Weekly Vulnerabilities Reports > July 31 to August 6, 2017
Overview
247 new vulnerabilities reported during this period, including 25 critical vulnerabilities and 45 high severity vulnerabilities. This weekly summary report vulnerabilities in 219 products from 105 vendors including IBM, Cisco, Trendmicro, Imagemagick, and SMA. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Cross-Site Request Forgery (CSRF)".
- 219 reported vulnerabilities are remotely exploitables.
- 17 reported vulnerabilities have public exploit available.
- 68 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 212 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 26 reported vulnerabilities.
- SMA has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
25 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-03 | CVE-2017-11394 | Trendmicro | Improper Input Validation vulnerability in Trendmicro Officescan 11.0/12.0 Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. | 10.0 |
2017-08-03 | CVE-2017-11393 | Trendmicro | Improper Input Validation vulnerability in Trendmicro Officescan 11.0/12.0 Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. | 10.0 |
2017-08-03 | CVE-2017-11105 | Oneplus | Unspecified vulnerability in Oneplus Primary Bootloader The OnePlus 2 Primary Bootloader (PBL) does not validate the SBL1 partition before executing it, although it contains a certificate. | 10.0 |
2017-08-02 | CVE-2017-9769 | Razerzone | Unspecified vulnerability in Razer Synapse 2.20.15.1104 A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. | 10.0 |
2017-08-02 | CVE-2017-8390 | Paloaltonetworks | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via a crafted domain name. | 10.0 |
2017-07-31 | CVE-2017-9483 | Cisco | OS Command Injection vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system via shell metacharacters in commands. | 10.0 |
2017-07-31 | CVE-2017-9482 | Cisco | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain root access to the Network Processor (NP) Linux system by enabling a TELNET daemon (through CVE-2017-9479 exploitation) and then establishing a TELNET session. | 10.0 |
2017-07-31 | CVE-2017-9479 | Cisco | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem. | 10.0 |
2017-08-05 | CVE-2017-9861 | SMA | Injection vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9860 | SMA | Improper Authentication vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9859 | SMA | Use of a Broken or Risky Cryptographic Algorithm vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9856 | SMA | Unspecified vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9855 | SMA | Unspecified vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9854 | SMA | Missing Encryption of Sensitive Data vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9853 | SMA | Weak Password Requirements vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-9852 | SMA | Use of Hard-coded Credentials vulnerability in SMA products An Incorrect Password Management issue was discovered in SMA Solar Technology products. | 9.8 |
2017-08-05 | CVE-2017-12562 | Libsndfile Project Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 9.8 |
2017-08-06 | CVE-2017-12581 | Electron | OS Command Injection vulnerability in Electron GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. | 9.3 |
2017-08-04 | CVE-2017-2221 | Baidu | Untrusted Search Path vulnerability in Baidu IME Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-04 | CVE-2017-10820 | IPA | Untrusted Search Path vulnerability in IPA IP Messenger Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-02 | CVE-2017-2288 | Lhaforge Project | Uncontrolled Search Path Element vulnerability in Lhaforge Project Lhaforge Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-02 | CVE-2017-2287 | Sony | Uncontrolled Search Path Element vulnerability in Sony NFC Port Software Remover Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-02 | CVE-2017-2286 | Sony | Uncontrolled Search Path Element vulnerability in Sony products Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-02 | CVE-2017-2279 | Kiri | Untrusted Search Path vulnerability in Kiri Tween Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-01 | CVE-2017-8663 | Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a remote code execution vulnerability due to the way Microsoft Outlook parses specially crafted email messages, aka "Microsoft Office Outlook Memory Corruption Vulnerability" | 9.3 |
45 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-05 | CVE-2017-9863 | SMA | Cross-Site Request Forgery (CSRF) vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 8.8 |
2017-08-02 | CVE-2017-2138 | CS Cart | Cross-Site Request Forgery (CSRF) vulnerability in Cs-Cart and Cs-Cart Multivendor Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2017-08-02 | CVE-2017-2281 | Iodata | OS Command Injection vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 8.3 |
2017-08-02 | CVE-2017-2280 | Iodata | Use of Hard-coded Credentials vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | 8.3 |
2017-08-05 | CVE-2017-9857 | SMA | Improper Authentication vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 8.1 |
2017-08-06 | CVE-2017-12480 | Sandboxie | Untrusted Search Path vulnerability in Sandboxie Installer 5071703 Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory. | 7.8 |
2017-08-06 | CVE-2017-12568 | Brother | Unspecified vulnerability in Brother Dcp-J132W Firmware 1.20 Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by sending a large amount of HTTP packets. | 7.8 |
2017-08-04 | CVE-2017-12435 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service. | 7.8 |
2017-08-04 | CVE-2017-12430 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service. | 7.8 |
2017-08-04 | CVE-2017-12429 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service. | 7.8 |
2017-07-31 | CVE-2017-1227 | IBM | Allocation of Resources Without Limits or Throttling vulnerability in IBM Bigfix Platform 9.1/9.2/9.5 IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. | 7.8 |
2017-08-06 | CVE-2017-12588 | Rsyslog | Use of Externally-Controlled Format String vulnerability in Rsyslog The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | 7.5 |
2017-08-05 | CVE-2017-9864 | SMA | Unspecified vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 7.5 |
2017-08-05 | CVE-2017-9862 | SMA | Information Exposure vulnerability in SMA Sunny Explorer An issue was discovered in SMA Solar Technology products. | 7.5 |
2017-08-05 | CVE-2017-9858 | SMA | Information Exposure vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 7.5 |
2017-08-05 | CVE-2017-9851 | SMA | Unspecified vulnerability in SMA Sunny Explorer An issue was discovered in SMA Solar Technology products. | 7.5 |
2017-08-04 | CVE-2017-10818 | Intercom | Use of Hard-coded Credentials vulnerability in Intercom Malion 5.2.1 MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service. | 7.5 |
2017-08-04 | CVE-2017-10817 | Intercom | Improper Authentication vulnerability in Intercom Malion 5.2.1 MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to bypass authentication to alter settings in Relay Service Server. | 7.5 |
2017-08-04 | CVE-2017-10816 | Intercom | SQL Injection vulnerability in Intercom Malion 5.2.1 SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server. | 7.5 |
2017-08-04 | CVE-2017-12424 | Shadow Project Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. | 7.5 |
2017-08-03 | CVE-2017-12414 | Pcfreetime | Untrusted Search Path vulnerability in Pcfreetime Format Factory 4.1.0 Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll. | 7.5 |
2017-08-03 | CVE-2017-11721 | Ioquake3 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ioquake3 20170227 Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet. | 7.5 |
2017-08-02 | CVE-2017-11389 | Trendmicro | Path Traversal vulnerability in Trendmicro Control Manager 6.0 Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. | 7.5 |
2017-08-02 | CVE-2017-11386 | Trendmicro | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. | 7.5 |
2017-08-02 | CVE-2017-11385 | Trendmicro | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. | 7.5 |
2017-08-02 | CVE-2017-11384 | Trendmicro | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. | 7.5 |
2017-08-02 | CVE-2017-11383 | Trendmicro | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. | 7.5 |
2017-08-02 | CVE-2015-1174 | Unit4 | Session Fixation vulnerability in Unit4 Teta web Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id. | 7.5 |
2017-08-02 | CVE-2017-11494 | SOL Connect | SQL Injection vulnerability in Sol-Connect Sol.Connect Iset-Mpp Meter Firmware 1.2.4.2 SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action. | 7.5 |
2017-08-02 | CVE-2017-12199 | Etoilewebdesign | SQL Injection vulnerability in Etoilewebdesign Ultimate Product Catalog 4.2.11 The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item, tag_group_update_order list_item, category_products_update_order category-product-item, custom_fields_update_order field-item, categories_update_order category-item, subcategories_update_order subcategory-item, and tags_update_order tag-list-item. | 7.5 |
2017-08-01 | CVE-2017-11381 | Trendmicro | OS Command Injection vulnerability in Trendmicro Deep Discovery Director 1.1 A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console. | 7.5 |
2017-08-01 | CVE-2017-11380 | Trendmicro | Use of Hard-coded Credentials vulnerability in Trendmicro Deep Discovery Director 1.1 Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1. | 7.5 |
2017-08-01 | CVE-2017-11129 | Stashcat | Use of Hard-coded Credentials vulnerability in Stashcat Heinekingmedia 1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. | 7.5 |
2017-08-01 | CVE-2017-12065 | Cacti | Unspecified vulnerability in Cacti spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter. | 7.5 |
2017-07-31 | CVE-2017-11757 | Actian | Integer Underflow (Wrap or Wraparound) vulnerability in Actian Pervasive Psql and ZEN Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. | 7.5 |
2017-07-31 | CVE-2017-11743 | Medhost | Use of Hard-coded Credentials vulnerability in Medhost Connex MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. | 7.5 |
2017-07-31 | CVE-2017-9521 | Cisco Commscope | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows remote attackers to execute arbitrary code via a specific (but unstated) exposed service. | 7.5 |
2017-08-02 | CVE-2017-7642 | Hashicorp | Untrusted Search Path vulnerability in Hashicorp Vagrant VMWare Fusion The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. | 7.2 |
2017-07-31 | CVE-2017-9497 | Cisco Motorola | Improper Input Validation vulnerability in Cisco Mx011Anm Firmware Mx011An2.9P6S1Prodsey The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route. | 7.2 |
2017-08-05 | CVE-2017-12563 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.62 In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service. | 7.1 |
2017-08-04 | CVE-2017-12432 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service. | 7.1 |
2017-08-02 | CVE-2017-12140 | Imagemagick | Incorrect Conversion between Numeric Types vulnerability in Imagemagick 7.0.61 The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file. | 7.1 |
2017-07-31 | CVE-2017-11549 | Timidity Project | Excessive Iteration vulnerability in Timidity++ Project Timidity++ 2.14.0 The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mid file. | 7.1 |
2017-07-31 | CVE-2017-11118 | Openexif Project | Infinite Loop vulnerability in Openexif Project Openexif 2.1.4 The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted jpg file. | 7.1 |
2017-08-05 | CVE-2017-7533 | Linux | Race Condition vulnerability in Linux Kernel Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. | 7.0 |
160 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-06 | CVE-2017-10677 | Linksys | Cross-Site Request Forgery (CSRF) vulnerability in Linksys Ea4500 Firmware 2.0.36 Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP. | 6.8 |
2017-08-06 | CVE-2017-12587 | Imagemagick | Excessive Iteration vulnerability in Imagemagick 7.0.61 ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. | 6.8 |
2017-08-06 | CVE-2017-12584 | Slims | Cross-Site Request Forgery (CSRF) vulnerability in Slims Senayan Library Management System There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. | 6.8 |
2017-08-04 | CVE-2017-12482 | Ledger CLI | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ledger-Cli Ledger 3.1.1 The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
2017-08-04 | CVE-2017-12481 | Ledger CLI | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ledger-Cli Ledger 3.1.1 The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
2017-08-04 | CVE-2017-10815 | Intercom | Improper Authentication vulnerability in Intercom Malion MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent. | 6.8 |
2017-08-04 | CVE-2017-12459 | GNU | Out-of-bounds Write vulnerability in GNU Binutils The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | 6.8 |
2017-08-04 | CVE-2017-12458 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | 6.8 |
2017-08-04 | CVE-2017-12457 | GNU | NULL Pointer Dereference vulnerability in GNU Binutils The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | 6.8 |
2017-08-04 | CVE-2017-12456 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | 6.8 |
2017-08-04 | CVE-2017-12455 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | 6.8 |
2017-08-04 | CVE-2017-12454 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | 6.8 |
2017-08-04 | CVE-2017-12453 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | 6.8 |
2017-08-04 | CVE-2017-12452 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | 6.8 |
2017-08-04 | CVE-2017-12451 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | 6.8 |
2017-08-04 | CVE-2017-12450 | GNU | Out-of-bounds Write vulnerability in GNU Binutils The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | 6.8 |
2017-08-04 | CVE-2017-12449 | GNU | Out-of-bounds Read vulnerability in GNU Binutils The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | 6.8 |
2017-08-04 | CVE-2017-12448 | GNU | Use After Free vulnerability in GNU Binutils The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. | 6.8 |
2017-08-03 | CVE-2017-7442 | Gonitro | Path Traversal vulnerability in Gonitro Nitro PRO 11.0.3.173 Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. | 6.8 |
2017-08-02 | CVE-2015-8264 | F Secure | Untrusted Search Path vulnerability in F-Secure Online Scanner Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe. | 6.8 |
2017-08-02 | CVE-2015-0839 | HP | Key Management Errors vulnerability in HP Linux Imaging and Printing The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads. | 6.8 |
2017-08-02 | CVE-2012-5030 | Cisco | Resource Management Errors vulnerability in Cisco IOS Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects. | 6.8 |
2017-08-02 | CVE-2017-1467 | IBM | Unspecified vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. | 6.8 |
2017-08-02 | CVE-2016-9981 | IBM | Session Fixation vulnerability in IBM Security Appscan IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user's session. | 6.8 |
2017-08-01 | CVE-2017-8571 | Microsoft | Improper Input Validation vulnerability in Microsoft Outlook Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka "Microsoft Office Outlook Security Feature Bypass Vulnerability". | 6.8 |
2017-08-01 | CVE-2017-11130 | Stashcat | Insufficient Verification of Data Authenticity vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 6.8 |
2017-07-31 | CVE-2017-11726 | Connectwise | Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. | 6.8 |
2017-07-31 | CVE-2017-11648 | Techroutes | Cross-Site Request Forgery (CSRF) vulnerability in Techroutes TR 1803-3G Firmware 2.4.25 Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering. | 6.8 |
2017-07-31 | CVE-2016-9716 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
2017-07-31 | CVE-2016-9714 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
2017-07-31 | CVE-2017-11116 | Openexif Project | Out-of-bounds Read vulnerability in Openexif Project Openexif 2.1.4 The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file. | 6.8 |
2017-07-31 | CVE-2017-9490 | Cisco Arris | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF. | 6.8 |
2017-07-31 | CVE-2017-9489 | Cisco Commscope | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST) devices allows configuration changes via CSRF. | 6.8 |
2017-08-06 | CVE-2017-12585 | Slims | SQL Injection vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. | 6.5 |
2017-08-03 | CVE-2017-11392 | Trendmicro | Command Injection vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 9.0/9.1 Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. | 6.5 |
2017-08-03 | CVE-2017-11391 | Trendmicro | Command Injection vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 9.0/9.1 Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. | 6.5 |
2017-08-02 | CVE-2017-11388 | Trendmicro | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. | 6.5 |
2017-08-02 | CVE-2017-11438 | Gitlab | Improper Privilege Management vulnerability in Gitlab GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an authenticated user with the ability to create a group to add themselves to any project that is inside a subgroup. | 6.5 |
2017-08-02 | CVE-2014-8903 | IBM | Command Injection vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. | 6.5 |
2017-08-02 | CVE-2016-7845 | Gigaccsecure | Permissions, Privileges, and Access Controls vulnerability in Gigaccsecure Gigacc Office 2.3 GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing. | 6.5 |
2017-08-02 | CVE-2017-11364 | Joomla | Improper Certificate Validation vulnerability in Joomla Joomla! The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | 6.5 |
2017-08-01 | CVE-2017-4921 | Vmware | Unspecified vulnerability in VMWare Vcenter Server 6.5 VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. | 6.5 |
2017-07-31 | CVE-2017-11760 | Projeqtor | Code Injection vulnerability in Projeqtor uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary PHP code by uploading a .php file composed of concatenated image data and script data, as demonstrated by uploading as an image within the description text area. | 6.5 |
2017-08-03 | CVE-2017-11382 | Trendmicro | Exposure of Resource to Wrong Sphere vulnerability in Trendmicro Deep Discovery Email Inspector 2.5.1 Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. | 6.4 |
2017-08-02 | CVE-2017-1383 | IBM | XXE vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 6.4 |
2017-08-02 | CVE-2017-2283 | Iodata | Use of Hard-coded Credentials vulnerability in Iodata Wn-G300R3 Firmware WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | 5.8 |
2017-08-02 | CVE-2017-12138 | Xoops | Open Redirect vulnerability in Xoops 2.5.8 XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter. | 5.8 |
2017-07-31 | CVE-2017-9493 | Cisco Motorola | Unspecified vulnerability in Cisco Mx011Anm Firmware Mx011An2.9P6S1Prodsey The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code. | 5.8 |
2017-07-31 | CVE-2017-9488 | Cisco | Use of Hard-coded Credentials vulnerability in Cisco Dpc3939 Firmware and Dpc3941T Firmware The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded credentials. | 5.8 |
2017-08-02 | CVE-2015-5203 | Fedoraproject Opensuse Project Opensuse Jasper Project | Double Free vulnerability in multiple products Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. | 5.5 |
2017-08-02 | CVE-2016-7844 | Gigaccsecure | OS Command Injection vulnerability in Gigaccsecure Gigacc Office 2.3 GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template. | 5.5 |
2017-08-02 | CVE-2017-12144 | Ytnef Project | Allocation of Resources Without Limits or Throttling vulnerability in Ytnef Project Ytnef 1.9.2 In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. | 5.5 |
2017-08-02 | CVE-2017-12142 | Ytnef Project | Out-of-bounds Read vulnerability in Ytnef Project Ytnef 1.9.2 In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file. | 5.5 |
2017-08-02 | CVE-2017-12141 | Ytnef Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef 1.9.2 In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. | 5.5 |
2017-07-31 | CVE-2017-11358 | Sound Exchange Project Debian | Out-of-bounds Read vulnerability in multiple products The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | 5.5 |
2017-08-02 | CVE-2017-2282 | Iodata | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata Wn-Ax1167Gr Firmware 3.00 Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | 5.2 |
2017-08-05 | CVE-2017-12439 | Socusoft | Cross-Site Request Forgery (CSRF) vulnerability in Socusoft Flash Slideshow Maker 5.20 SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. | 5.1 |
2017-08-04 | CVE-2017-10949 | Dell | Path Traversal vulnerability in Dell Storage Manager 2016 R2.1 Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. | 5.0 |
2017-08-04 | CVE-2017-12428 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c. | 5.0 |
2017-08-04 | CVE-2017-12425 | Varnish Cache Varnish Cache Project Varnish Software | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. | 5.0 |
2017-08-04 | CVE-2017-12418 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.65 ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. | 5.0 |
2017-08-04 | CVE-2015-9107 | Zohocorp | Cryptographic Issues vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. | 5.0 |
2017-08-02 | CVE-2017-11390 | Trendmicro | XXE vulnerability in Trendmicro Control Manager 6.0 XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. | 5.0 |
2017-08-02 | CVE-2017-11387 | Trendmicro | Information Exposure vulnerability in Trendmicro Control Manager 6.0 Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. | 5.0 |
2017-08-02 | CVE-2017-10664 | Qemu Debian Redhat | qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. | 5.0 |
2017-08-02 | CVE-2015-2560 | Zohocorp | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Desktop Central 9.0 Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser operation to servlets/DCOperationsServlet. | 5.0 |
2017-08-02 | CVE-2017-1118 | IBM | Unspecified vulnerability in IBM Websphere MQ Internet Pass-Thru 2.0/2.1 IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. | 5.0 |
2017-08-01 | CVE-2017-4923 | Vmware | Information Exposure vulnerability in VMWare Vcenter Server 6.5 VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. | 5.0 |
2017-08-01 | CVE-2017-11379 | Trendmicro | Insufficient Verification of Data Authenticity vulnerability in Trendmicro Deep Discovery Director 1.1 Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1. | 5.0 |
2017-08-01 | CVE-2017-11135 | Stashcat | Missing Authorization vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 5.0 |
2017-08-01 | CVE-2017-11133 | Stashcat | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 5.0 |
2017-08-01 | CVE-2017-11132 | Heinekingmedia | Improper Certificate Validation vulnerability in Heinekingmedia Stashcat An issue was discovered in heinekingmedia StashCat before 1.5.18 for Android. | 5.0 |
2017-08-01 | CVE-2017-12067 | Potrace Project | Out-of-bounds Read vulnerability in Potrace Project Potrace 1.14 Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | 5.0 |
2017-08-01 | CVE-2017-12064 | Open EMR | Improper Encoding or Escaping of Output vulnerability in Open-Emr Openemr 5.0.0 The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name. | 5.0 |
2017-07-31 | CVE-2017-1460 | IBM | Improper Input Validation vulnerability in IBM I IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. | 5.0 |
2017-07-31 | CVE-2017-11670 | Eapmd5Pass Project | Out-of-bounds Read vulnerability in Eapmd5Pass Project Eapmd5Pass 1.4 A length validation (leading to out-of-bounds read and write) flaw was found in the way eapmd5pass 1.4 handled network traffic in the extract_eapusername function. | 5.0 |
2017-07-31 | CVE-2017-11669 | Eapmd5Pass Project | Out-of-bounds Read vulnerability in Eapmd5Pass Project Eapmd5Pass 1.4 An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in the way eapmd5pass 1.4 handled processing of network packets. | 5.0 |
2017-07-31 | CVE-2017-11668 | Eapmd5Pass Project | Out-of-bounds Read vulnerability in Eapmd5Pass Project Eapmd5Pass 1.4 An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:134 was found in the way eapmd5pass 1.4 handled processing of network packets. | 5.0 |
2017-07-31 | CVE-2017-9522 | Spectrum | Unspecified vulnerability in Spectrum Tc8717T Firmware The Time Warner firmware on Technicolor TC8717T devices sets the default Wi-Fi passphrase to a combination of the SSID and BSSID, which makes it easier for remote attackers to obtain network access by reading a beacon frame. | 5.0 |
2017-07-31 | CVE-2017-9494 | Motorola | Incorrect Permission Assignment for Critical Resource vulnerability in Motorola Mx011Anm Firmware Mx011An2.9P6S1Prodsey The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | 5.0 |
2017-07-31 | CVE-2017-9492 | Cisco Commscope | Information Exposure vulnerability in multiple products The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not include the HTTPOnly flag in a Set-Cookie header for administration applications, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies. | 5.0 |
2017-07-31 | CVE-2017-9491 | Cisco Commscope | Information Exposure vulnerability in multiple products The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session. | 5.0 |
2017-07-31 | CVE-2017-9486 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to compute password-of-the-day values via unspecified vectors. | 5.0 |
2017-07-31 | CVE-2017-9485 | Cisco | Unspecified vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to write arbitrary data to a known /var/tmp/sess_* pathname by leveraging the device's operation in UI dev mode. | 5.0 |
2017-07-31 | CVE-2017-9484 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421733160420Acmcst/Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover a CM MAC address by sniffing Wi-Fi traffic and performing simple arithmetic calculations. | 5.0 |
2017-07-31 | CVE-2017-9481 | Cisco | Unspecified vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain unintended access to the Network Processor (NP) 169.254/16 IP network by adding a routing-table entry that specifies the LAN IP address as the router for that network. | 5.0 |
2017-07-31 | CVE-2017-9478 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421733160420Acmcst/Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which indirectly allows remote attackers to discover hidden Home Security Wi-Fi networks by leveraging the embedding of the MTA/VoIP MAC address into the DNS hostname. | 5.0 |
2017-08-02 | CVE-2017-9247 | Sierrawireless | Unquoted Search Path or Element vulnerability in Sierrawireless products Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges. | 4.6 |
2017-08-02 | CVE-2017-1468 | IBM | Unspecified vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. | 4.6 |
2017-07-31 | CVE-2017-9496 | Cisco Motorola | Unspecified vulnerability in Cisco Mx011Anm Firmware Mx011An2.9P6S1Prodsey The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device's link-local IPv6 address. | 4.6 |
2017-08-04 | CVE-2017-11657 | Dashlane | Untrusted Search Path vulnerability in Dashlane Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory. | 4.4 |
2017-08-02 | CVE-2015-7891 | Samsung | Race Condition vulnerability in Samsung Mobile 5.0/5.1 Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | 4.4 |
2017-08-06 | CVE-2017-12583 | Dokuwiki | Cross-site Scripting vulnerability in Dokuwiki DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php. | 4.3 |
2017-08-05 | CVE-2017-12566 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c. | 4.3 |
2017-08-05 | CVE-2017-12565 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. | 4.3 |
2017-08-05 | CVE-2017-12564 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service. | 4.3 |
2017-08-04 | CVE-2017-10819 | Intercom | Improper Certificate Validation vulnerability in Intercom Malion 5.2.1 MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, which may allow an attacker to eavesdrop on an encrypted communication. | 4.3 |
2017-08-04 | CVE-2017-12413 | Axis | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.43 AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml. | 4.3 |
2017-08-04 | CVE-2017-12434 | Imagemagick | Reachable Assertion vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c. | 4.3 |
2017-08-04 | CVE-2017-12433 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c. | 4.3 |
2017-08-04 | CVE-2017-12431 | Imagemagick | Use After Free vulnerability in Imagemagick 7.0.61 In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service. | 4.3 |
2017-08-04 | CVE-2017-12427 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function. | 4.3 |
2017-08-03 | CVE-2017-1327 | IBM | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 4.3 |
2017-08-03 | CVE-2017-11320 | Technicolor | Cross-site Scripting vulnerability in Technicolor Tc7337 Firmware 08.89.17.20.00 Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router. | 4.3 |
2017-08-02 | CVE-2017-9467 | Paloaltonetworks | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-02 | CVE-2017-9459 | Paloaltonetworks | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-02 | CVE-2017-9244 | Trello | Cross-site Scripting vulnerability in Trello 4.0.7 Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card. | 4.3 |
2017-08-02 | CVE-2017-7890 | PHP | Information Exposure vulnerability in PHP The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. | 4.3 |
2017-08-02 | CVE-2017-11355 | Pega | Cross-site Scripting vulnerability in Pega Platform Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page. | 4.3 |
2017-08-02 | CVE-2015-3642 | Citrix | Information Exposure vulnerability in Citrix products The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 4.3 |
2017-08-02 | CVE-2015-2690 | Digium | Cross-site Scripting vulnerability in Digium Addons Module 2.11.0.6 Multiple cross-site scripting (XSS) vulnerabilities in views/add-license-form.php in the Digium Addons module (digiumaddoninstaller) before 2.11.0.7 for FreePBX allow remote attackers to inject arbitrary web script or HTML via the (1) add_license_key, (2) add_license_first_name, (3) add_license_last_name, (4) add_license_company, (5) add_license_address1, (6) add_license_address2, (7) add_license_city, (8) add_license_state, (9) add_license_post_code, (10) add_license_country, (11) add_license_phone, or (12) add_license_email parameter in an add-license-form page to admin/config.php. | 4.3 |
2017-08-02 | CVE-2017-2285 | Silkypress | Cross-site Scripting vulnerability in Silkypress Simple Custom CSS and JS Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-02 | CVE-2017-2284 | Code Atlantic | Cross-site Scripting vulnerability in Code-Atlantic Popup Maker Cross-site scripting vulnerability in Popup Maker prior to version 1.6.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-02 | CVE-2017-2278 | IID Apple | Improper Certificate Validation vulnerability in IID RBB Speed Test The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
2017-08-02 | CVE-2016-7812 | Mufg | Cryptographic Issues vulnerability in Mufg Mitsubishi UFJ 5.3.1 The Bank of Tokyo-Mitsubishi UFJ, Ltd. | 4.3 |
2017-08-02 | CVE-2017-12200 | Etoilewebdesign | Cross-site Scripting vulnerability in Etoilewebdesign Ultimate Product Catalog 4.2.11 The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component. | 4.3 |
2017-08-02 | CVE-2017-12145 | Libquicktime | Improper Input Validation vulnerability in Libquicktime 1.2.4 In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_ftyp in ftyp.c, which allows attackers to cause a denial of service via a crafted file. | 4.3 |
2017-08-02 | CVE-2017-12143 | Libquicktime | Improper Input Validation vulnerability in Libquicktime 1.2.4 In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_info in lqt_quicktime.c, which allows attackers to cause a denial of service via a crafted file. | 4.3 |
2017-08-02 | CVE-2017-12139 | Xoops | Cross-site Scripting vulnerability in Xoops 2.5.8 XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing MIME type validation in htdocs/class/uploader.php. | 4.3 |
2017-08-01 | CVE-2017-8572 | Microsoft | Information Exposure vulnerability in Microsoft Outlook Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows an information disclosure vulnerability due to the way that it discloses the contents of its memory, aka "Microsoft Office Outlook Information Disclosure Vulnerability". | 4.3 |
2017-08-01 | CVE-2017-1500 | IBM | Cross-site Scripting vulnerability in IBM Mobilefirst Platform Foundation and Worklight A Reflected Cross Site Scripting (XSS) vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. | 4.3 |
2017-08-01 | CVE-2017-12132 | GNU | Allocation of Resources Without Limits or Throttling vulnerability in GNU Glibc The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. | 4.3 |
2017-08-01 | CVE-2017-12062 | Mantisbt | Cross-site Scripting vulnerability in Mantisbt An XSS issue was discovered in manage_user_page.php in MantisBT 2.x before 2.5.2. | 4.3 |
2017-08-01 | CVE-2017-12061 | Mantisbt | Cross-site Scripting vulnerability in Mantisbt An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. | 4.3 |
2017-08-01 | CVE-2017-11131 | Stashcat | Use of Password Hash With Insufficient Computational Effort vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 4.3 |
2017-08-01 | CVE-2017-11552 | Underbit | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Underbit MAD Libmad 0.15.1B mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file. | 4.3 |
2017-08-01 | CVE-2017-12131 | Goldplugins | Cross-site Scripting vulnerability in Goldplugins Easy Testimonials 3.0.4 The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens. | 4.3 |
2017-08-01 | CVE-2017-12068 | Event List Project | Cross-site Scripting vulnerability in Event List Project Event List 0.7.9 The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action. | 4.3 |
2017-07-31 | CVE-2017-11727 | Connectwise | Cross-site Scripting vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS. | 4.3 |
2017-07-31 | CVE-2017-1386 | IBM | Weak Password Requirements vulnerability in IBM API Connect and API Management IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. | 4.3 |
2017-07-31 | CVE-2017-1332 | IBM | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 4.3 |
2017-07-31 | CVE-2017-1303 | IBM | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 4.3 |
2017-07-31 | CVE-2017-11551 | Libid3Tag Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libid3Tag Project Libid3Tag 0.15.1B The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file. | 4.3 |
2017-07-31 | CVE-2017-11550 | Libid3Tag Project | NULL Pointer Dereference vulnerability in Libid3Tag Project Libid3Tag 0.15.1B The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file. | 4.3 |
2017-07-31 | CVE-2017-11548 | Xiph ORG | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xiph Libao 1.2.0 The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file. | 4.3 |
2017-07-31 | CVE-2017-11547 | Timidity Project | Out-of-bounds Read vulnerability in Timidity++ Project Timidity++ 2.14.0 The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. | 4.3 |
2017-07-31 | CVE-2017-11546 | Timidity Project | Divide By Zero vulnerability in Timidity++ Project Timidity++ 2.14.0 The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. | 4.3 |
2017-07-31 | CVE-2017-11359 | Sound Exchange Project Debian | Divide By Zero vulnerability in multiple products The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file. | 4.3 |
2017-07-31 | CVE-2017-11333 | Xiph ORG | NULL Pointer Dereference vulnerability in Xiph.Org Libvorbis 1.3.5 The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. | 4.3 |
2017-07-31 | CVE-2017-11332 | Sound Exchange Project Debian | Divide By Zero vulnerability in multiple products The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. | 4.3 |
2017-07-31 | CVE-2017-11331 | Xiph ORG | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xiph Vorbis-Tools 1.4.0 The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. | 4.3 |
2017-07-31 | CVE-2017-11330 | Divfix | Out-of-bounds Write vulnerability in Divfix Divfix++ 0.34 The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in DivFix++ v0.34 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted avi file. | 4.3 |
2017-07-31 | CVE-2017-11119 | Nosefart Project | Out-of-bounds Read vulnerability in Nosefart Project Nosefart 2.9Mls The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a in Nosefart 2.9-mls allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted nsf file. | 4.3 |
2017-07-31 | CVE-2017-11117 | Openexif Project | Out-of-bounds Read vulnerability in Openexif Project Openexif 2.1.4 The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file. | 4.3 |
2017-07-31 | CVE-2017-11115 | Openexif Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Openexif Project Openexif 2.1.4 The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted jpg file. | 4.3 |
2017-07-31 | CVE-2017-11114 | Twibright | Out-of-bounds Read vulnerability in Twibright Links 2.14 The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. | 4.3 |
2017-07-31 | CVE-2017-9487 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware and Dpc3941T Firmware The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address. | 4.3 |
2017-07-31 | CVE-2017-9475 | Comcast | Improper Authentication vulnerability in Comcast Xfinity Wifi Hotspot Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to spoof the identities of Comcast customers via a forged MAC address. | 4.3 |
2017-08-06 | CVE-2017-12586 | Slims | Path Traversal vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. | 4.0 |
2017-08-05 | CVE-2017-12419 | Mantisbt Mariadb Mysql | Information Exposure vulnerability in Mantisbt 2.5.2 If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server. | 4.0 |
2017-08-03 | CVE-2017-1504 | IBM | Unspecified vulnerability in IBM Websphere Application Server 9.0.0.4 IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. | 4.0 |
2017-08-02 | CVE-2017-11437 | Gitlab | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users. | 4.0 |
2017-08-02 | CVE-2017-11356 | Pega | Information Exposure vulnerability in Pega Platform The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control. | 4.0 |
2017-08-02 | CVE-2015-0194 | IBM | XXE vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data. | 4.0 |
2017-08-02 | CVE-2017-1495 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. | 4.0 |
2017-08-01 | CVE-2017-4922 | Vmware | Information Exposure vulnerability in VMWare Vcenter Server 6.5 VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. | 4.0 |
2017-08-01 | CVE-2017-11136 | Stashcat | Unspecified vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 4.0 |
2017-08-01 | CVE-2017-11134 | Stashcat | Information Exposure Through Log Files vulnerability in Stashcat Heinekingmedia 1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. | 4.0 |
2017-07-31 | CVE-2017-1370 | IBM | Information Exposure Through an Error Message vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. | 4.0 |
2017-07-31 | CVE-2016-9717 | IBM | Improper Input Validation vulnerability in IBM Infosphere Master Data Management Server HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. | 4.0 |
17 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-05 | CVE-2017-12572 | Splunk | Cross-site Scripting vulnerability in Splunk Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104. | 3.5 |
2017-08-04 | CVE-2017-1331 | IBM | Cross-site Scripting vulnerability in IBM Content Navigator IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. | 3.5 |
2017-08-03 | CVE-2017-1199 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. | 3.5 |
2017-08-01 | CVE-2015-5059 | Mantisbt | Information Exposure vulnerability in Mantisbt The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php. | 3.5 |
2017-08-01 | CVE-2017-12066 | Cacti | Cross-site Scripting vulnerability in Cacti Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. | 3.5 |
2017-07-31 | CVE-2017-1496 | IBM | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. | 3.5 |
2017-07-31 | CVE-2016-9719 | IBM | Improper Input Validation vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.1. | 3.5 |
2017-07-31 | CVE-2016-9718 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.1. | 3.5 |
2017-07-31 | CVE-2016-9715 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. | 3.5 |
2017-07-31 | CVE-2017-9477 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421733160420Acmcst/Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover the CM MAC address by connecting to the device's xfinitywifi hotspot. | 3.3 |
2017-07-31 | CVE-2017-9476 | Cisco Commscope | Information Exposure vulnerability in multiple products The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network. | 3.3 |
2017-08-02 | CVE-2017-9770 | Razerzone | Out-of-bounds Read vulnerability in Razerzone Razer Synapse A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length. | 2.1 |
2017-08-02 | CVE-2017-11334 | Qemu Debian | Out-of-bounds Read vulnerability in multiple products The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area. | 2.1 |
2017-08-02 | CVE-2017-10806 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages. | 2.1 |
2017-07-31 | CVE-2017-9498 | Motorola Comcast | Improper Validation of Integrity Check Value vulnerability in multiple products The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. | 2.1 |
2017-07-31 | CVE-2017-9495 | Motorola | Information Exposure vulnerability in Motorola Mx011Anm Firmware Mx011An2.9P6S1Prodsey The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script. | 2.1 |
2017-07-31 | CVE-2017-9480 | Cisco | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows local users (e.g., users who have command access as a consequence of CVE-2017-9479 exploitation) to read arbitrary files via UPnP access to /var/IGD/. | 2.1 |