP
7PK - Time and State vulnerability in multiple Linux Systems

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

5.0
2017-07-21 CVE-2015-5219 Fedoraproject
Suse
Redhat
Debian
Canonical
NTP
Novell
Opensuse
Siemens
Oracle
Incorrect Type Conversion OR Cast vulnerability in multiple products

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

5.0
2017-07-21 CVE-2015-5195 Fedoraproject
Redhat
Debian
Canonical
NTP
Improper Input Validation vulnerability in multiple products

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

5.0
2017-07-21 CVE-2015-5194 Fedoraproject
Suse
Redhat
Debian
Canonical
NTP
Improper Input Validation vulnerability in multiple products

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

5.0
2017-07-21 CVE-2015-3198 Redhat Information Exposure vulnerability in Redhat Jboss Wildfly Application Server 9.0.0

The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL.

5.0
2017-07-20 CVE-2017-11502 Cisco Information Exposure vulnerability in Cisco Dpc3928Ad Docsis Wireless Router Firmware

Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321.

5.0
2017-07-20 CVE-2017-11468 Docker Allocation of Resources Without Limits OR Throttling vulnerability in Docker Registry

Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.

5.0
2017-07-20 CVE-2017-11500 Metinfo Path Traversal vulnerability in Metinfo 5.3.17

A directory traversal vulnerability exists in MetInfo 5.3.17.

5.0
2017-07-20 CVE-2017-7063 Apple Resource Exhaustion vulnerability in Apple Iphone OS and Watchos

An issue was discovered in certain Apple products.

5.0
2017-07-20 CVE-2017-7007 Apple Resource Exhaustion vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

5.0
2017-07-20 CVE-2017-6532 Televes Insufficiently Protected Credentials vulnerability in Televes Coaxdata Gateway 1Gbps Firmware 1.02.00144.20

Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db.

5.0
2017-07-20 CVE-2017-6531 Televes Unspecified vulnerability in Televes Coaxdata Gateway 1Gbps Firmware 1.02.00144.20

On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile.

5.0
2017-07-20 CVE-2017-6530 Televes Improper Authentication vulnerability in Televes Coaxdata Gateway 1Gbps Firmware 1.02.00144.20

Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change.

5.0
2017-07-20 CVE-2017-11469 Idera Path Traversal vulnerability in Idera Uptime Infrastructure Monitor 7.8

get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.

5.0
2017-07-19 CVE-2017-1224 IBM Inadequate Encryption Strength vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2017-07-19 CVE-2017-11456 Geneko Path Traversal vulnerability in Geneko products

Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.

5.0
2017-07-19 CVE-2017-9245 Google Information Exposure vulnerability in Google News and Weather

The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL.

5.0
2017-07-18 CVE-2017-11408 Wireshark Improper Input Validation vulnerability in Wireshark

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash.

5.0
2017-07-18 CVE-2017-11407 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash.

5.0
2017-07-17 CVE-2017-9933 Joomla Information Exposure vulnerability in Joomla Joomla!

Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.

5.0
2017-07-17 CVE-2017-9812 Kaspersky Information Exposure vulnerability in Kaspersky Anti-Virus FOR Linux Server

The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.

5.0
2017-07-17 CVE-2017-9339 Owncloud Information Exposure vulnerability in Owncloud Server

A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars.

5.0
2017-07-17 CVE-2017-7947 Netapp Information Exposure vulnerability in Netapp Clustered Data Ontap 8.3.2/9.0/9.1

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.

5.0
2017-07-17 CVE-2017-10987 Freeradius Out-Of-Bounds Read vulnerability in Freeradius

An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.

5.0
2017-07-17 CVE-2017-10986 Freeradius Infinite Loop vulnerability in Freeradius

An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service.

5.0
2017-07-17 CVE-2017-10983 Freeradius Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freeradius

An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.

5.0
2017-07-17 CVE-2017-10982 Freeradius Out-Of-Bounds Read vulnerability in Freeradius

An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.

5.0
2017-07-17 CVE-2017-10981 Freeradius Missing Release of Resource After Effective Lifetime vulnerability in Freeradius

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.

5.0
2017-07-17 CVE-2017-10980 Freeradius Missing Release of Resource After Effective Lifetime vulnerability in Freeradius

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

5.0
2017-07-17 CVE-2017-10978 Freeradius
Debian
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.

5.0
2017-07-17 CVE-2017-11367 Shoco Project Out-Of-Bounds Read vulnerability in Shoco Project Shoco 20170717

The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data.

5.0
2017-07-17 CVE-2017-9951 Memcached Unspecified vulnerability in Memcached

The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read.

5.0
2017-07-17 CVE-2017-9814 Cairographics
Opensuse
Out-Of-Bounds Read vulnerability in multiple products

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.

5.0
2017-07-17 CVE-2017-7688 Apache Unspecified vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 updates user password in insecure manner.

5.0
2017-07-17 CVE-2017-7685 Apache Unspecified vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH.

5.0
2017-07-17 CVE-2017-7684 Apache Resource Exhaustion vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded.

5.0
2017-07-17 CVE-2017-7683 Apache Information Exposure vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.

5.0
2017-07-17 CVE-2017-7680 Apache Unspecified vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file.

5.0
2017-07-17 CVE-2017-7673 Apache Improper Restriction of Excessive Authentication Attempts vulnerability in Apache Openmeetings

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

5.0
2017-07-17 CVE-2017-3101 Adobe Unspecified vulnerability in Adobe Connect

Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability.

5.0
2017-07-17 CVE-2017-3100 Adobe
Apple
Linux
Microsoft
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class.

5.0
2017-07-17 CVE-2017-3080 Adobe
Apple
Linux
Microsoft
Google
Information Exposure vulnerability in Adobe Flash Player

Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer.

5.0
2017-07-17 CVE-2017-2348 Juniper Resource Exhaustion vulnerability in Juniper Junos

The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet.

5.0
2017-07-17 CVE-2017-2347 Juniper Improper Input Validation vulnerability in Juniper Junos

A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured.

5.0
2017-07-17 CVE-2017-2314 Juniper Improper Input Validation vulnerability in Juniper Junos

Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart.

5.0
2017-07-17 CVE-2017-11349 Datataker Insufficiently Protected Credentials vulnerability in Datataker Dt8X Firmware 1.72.007

dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data.

5.0
2017-07-17 CVE-2017-11343 Call CC Algorithmic Complexity vulnerability in Call-Cc Chicken

Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack.

5.0
2017-07-17 CVE-2017-11342 Libsass Improper Input Validation vulnerability in Libsass 3.4.5

There is an illegal address access in ast.cpp of LibSass 3.4.5.

5.0
2017-07-17 CVE-2017-11341 Libsass Out-Of-Bounds Read vulnerability in Libsass 3.4.5

There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5.

5.0
2017-07-17 CVE-2017-10605 Juniper Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s).

5.0
2017-07-17 CVE-2017-10604 Juniper Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account.

5.0
2017-07-17 CVE-2017-1000362 Jenkins Information Exposure vulnerability in Jenkins

The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key.

5.0
2017-07-17 CVE-2017-1000080 Onosproject Unspecified vulnerability in Onosproject Onos 1.8.0/1.9.0

Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.

5.0
2017-07-17 CVE-2017-1000079 Onosproject Unspecified vulnerability in Onosproject Onos 1.8.0/1.9.0

Linux foundation ONOS 1.9.0 is vulnerable to a DoS.

5.0
2017-07-17 CVE-2017-1000068 Betterment Improper Authentication vulnerability in Betterment Testtrack 1.0

TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field.

5.0
2017-07-17 CVE-2017-1000066 Keepass Unspecified vulnerability in Keepass 1.32

The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information.

5.0
2017-07-17 CVE-2017-1000064 Kitto Project Resource Exhaustion vulnerability in Kitto Project Kitto 0.5.1

kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS

5.0
2017-07-17 CVE-2017-1000062 Kitto Project Path Traversal vulnerability in Kitto Project Kitto 0.5.1

kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution

5.0
2017-07-17 CVE-2017-1000050 Jasper Project
Fedoraproject
Redhat
Canonical
Null Pointer Dereference vulnerability in multiple products

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

5.0
2017-07-17 CVE-2017-1000048 QS Project Improper Input Validation vulnerability in QS Project QS

the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS.

5.0
2017-07-17 CVE-2017-1000046 Mautic Unspecified vulnerability in Mautic

Mautic 2.6.1 and earlier fails to set flags on session cookies

5.0
2017-07-17 CVE-2017-1000030 Oracle Improper Authentication vulnerability in Oracle Glassfish Server 3.0.1

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.

5.0
2017-07-17 CVE-2017-1000029 Oracle Information Exposure vulnerability in Oracle Glassfish Server 3.0.1

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

5.0
2017-07-17 CVE-2017-1000028 Oracle Path Traversal vulnerability in Oracle Glassfish Server 4.1

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

5.0
2017-07-17 CVE-2017-1000026 Progress Path Traversal vulnerability in Progress Mixlib-Archive 0.1.0/0.2.0/0.3.0

Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries

5.0
2017-07-17 CVE-2017-1000025 Gnome Information Exposure vulnerability in Gnome Epiphany

GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.

5.0
2017-07-17 CVE-2017-1000024 Gnome Cleartext Transmission of Sensitive Information vulnerability in Gnome Shotwell

Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission

5.0
2017-07-17 CVE-2017-1000018 Phpmyadmin Improper Input Validation vulnerability in PHPmyadmin

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name

5.0
2017-07-17 CVE-2017-1000016 Phpmyadmin Improper Input Validation vulnerability in PHPmyadmin

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies.

5.0
2017-07-17 CVE-2017-1000014 Phpmyadmin Improper Input Validation vulnerability in PHPmyadmin

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality

5.0
2017-07-17 CVE-2017-1000001 Fedoraproject Improper Input Validation vulnerability in Fedoraproject Fedmsg

FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on.

5.0
2017-07-21 CVE-2017-7542 Linux Infinite Loop vulnerability in Linux Kernel

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

4.9
2017-07-21 CVE-2015-1323 Canonical Information Exposure vulnerability in Canonical Ubuntu Linux

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to obtain sensitive information, or access files with root permissions.

4.9
2017-07-18 CVE-2017-11421 Gnome EXE Thumbnailer Project Code Injection vulnerability in Gnome-Exe-Thumbnailer Project Gnome-Exe-Thumbnailer

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue.

4.6
2017-07-17 CVE-2017-1000052 Plug Project Injection vulnerability in Plug Project Plug

Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.

4.6
2017-07-23 CVE-2017-11576 Fontforge Buffer Errors vulnerability in Fontforge 20161012

FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.

4.3
2017-07-23 CVE-2017-11540 Imagemagick Out-Of-Bounds Read vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

4.3
2017-07-23 CVE-2017-11539 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.

4.3
2017-07-23 CVE-2017-11538 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.

4.3
2017-07-23 CVE-2017-11537 Imagemagick Incorrect Calculation vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.

4.3
2017-07-23 CVE-2017-11536 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.

4.3
2017-07-23 CVE-2017-11535 Imagemagick Out-Of-Bounds Read vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c.

4.3
2017-07-23 CVE-2017-11534 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.

4.3
2017-07-23 CVE-2017-11533 Imagemagick Out-Of-Bounds Read vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.

4.3
2017-07-23 CVE-2017-11532 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.

4.3
2017-07-23 CVE-2017-11531 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.61

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.

4.3
2017-07-23 CVE-2017-11529 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick

The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

4.3
2017-07-23 CVE-2017-11528 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick

The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

4.3
2017-07-23 CVE-2017-11524 Imagemagick Reachable Assertion vulnerability in Imagemagick

The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.

4.3
2017-07-22 CVE-2017-11522 Imagemagick Null Pointer Dereference vulnerability in Imagemagick

The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

4.3
2017-07-22 CVE-2017-2274 Buffalo Cross-Site Scripting vulnerability in Buffalo Wmr-433 Firmware and Wmr-433W Firmware

Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-07-21 CVE-2017-11516 Yiiframework Cross-Site Scripting vulnerability in Yiiframework YII 2.0.12

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception->errorInfo is mishandled.

4.3
2017-07-21 CVE-2015-3421 Eshop Project Cross-Site Scripting vulnerability in Eshop Project Eshop

The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting (XSS) attacks, or a path disclosure attack via crafted variables named after target PHP variables.

4.3
2017-07-21 CVE-2017-9931 Greenpacket Cross-Site Scripting vulnerability in Greenpacket Dx-350 Firmware 2.8.9.5G1.4.8Atheeb

Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi.

4.3
2017-07-20 CVE-2017-11503 Phpmailer Project Cross-Site Scripting vulnerability in PHPmailer Project PHPmailer 5.2.23

PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php.

4.3
2017-07-20 CVE-2017-11501 Nixos Project Improper Certificate Validation vulnerability in Nixos Project Nixos

NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP.

4.3
2017-07-20 CVE-2017-0378 Phamm Cross-Site Scripting vulnerability in Phamm

XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.

4.3
2017-07-20 CVE-2017-7067 Apple Unspecified vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7064 Apple
Microsoft
Improper Input Validation vulnerability in Apple Iphone OS, Itunes and Safari

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7060 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7059 Apple Cross-Site Scripting vulnerability in Apple Iphone OS, Safari and Tvos

A DOMParser XSS issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7045 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7038 Apple Cross-Site Scripting vulnerability in Apple products

A DOMParser XSS issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7036 Apple Out-Of-Bounds Read vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7029 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7028 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-7011 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-2517 Apple Improper Input Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2017-07-20 CVE-2017-10676 D Link Cross-Site Scripting vulnerability in D-Link Dir-600M Firmware Fw3.05B01

On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.

4.3
2017-07-19 CVE-2017-1203 IBM Cross-Site Scripting vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications is vulnerable to cross-site scripting.

4.3
2017-07-19 CVE-2016-5394 Apache Cross-Site Scripting vulnerability in Apache Sling

In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.

4.3
2017-07-19 CVE-2017-9764 Metinfo Cross-Site Scripting vulnerability in Metinfo 5.3.17

Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remote attackers to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in a para action.

4.3
2017-07-19 CVE-2017-11448 Imagemagick Information Exposure vulnerability in Imagemagick

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

4.3
2017-07-19 CVE-2017-11447 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick

The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.

4.3
2017-07-19 CVE-2017-10801 Phpsocial Cross-Site Scripting vulnerability in PHPsocial

phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI.

4.3
2017-07-18 CVE-2017-11423 Libmspack Project
Clamav
Out-Of-Bounds Read vulnerability in Libmspack Project Libmspack 0.5

The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.

4.3
2017-07-18 CVE-2017-10962 Project Redcap Cross-Site Scripting vulnerability in Project-Redcap Redcap

REDCap before 7.5.1 has XSS via the query string.

4.3
2017-07-17 CVE-2017-9934 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

4.3
2017-07-17 CVE-2017-9813 Kaspersky Cross-Site Scripting vulnerability in Kaspersky Anti-Virus FOR Linux Server

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

4.3
2017-07-17 CVE-2017-8896 Owncloud Cross-Site Scripting vulnerability in Owncloud

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

4.3
2017-07-17 CVE-2017-8006 EMC Improper Authentication vulnerability in EMC RSA Authentication Manager 8.1/8.2

In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN.

4.3
2017-07-17 CVE-2017-7663 Apache Cross-Site Scripting vulnerability in Apache Openmeetings 3.2.0/3.2.1

Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.

4.3
2017-07-17 CVE-2017-3103 Adobe Cross-Site Scripting vulnerability in Adobe Connect

Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability.

4.3
2017-07-17 CVE-2017-3102 Adobe Cross-Site Scripting vulnerability in Adobe Connect

Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability.

4.3
2017-07-17 CVE-2017-2346 Juniper Unspecified vulnerability in Juniper Junos

An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG).

4.3
2017-07-17 CVE-2017-2342 Juniper Unspecified vulnerability in Juniper Junos 15.1X49

MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established.

4.3
2017-07-17 CVE-2017-11360 Imagemagick Excessive Iteration vulnerability in Imagemagick 7.0.61

The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.

4.3
2017-07-17 CVE-2017-11353 Yadm Project Race Condition vulnerability in Yadm Project Yadm 1.10.0

yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.

4.3
2017-07-17 CVE-2017-11352 Imagemagick
Debian
Canonical
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
4.3
2017-07-17 CVE-2017-11340 Exiv2 Improper Input Validation vulnerability in Exiv2 0.26

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call.

4.3
2017-07-17 CVE-2017-11339 Exiv2 Buffer Errors vulnerability in Exiv2 0.26

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26.

4.3
2017-07-17 CVE-2017-11338 Exiv2 Infinite Loop vulnerability in Exiv2 0.26

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26.

4.3
2017-07-17 CVE-2017-11337 Exiv2 USE After Free vulnerability in Exiv2 0.26

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26.

4.3
2017-07-17 CVE-2017-11336 Exiv2 Out-Of-Bounds Read vulnerability in Exiv2 0.26

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26.

4.3
2017-07-17 CVE-2017-11328 Virustotal Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Virustotal Yara

Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.

4.3
2017-07-17 CVE-2017-1000078 Onosproject Cross-Site Scripting vulnerability in Onosproject Onos 1.8.0/1.9.0

Linux foundation ONOS 1.9 is vulnerable to XSS in the device.

4.3
2017-07-17 CVE-2017-1000065 Openmediavault Cross-Site Scripting vulnerability in Openmediavault 2.1

Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser.

4.3
2017-07-17 CVE-2017-1000063 Kitto Project Cross-Site Scripting vulnerability in Kitto Project Kitto 0.5.1

kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure

4.3
2017-07-17 CVE-2017-1000059 Livehelperchat Cross-Site Scripting vulnerability in Livehelperchat Live Helper Chat

Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users.

4.3
2017-07-17 CVE-2017-1000058 Chevereto Cross-Site Scripting vulnerability in Chevereto

Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser.

4.3
2017-07-17 CVE-2017-1000054 Rocketchat Cross-Site Scripting vulnerability in Rocketchat Rocket.Chat

Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.

4.3
2017-07-17 CVE-2017-1000051 Xwiki Cross-Site Scripting vulnerability in Xwiki Cryptpad

Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content

4.3
2017-07-17 CVE-2017-1000043 Mapbox Cross-Site Scripting vulnerability in Mapbox Mapbox.Js

Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control

4.3
2017-07-17 CVE-2017-1000042 Mapbox Project Cross-Site Scripting vulnerability in Mapbox Project Mapbox

Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON Name.

4.3
2017-07-17 CVE-2017-1000038 Relevanssi Cross-Site Scripting vulnerability in Relevanssi 3.5.7.1

WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site

4.3
2017-07-17 CVE-2017-1000035 TT RSS Cross-Site Scripting vulnerability in Tt-Rss Tiny RSS

Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack

4.3
2017-07-17 CVE-2017-1000033 Vospari Forms Project Cross-Site Scripting vulnerability in Vospari Forms Project Vospari Forms

Wordpress Plugin Vospari Forms version < 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user.

4.3
2017-07-17 CVE-2017-1000032 Cacti Cross-Site Scripting vulnerability in Cacti 0.8.8B

Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.

4.3
2017-07-17 CVE-2017-1000015 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters

4.3
2017-07-17 CVE-2017-1000012 Mysqldumper Cross-Site Scripting vulnerability in Mysqldumper 1.24

MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying the data in the database to the user

4.3
2017-07-17 CVE-2017-1000011 Mywebsql Cross-Site Scripting vulnerability in Mywebsql 3.6

MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information

4.3
2017-07-17 CVE-2017-1000007 Twistedmatrix Improper Certificate Validation vulnerability in Twistedmatrix Txaws

txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and information disclosure.

4.3
2017-07-17 CVE-2017-1000006 Plotly Cross-Site Scripting vulnerability in Plotly Plotly.Js

Plotly, Inc.

4.3
2017-07-17 CVE-2017-1000005 Phpminiadmin Project Cross-Site Scripting vulnerability in PHPminiadmin Project PHPminiadmin 1.9.160930

PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the name of databases, tables and columns resulting in potential account takeover and scraping of data (stealing data).

4.3
2017-07-17 CVE-2017-0196 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

4.3
2017-07-17 CVE-2015-5152 Theforeman Information Exposure vulnerability in Theforeman Foreman

Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.

4.3
2017-07-21 CVE-2017-1374 IBM Information Exposure vulnerability in IBM Tririga Application Platform

Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system.

4.0
2017-07-19 CVE-2016-6018 IBM Information Exposure vulnerability in IBM Emptoris Contract Management

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks.

4.0
2017-07-19 CVE-2017-11440 Sitecore Path Traversal vulnerability in Sitecore CMS 8.2

In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi parameter and the admin/LinqScratchPad.aspx Reference parameter.

4.0
2017-07-18 CVE-2017-5246 Biscom Injection vulnerability in Biscom Secure File Transfer

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field.

4.0
2017-07-18 CVE-2017-11405 Cmsmadesimple Unrestricted Upload of File With Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.2

In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a CMSContentManager action to admin/moduleinterface.php, followed by a FilePicker action to admin/moduleinterface.php in which type=image is changed to type=file.

4.0
2017-07-18 CVE-2017-11404 Cmsmadesimple Unrestricted Upload of File With Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.2

In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php.

4.0
2017-07-17 CVE-2017-9340 Owncloud Unspecified vulnerability in Owncloud Server

An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2.

4.0
2017-07-17 CVE-2017-7532 Moodle Improper Privilege Management vulnerability in Moodle

In Moodle 3.x, course creators are able to change system default settings for courses.

4.0
2017-07-17 CVE-2017-7531 Moodle Information Exposure vulnerability in Moodle 3.3.0

In Moodle 3.3, the course overview block reveals activities in hidden courses.

4.0
2017-07-17 CVE-2017-2642 Moodle Information Exposure vulnerability in Moodle

Moodle 3.x has user fullname disclosure on the user preferences page.

4.0
2017-07-17 CVE-2017-2240 Hammock
Apple
Path Traversal vulnerability in Hammock Assetview 9.2

Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service".

4.0
2017-07-17 CVE-2016-6312 Redhat Resource Exhaustion vulnerability in Redhat Enterprise Linux 5.11

The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with access to the webdav repository to cause a denial of service (memory consumption and httpd crash).

4.0

29 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-07-20 CVE-2017-11472 Linux Improper Handling of Exceptional Conditions vulnerability in Linux Kernel

The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

3.6
2017-07-21 CVE-2017-1372 IBM Cross-Site Scripting vulnerability in IBM Tririga Application Platform

IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting.

3.5
2017-07-19 CVE-2016-7509 Glpi Project Cross-Site Scripting vulnerability in Glpi-Project Glpi 0.90.4

Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket.

3.5
2017-07-19 CVE-2017-11441 Cpanel Cross-Site Scripting vulnerability in Cpanel WHM

The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297.

3.5
2017-07-19 CVE-2017-11439 Sitecore Cross-Site Scripting vulnerability in Sitecore CMS 8.2

In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.

3.5
2017-07-18 CVE-2017-5247 Biscom Cross-Site Scripting vulnerability in Biscom Secure File Transfer

Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field.

3.5
2017-07-17 CVE-2017-9609 Blackcat CMS Cross-Site Scripting vulnerability in Blackcat-Cms Blackcat CMS 1.2

Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.

3.5
2017-07-17 CVE-2017-9338 Owncloud Cross-Site Scripting vulnerability in Owncloud Server

Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2.

3.5
2017-07-17 CVE-2017-11128 Bolt Cross-Site Scripting vulnerability in Bolt CMS 3.2.14

Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.

3.5
2017-07-17 CVE-2017-11127 Bolt Cross-Site Scripting vulnerability in Bolt CMS 3.2.14

Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header.

3.5
2017-07-17 CVE-2017-8005 EMC Cross-Site Scripting vulnerability in EMC products

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) are affected by multiple stored cross-site scripting vulnerabilities.

3.5
2017-07-17 CVE-2017-8000 EMC Cross-Site Scripting vulnerability in EMC RSA Authentication Manager 8.1/8.2

In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database.

3.5
2017-07-17 CVE-2017-2339 Juniper Cross-Site Scripting vulnerability in Juniper Screenos 6.3.0

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.

3.5
2017-07-17 CVE-2017-2338 Juniper Cross-Site Scripting vulnerability in Juniper Screenos 6.3.0

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.

3.5
2017-07-17 CVE-2017-2337 Juniper Cross-Site Scripting vulnerability in Juniper Screenos 6.3.0

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.

3.5
2017-07-17 CVE-2017-2336 Juniper Cross-Site Scripting vulnerability in Juniper Screenos 6.3.0

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator.

3.5
2017-07-17 CVE-2017-2335 Juniper Cross-Site Scripting vulnerability in Juniper Screenos 6.3.0

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.

3.5
2017-07-17 CVE-2017-1000023 Logicaldoc Cross-Site Scripting vulnerability in Logicaldoc

LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document.

3.5
2017-07-20 CVE-2017-7006 Apple Information Exposure Through Discrepancy vulnerability in Apple products

An issue was discovered in certain Apple products.

2.6
2017-07-17 CVE-2017-3742 Lenovo
Microsoft
Google
Information Exposure vulnerability in Lenovo Connect2

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location.

2.3
2017-07-21 CVE-2017-1381 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served.

2.1
2017-07-21 CVE-2015-3170 Selinux Project 7PK - Security Features vulnerability in Selinux Project Selinux

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

2.1
2017-07-20 CVE-2017-7058 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2017-07-19 CVE-2017-1309 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Master Data Management Server

IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user.

2.1
2017-07-17 CVE-2016-0764 Redhat Race Condition vulnerability in Redhat Networkmanager

Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.

2.1
2017-07-17 CVE-2017-1181 IBM Cleartext Transmission of Sensitive Information vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7

IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted.

1.9
2017-07-17 CVE-2016-4996 Redhat Credentials Management vulnerability in Redhat Satellite 6.3

discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.

1.9
2017-07-17 CVE-2016-4984 Openldap
Redhat
Race Condition vulnerability in Openldap Openldap-Servers

/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.

1.9
2017-07-17 CVE-2016-4982 Teether Race Condition vulnerability in Teether Authd

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.

1.9