Weekly Vulnerabilities Reports > August 14 to 20, 2017
Overview
267 new vulnerabilities reported during this period, including 99 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 284 products from 80 vendors including Google, Cisco, Debian, IBM, and Nexusphp Project. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Out-of-bounds Read", "Information Exposure", and "Cross-site Scripting".
- 244 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 44 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 234 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 114 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 86 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
99 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-18 | CVE-2017-7364 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition. | 10.0 | |
2017-08-18 | CVE-2016-5872 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated. | 10.0 | |
2017-08-18 | CVE-2016-5871 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file. | 10.0 | |
2017-08-18 | CVE-2016-10392 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory. | 10.0 | |
2017-08-18 | CVE-2016-10391 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity. | 10.0 | |
2017-08-18 | CVE-2016-10390 | Resource Management Errors vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed. | 10.0 | |
2017-08-18 | CVE-2016-10388 | Configuration vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application. | 10.0 | |
2017-08-18 | CVE-2016-10387 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario. | 10.0 | |
2017-08-18 | CVE-2016-10386 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP. | 10.0 | |
2017-08-18 | CVE-2016-10385 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS. | 10.0 | |
2017-08-18 | CVE-2016-10384 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl. | 10.0 | |
2017-08-18 | CVE-2016-10382 | Improper Access Control vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient. | 10.0 | |
2017-08-18 | CVE-2016-10381 | DEPRECATED: Location vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. | 10.0 | |
2017-08-18 | CVE-2016-10380 | DEPRECATED: Location vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. | 10.0 | |
2017-08-18 | CVE-2016-10347 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated. | 10.0 | |
2017-08-18 | CVE-2016-10346 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. | 10.0 | |
2017-08-18 | CVE-2016-10344 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE. | 10.0 | |
2017-08-18 | CVE-2016-10343 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak. | 10.0 | |
2017-08-18 | CVE-2015-9073 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | 10.0 | |
2017-08-18 | CVE-2015-9072 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | 10.0 | |
2017-08-18 | CVE-2015-9071 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | 10.0 | |
2017-08-18 | CVE-2015-9070 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | 10.0 | |
2017-08-18 | CVE-2015-9069 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted. | 10.0 | |
2017-08-18 | CVE-2015-9068 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated. | 10.0 | |
2017-08-18 | CVE-2015-9067 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed. | 10.0 | |
2017-08-18 | CVE-2015-9066 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure. | 10.0 | |
2017-08-18 | CVE-2015-9065 | 7PK - Security Features vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established. | 10.0 | |
2017-08-18 | CVE-2015-9064 | Improper Access Control vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated. | 10.0 | |
2017-08-18 | CVE-2015-9063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client. | 10.0 | |
2017-08-18 | CVE-2015-9062 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file. | 10.0 | |
2017-08-18 | CVE-2015-9061 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory. | 10.0 | |
2017-08-18 | CVE-2015-9060 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call. | 10.0 | |
2017-08-18 | CVE-2015-9055 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine. | 10.0 | |
2017-08-18 | CVE-2015-9054 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding. | 10.0 | |
2017-08-18 | CVE-2015-9053 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM. | 10.0 | |
2017-08-18 | CVE-2015-9052 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message. | 10.0 | |
2017-08-18 | CVE-2015-9051 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on a length in a System Information message. | 10.0 | |
2017-08-18 | CVE-2015-9050 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call. | 10.0 | |
2017-08-18 | CVE-2015-9049 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM. | 10.0 | |
2017-08-18 | CVE-2015-9048 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets. | 10.0 | |
2017-08-18 | CVE-2015-9047 | Improper Access Control vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup. | 10.0 | |
2017-08-18 | CVE-2015-9046 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list. | 10.0 | |
2017-08-18 | CVE-2015-9045 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements. | 10.0 | |
2017-08-18 | CVE-2015-9044 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list. | 10.0 | |
2017-08-18 | CVE-2015-9043 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer. | 10.0 | |
2017-08-18 | CVE-2015-9042 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message. | 10.0 | |
2017-08-18 | CVE-2015-9041 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning. | 10.0 | |
2017-08-18 | CVE-2015-9040 | Improper Access Control vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API. | 10.0 | |
2017-08-18 | CVE-2015-9039 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages. | 10.0 | |
2017-08-18 | CVE-2015-9038 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end. | 10.0 | |
2017-08-18 | CVE-2015-9037 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message. | 10.0 | |
2017-08-18 | CVE-2015-9036 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted. | 10.0 | |
2017-08-18 | CVE-2015-9035 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion. | 10.0 | |
2017-08-18 | CVE-2015-9034 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow. | 10.0 | |
2017-08-18 | CVE-2015-8596 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection. | 10.0 | |
2017-08-18 | CVE-2015-8595 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in digital television/digital radio DRM. | 10.0 | |
2017-08-18 | CVE-2015-8594 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in RFA-1x. | 10.0 | |
2017-08-18 | CVE-2015-8593 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing. | 10.0 | |
2017-08-18 | CVE-2015-8592 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption. | 10.0 | |
2017-08-18 | CVE-2015-0575 | Inadequate Encryption Strength vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration. | 10.0 | |
2017-08-18 | CVE-2015-0574 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient. | 10.0 | |
2017-08-18 | CVE-2014-9981 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot. | 10.0 | |
2017-08-18 | CVE-2014-9980 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory. | 10.0 | |
2017-08-18 | CVE-2014-9979 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory. | 10.0 | |
2017-08-18 | CVE-2014-9978 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service. | 10.0 | |
2017-08-18 | CVE-2014-9977 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM. | 10.0 | |
2017-08-18 | CVE-2014-9976 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing. | 10.0 | |
2017-08-18 | CVE-2014-9975 | Inadequate Encryption Strength vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption. | 10.0 | |
2017-08-18 | CVE-2014-9974 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster. | 10.0 | |
2017-08-18 | CVE-2014-9973 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine. | 10.0 | |
2017-08-18 | CVE-2014-9972 | NULL Pointer Dereference vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition. | 10.0 | |
2017-08-18 | CVE-2014-9971 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow. | 10.0 | |
2017-08-18 | CVE-2014-9969 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm. | 10.0 | |
2017-08-18 | CVE-2014-9968 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface. | 10.0 | |
2017-08-18 | CVE-2014-9411 | Range Error vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection. | 10.0 | |
2017-08-18 | CVE-2017-7278 | Aptus | Unspecified vulnerability in Aptus Styra Porttelefonkort 4400 Firmware A1 Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors. | 10.0 |
2017-08-16 | CVE-2017-8248 | Apple | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. | 10.0 |
2017-08-18 | CVE-2017-12943 | Dlink | Path Traversal vulnerability in Dlink Dir-600 B1 Firmware 2.01 D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password. | 9.8 |
2017-08-17 | CVE-2011-0469 | Suse | Code Injection vulnerability in Suse Opensuse Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011. | 9.8 |
2017-08-16 | CVE-2017-7551 | Fedoraproject | Information Exposure Through an Error Message vulnerability in Fedoraproject 389 Directory Server 1.3.5.19/1.3.6.7 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | 9.8 |
2017-08-18 | CVE-2017-9685 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. | 9.3 | |
2017-08-18 | CVE-2017-9678 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | 9.3 | |
2017-08-18 | CVE-2017-8268 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. | 9.3 | |
2017-08-18 | CVE-2017-8263 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a kernel fault can occur when doing certain operations on a read-only virtual address in userspace. | 9.3 | |
2017-08-18 | CVE-2017-8255 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. | 9.3 | |
2017-08-18 | CVE-2017-8253 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace. | 9.3 | |
2017-08-18 | CVE-2016-10389 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition. | 9.3 | |
2017-08-18 | CVE-2016-10383 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. | 9.3 | |
2017-08-18 | CVE-2017-2289 | Kddi | Untrusted Search Path vulnerability in Kddi QUA Station Firmware 1.00.03 Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-18 | CVE-2017-2228 | Enecho Meti | Untrusted Search Path vulnerability in Enecho.Meti Teikihoukokusho Sakuseishien Tool 4.0 Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-18 | CVE-2017-10824 | Teikoku Databank | Untrusted Search Path vulnerability in Teikoku Databank Type A 5.2 Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-18 | CVE-2017-10823 | Enecho Meti | Untrusted Search Path vulnerability in Enecho.Meti Shin Kinkyuji Houkoku Data Nyuryoku Program Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-18 | CVE-2017-10822 | Enecho Meti | Untrusted Search Path vulnerability in Enecho.Meti Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-18 | CVE-2017-10821 | Enecho Meti | Untrusted Search Path vulnerability in Enecho.Meti Shin Kikan Toukei Houkoku Data Nyuryokuyou Program Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2017-08-16 | CVE-2017-8243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file. | 9.3 | |
2017-08-16 | CVE-2016-5864 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. | 9.3 | |
2017-08-16 | CVE-2016-5863 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses. | 9.3 | |
2017-08-14 | CVE-2017-9648 | Solarcontrols | Uncontrolled Search Path Element vulnerability in Solarcontrols Wattconfig M An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior. | 9.3 |
2017-08-14 | CVE-2017-9646 | Solarcontrols | Uncontrolled Search Path Element vulnerability in Solarcontrols Heating Control Downloader An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. | 9.3 |
48 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-20 | CVE-2017-12976 | GIT Annex Project | Improper Input Validation vulnerability in Git-Annex Project Git-Annex git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. | 8.8 |
2017-08-18 | CVE-2017-12937 | Graphicsmagick Debian | Out-of-bounds Read vulnerability in multiple products The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | 8.8 |
2017-08-18 | CVE-2017-12936 | Graphicsmagick Debian | Use After Free vulnerability in multiple products The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | 8.8 |
2017-08-18 | CVE-2017-12935 | Graphicsmagick Debian | Out-of-bounds Read vulnerability in multiple products The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | 8.8 |
2017-08-14 | CVE-2017-12426 | Gitlab | Improper Input Validation vulnerability in Gitlab GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote attackers to execute arbitrary code via a crafted SSH URL in a project import. | 8.8 |
2017-08-17 | CVE-2017-6710 | Cisco | OS Command Injection vulnerability in Cisco Virtual Network Function Element Manager A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. | 8.5 |
2017-08-16 | CVE-2016-5861 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow. | 8.3 | |
2017-08-19 | CVE-2017-10663 | Linux | Improper Validation of Array Index vulnerability in Linux Kernel The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors. | 7.8 |
2017-08-19 | CVE-2017-10662 | Linux | Unspecified vulnerability in Linux Kernel The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors. | 7.8 |
2017-08-18 | CVE-2017-12964 | Libsass | Uncontrolled Recursion vulnerability in Libsass 3.4.5 There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. | 7.8 |
2017-08-18 | CVE-2017-10811 | Buffalo | OS Command Injection vulnerability in Buffalo Wcr-1166Ds Firmware 1.30 Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors. | 7.7 |
2017-08-18 | CVE-2017-9684 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. | 7.6 | |
2017-08-18 | CVE-2017-8267 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. | 7.6 | |
2017-08-18 | CVE-2017-8262 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition. | 7.6 | |
2017-08-18 | CVE-2015-0576 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA. | 7.6 | |
2017-08-16 | CVE-2016-5867 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow. | 7.6 | |
2017-08-16 | CVE-2016-5862 | Permissions, Privileges, and Access Controls vulnerability in Google Android When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs. | 7.6 | |
2017-08-16 | CVE-2016-5860 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow. | 7.6 | |
2017-08-16 | CVE-2016-5859 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow. | 7.6 | |
2017-08-16 | CVE-2016-5853 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value. | 7.6 | |
2017-08-20 | CVE-2017-12974 | Connect2Id | Improper Verification of Cryptographic Signature vulnerability in Connect2Id Nimbus Jose+Jwt Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation. | 7.5 |
2017-08-20 | CVE-2017-12972 | Connect2Id | Insufficient Verification of Data Authenticity vulnerability in Connect2Id Nimbus Jose+Jwt In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC. | 7.5 |
2017-08-18 | CVE-2007-5341 | Mozilla | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8. | 7.5 |
2017-08-18 | CVE-2007-5199 | X | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X Libxfont 1.3.1 A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact. | 7.5 |
2017-08-18 | CVE-2015-4464 | Kguardsecurity | Improper Authentication vulnerability in Kguardsecurity Kg-Sha104 Firmware and Kg-Sha108 Firmware Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server. | 7.5 |
2017-08-18 | CVE-2015-2675 | Gnome | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Librest 0.7.92 The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account. | 7.5 |
2017-08-18 | CVE-2017-12776 | Nexusphp Project | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter. | 7.5 |
2017-08-18 | CVE-2017-11185 | Strongswan | NULL Pointer Dereference vulnerability in Strongswan The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. | 7.5 |
2017-08-18 | CVE-2017-12582 | Qnap | Missing Authorization vulnerability in Qnap Ts-212P Firmware 4.2.1 Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. | 7.5 |
2017-08-18 | CVE-2015-1817 | Musl Libc | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Musl-Libc Musl Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors. | 7.5 |
2017-08-18 | CVE-2017-12942 | Rarlab | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | 7.5 |
2017-08-18 | CVE-2017-12941 | Rarlab | Out-of-bounds Read vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | 7.5 |
2017-08-18 | CVE-2017-12940 | Rarlab | Out-of-bounds Read vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | 7.5 |
2017-08-18 | CVE-2017-12939 | Unity3D Microsoft | Improper Input Validation vulnerability in Unity3D Unity Editor A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4. | 7.5 |
2017-08-18 | CVE-2017-12933 | PHP | Out-of-bounds Read vulnerability in PHP The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. | 7.5 |
2017-08-18 | CVE-2017-12932 | PHP | Use After Free vulnerability in PHP ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. | 7.5 |
2017-08-17 | CVE-2017-12910 | Nexusphp Project | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter. | 7.5 |
2017-08-17 | CVE-2017-12909 | Nexusphp Project | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |
2017-08-17 | CVE-2017-12908 | Nexusphp Project | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | 7.5 |
2017-08-17 | CVE-2017-7555 | Augeas | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Augeas Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. | 7.5 |
2017-08-16 | CVE-2017-7548 | Postgresql Debian | PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service. | 7.5 |
2017-08-16 | CVE-2017-7546 | Postgresql Debian | Improper Authentication vulnerability in multiple products PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. | 7.5 |
2017-08-14 | CVE-2017-9653 | Osisoft | Incorrect Authorization vulnerability in Osisoft products An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. | 7.5 |
2017-08-18 | CVE-2017-3756 | Lenovo Microsoft | Unspecified vulnerability in Lenovo products A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. | 7.2 |
2017-08-17 | CVE-2017-6768 | Cisco | Untrusted Search Path vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. | 7.2 |
2017-08-15 | CVE-2017-8665 | Microsoft | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Xamarin.Ios 10.11 The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability." | 7.2 |
2017-08-17 | CVE-2017-6790 | Cisco | Unspecified vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance. | 7.1 |
2017-08-19 | CVE-2017-10661 | Linux Redhat Debian | Use After Free vulnerability in multiple products Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | 7.0 |
107 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-19 | CVE-2017-11323 | Estsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | 6.8 |
2017-08-18 | CVE-2017-12955 | Exiv2 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. | 6.8 |
2017-08-18 | CVE-2017-8272 | Out-of-bounds Write vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. | 6.8 | |
2017-08-18 | CVE-2017-8261 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a camera driver ioctl, a kernel overwrite can potentially occur. | 6.8 | |
2017-08-18 | CVE-2017-8260 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. | 6.8 | |
2017-08-18 | CVE-2017-8257 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use. | 6.8 | |
2017-08-18 | CVE-2017-8256 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses. | 6.8 | |
2017-08-18 | CVE-2017-12881 | Spring Batch Admin Project | Cross-Site Request Forgery (CSRF) vulnerability in Spring Batch Admin Project Spring Batch Admin Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability. | 6.8 |
2017-08-18 | CVE-2015-5081 | Django CMS | Cross-Site Request Forgery (CSRF) vulnerability in Django-Cms Django CMS 3.1 Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors. | 6.8 |
2017-08-18 | CVE-2017-12593 | Asus | Cross-Site Request Forgery (CSRF) vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. | 6.8 |
2017-08-18 | CVE-2017-12589 | Tomaxcom | Cross-Site Request Forgery (CSRF) vulnerability in Tomaxcom R60G Firmware and R60Gv2 Firmware ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack. | 6.8 |
2017-08-18 | CVE-2017-10665 | Phpgrid | Path Traversal vulnerability in PHPgrid Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. | 6.8 |
2017-08-17 | CVE-2017-7556 | Hawt | Cross-Site Request Forgery (CSRF) vulnerability in Hawt Hawtio 1.5.3 Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user. | 6.8 |
2017-08-16 | CVE-2017-12892 | Foxitsoftware | Untrusted Search Path vulnerability in Foxitsoftware PDF Compressor Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 6.8 |
2017-08-15 | CVE-2017-12864 | Opencv Debian | Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. | 6.8 |
2017-08-15 | CVE-2017-12863 | Opencv Debian | Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. | 6.8 |
2017-08-15 | CVE-2017-12862 | Opencv Debian | Out-of-bounds Write vulnerability in multiple products In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. | 6.8 |
2017-08-14 | CVE-2017-12853 | Rtsindia | Cross-Site Request Forgery (CSRF) vulnerability in Rtsindia Rwr-3G-100 Firmware 1.0.56 The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. | 6.8 |
2017-08-14 | CVE-2017-9660 | Fujielectric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 6.8 |
2017-08-14 | CVE-2017-9659 | Fujielectric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 6.8 |
2017-08-18 | CVE-2017-12949 | Podlove | SQL Injection vulnerability in Podlove Podcast Publisher 2.5.3 lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF. | 6.5 |
2017-08-18 | CVE-2017-12947 | Easymodal Project | SQL Injection vulnerability in Easymodal Project Easy Modal classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators. | 6.5 |
2017-08-18 | CVE-2017-12946 | Easymodal Project | SQL Injection vulnerability in Easymodal Project Easy Modal classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators. | 6.5 |
2017-08-18 | CVE-2015-5153 | Pulp Project | Permission Issues vulnerability in Pulp Project Pulp Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name. | 6.5 |
2017-08-18 | CVE-2017-12592 | Asus | Unspecified vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. | 6.5 |
2017-08-18 | CVE-2017-12420 | Netapp | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Netapp Clustered Data Ontap Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code. | 6.5 |
2017-08-14 | CVE-2017-11156 | Synology | Incorrect Permission Assignment for Critical Resource vulnerability in Synology Download Station Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors. | 6.5 |
2017-08-14 | CVE-2017-11150 | Synology | OS Command Injection vulnerability in Synology Office 2.2.01502/2.2.11506 Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. | 6.5 |
2017-08-14 | CVE-2017-1190 | IBM | Unspecified vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system. | 6.2 |
2017-08-14 | CVE-2017-9802 | Apache | Cross-site Scripting vulnerability in Apache Sling Servlets Post 2.3.20 The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings. | 6.1 |
2017-08-18 | CVE-2017-12440 | Openstack | Missing Authentication for Critical Function vulnerability in Openstack 07132017 Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. | 6.0 |
2017-08-16 | CVE-2017-6421 | Classic Buffer Overflow vulnerability in Google Android In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow. | 5.8 | |
2017-08-18 | CVE-2017-8270 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. | 5.1 | |
2017-08-18 | CVE-2017-8266 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | 5.1 | |
2017-08-18 | CVE-2017-8265 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. | 5.1 | |
2017-08-14 | CVE-2017-9661 | Simplight | Uncontrolled Search Path Element vulnerability in Simplight Scada 4.3.0.27 An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. | 5.1 |
2017-08-18 | CVE-2017-12963 | Libsass | Out-of-bounds Read vulnerability in Libsass 3.4.5 There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. | 5.0 |
2017-08-18 | CVE-2017-12962 | Libsass | Missing Release of Resource after Effective Lifetime vulnerability in Libsass 3.4.5 There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack. | 5.0 |
2017-08-18 | CVE-2017-12961 | GNU | Improper Input Validation vulnerability in GNU Pspp 0.11.0 There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 5.0 |
2017-08-18 | CVE-2017-12960 | GNU | Reachable Assertion vulnerability in GNU Pspp 0.11.0 There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 5.0 |
2017-08-18 | CVE-2017-12959 | GNU | Reachable Assertion vulnerability in GNU Pspp 0.11.0 There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | 5.0 |
2017-08-18 | CVE-2017-12958 | GNU | Out-of-bounds Read vulnerability in GNU Pspp 0.11.0 There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 5.0 |
2017-08-18 | CVE-2017-9680 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message. | 5.0 | |
2017-08-18 | CVE-2017-9679 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. | 5.0 | |
2017-08-18 | CVE-2015-4071 | Helpdesk PRO Project | Information Exposure vulnerability in Helpdesk PRO Project Helpdesk PRO The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}. | 5.0 |
2017-08-18 | CVE-2014-3451 | Igniterealtime | Improper Certificate Validation vulnerability in Igniterealtime Openfire OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks. | 5.0 |
2017-08-18 | CVE-2015-7945 | SPI INC | Information Exposure vulnerability in Spi-Inc Ganeti The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results. | 5.0 |
2017-08-18 | CVE-2015-7944 | SPI INC | Resource Management Errors vulnerability in Spi-Inc Ganeti The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation. | 5.0 |
2017-08-18 | CVE-2017-12944 | Libtiff | Allocation of Resources Without Limits or Throttling vulnerability in Libtiff 4.0.8 The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | 5.0 |
2017-08-18 | CVE-2017-9454 | Resiprocate | Out-of-bounds Read vulnerability in Resiprocate Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response. | 5.0 |
2017-08-18 | CVE-2017-12938 | Rarlab | Path Traversal vulnerability in Rarlab Unrar UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . | 5.0 |
2017-08-18 | CVE-2017-12934 | PHP | Use After Free vulnerability in PHP ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. | 5.0 |
2017-08-17 | CVE-2017-6784 | Cisco | Information Exposure vulnerability in Cisco products A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. | 5.0 |
2017-08-17 | CVE-2017-6771 | Cisco | Information Exposure vulnerability in Cisco Ultra Services Framework 21.0.V0.65839 A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. | 5.0 |
2017-08-17 | CVE-2017-11662 | Mindwerks | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 5.0 |
2017-08-17 | CVE-2017-11661 | Mindwerks | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 5.0 |
2017-08-15 | CVE-2017-12852 | Numpy | Infinite Loop vulnerability in Numpy The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. | 5.0 |
2017-08-17 | CVE-2017-6782 | Cisco | Code Injection vulnerability in Cisco Prime Infrastructure 3.2(0.0) A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. | 4.9 |
2017-08-18 | CVE-2017-11160 | Synology | Untrusted Search Path vulnerability in Synology Assistant Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 4.6 |
2017-08-18 | CVE-2017-11653 | Razer | Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file. | 4.6 |
2017-08-18 | CVE-2017-11652 | Razer | Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file. | 4.6 |
2017-08-18 | CVE-2015-3649 | Open URI Cached Project | Improper Input Validation vulnerability in Open-Uri-Cached Project Open-Uri-Cached 20120107 The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created. | 4.6 |
2017-08-18 | CVE-2015-1878 | Thalesesecurity | Permissions, Privileges, and Access Controls vulnerability in Thalesesecurity Nshield Connect Firmware Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel. | 4.6 |
2017-08-17 | CVE-2017-6786 | Cisco | Information Exposure vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. | 4.6 |
2017-08-17 | CVE-2017-6781 | Cisco | Improper Authentication vulnerability in Cisco Policy Suite A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 4.6 |
2017-08-17 | CVE-2017-6775 | Cisco | Unspecified vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. | 4.6 |
2017-08-17 | CVE-2017-6773 | Cisco | Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. | 4.6 |
2017-08-17 | CVE-2017-6767 | Cisco | Improper Privilege Management vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. | 4.6 |
2017-08-14 | CVE-2017-1469 | IBM | Code Injection vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. | 4.6 |
2017-08-14 | CVE-2017-9662 | Fujielectric | Improper Privilege Management vulnerability in Fujielectric Monitouch V-Sft An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 4.6 |
2017-08-20 | CVE-2017-12973 | Connect2Id | Improper Validation of Integrity Check Value vulnerability in Connect2Id Nimbus Jose+Jwt Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack. | 4.3 |
2017-08-20 | CVE-2017-12966 | Asn1C Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asn1C Project Asn1C 0.9.28 The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file. | 4.3 |
2017-08-19 | CVE-2017-12967 | GNU | Out-of-bounds Read vulnerability in GNU Binutils 2.29 The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary. | 4.3 |
2017-08-18 | CVE-2017-12957 | Exiv2 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. | 4.3 |
2017-08-18 | CVE-2017-12956 | Exiv2 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | 4.3 |
2017-08-18 | CVE-2017-8254 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid. | 4.3 | |
2017-08-18 | CVE-2017-12948 | Pressforward | Cross-site Scripting vulnerability in Pressforward Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF. | 4.3 |
2017-08-18 | CVE-2015-5057 | Broken Link Checker Project | Cross-site Scripting vulnerability in Broken Link Checker Project Broken Link Checker Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed. | 4.3 |
2017-08-18 | CVE-2017-0687 | Unspecified vulnerability in Google Android A denial of service vulnerability in the Android media framework (libavc). | 4.3 | |
2017-08-18 | CVE-2017-9816 | Paessler | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2017-08-18 | CVE-2017-12859 | Netapp | Improper Input Validation vulnerability in Netapp Data Ontap NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. | 4.3 |
2017-08-18 | CVE-2017-12680 | Nexusphp Project | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php. | 4.3 |
2017-08-18 | CVE-2017-1501 | IBM | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. | 4.3 |
2017-08-18 | CVE-2017-12927 | Cacti | Cross-site Scripting vulnerability in Cacti 1.1.17 A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php. | 4.3 |
2017-08-17 | CVE-2017-6788 | Cisco | Cross-site Scripting vulnerability in Cisco Anyconnect Secure Mobility Client 4.4(4027)/4.5(58) The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. | 4.3 |
2017-08-17 | CVE-2017-6776 | Cisco | Cross-site Scripting vulnerability in Cisco Elastic Services Controller 2.2(9.76)/2.3(1) A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 4.3 |
2017-08-17 | CVE-2017-12907 | Nexusphp Project | Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5 Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url path to usersearch.php. | 4.3 |
2017-08-17 | CVE-2017-12445 | Minidjvu Project | Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8 The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | 4.3 |
2017-08-17 | CVE-2017-12444 | Minidjvu Project | Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8 The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | 4.3 |
2017-08-17 | CVE-2017-12443 | Minidjvu Project | Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8 The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | 4.3 |
2017-08-17 | CVE-2017-12442 | Minidjvu Project | Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8 The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | 4.3 |
2017-08-17 | CVE-2017-12441 | Minidjvu Project | Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8 The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | 4.3 |
2017-08-17 | CVE-2017-11664 | Mindwerks | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 4.3 |
2017-08-17 | CVE-2017-11663 | Mindwerks | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 4.3 |
2017-08-14 | CVE-2016-6029 | IBM | Information Exposure vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 4.3 |
2017-08-18 | CVE-2017-8446 | Elasticsearch | Improper Privilege Management vulnerability in Elasticsearch X-Pack and X-Pack Reporting The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. | 4.0 |
2017-08-18 | CVE-2015-4082 | Attic Project | Permissions, Privileges, and Access Controls vulnerability in Attic Project Attic attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file". | 4.0 |
2017-08-17 | CVE-2017-6785 | Cisco | Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5)/11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration. | 4.0 |
2017-08-17 | CVE-2017-6783 | Cisco | Information Exposure vulnerability in Cisco products A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. | 4.0 |
2017-08-17 | CVE-2017-6778 | Cisco | Information Exposure vulnerability in Cisco Ultra Services Platform 21.0.V0.65839 A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. | 4.0 |
2017-08-17 | CVE-2017-6777 | Cisco | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3/2.3(2) A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. | 4.0 |
2017-08-17 | CVE-2017-6774 | Cisco | Files or Directories Accessible to External Parties vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. | 4.0 |
2017-08-17 | CVE-2017-6772 | Cisco | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2) A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. | 4.0 |
2017-08-16 | CVE-2017-7547 | Postgresql | Unspecified vulnerability in Postgresql PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. | 4.0 |
2017-08-14 | CVE-2017-12851 | Kanboard | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard An authenticated standard user could reset the password of the admin by altering form data. | 4.0 |
2017-08-14 | CVE-2017-12850 | Kanboard | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard An authenticated standard user could reset the password of other users (including the admin) by altering form data. | 4.0 |
2017-08-14 | CVE-2017-11149 | Synology | Server-Side Request Forgery (SSRF) vulnerability in Synology Download Station Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted URI. | 4.0 |
13 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-18 | CVE-2017-12882 | Spring Batch Admin Project | Cross-site Scripting vulnerability in Spring Batch Admin Project Spring Batch Admin Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality. | 3.5 |
2017-08-18 | CVE-2017-12591 | Asus | Cross-site Scripting vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter. | 3.5 |
2017-08-18 | CVE-2017-9767 | Quali | Cross-site Scripting vulnerability in Quali Cloudshell Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Name or (2) Description parameter to RM/Reservation/ReserveNew; the (3) Description parameter to RM/Topology/Update; the (4) Name, (5) Description, (6) ExecutionBatches[0].Name, (7) ExecutionBatches[0].Description, or (8) Labels parameter to SnQ/JobTemplate/Edit; or (9) Alias or (10) Description parameter to RM/AbstractTemplate/AddOrUpdateAbstractTemplate. | 3.5 |
2017-08-18 | CVE-2017-1338 | IBM | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 3.5 |
2017-08-14 | CVE-2016-6021 | IBM | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. | 3.5 |
2017-08-14 | CVE-2017-9655 | Osisoft | Cross-site Scripting vulnerability in Osisoft products A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. | 3.5 |
2017-08-18 | CVE-2017-9682 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition. | 2.6 | |
2017-08-16 | CVE-2016-5858 | Information Exposure vulnerability in Google Android In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | 2.6 | |
2017-08-16 | CVE-2016-5855 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | 2.6 | |
2017-08-16 | CVE-2016-5854 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | 2.6 | |
2017-08-16 | CVE-2016-5347 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | 2.6 | |
2017-08-18 | CVE-2017-8445 | Elastic | Improper Certificate Validation vulnerability in Elastic X-Pack An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. | 2.1 |
2017-08-15 | CVE-2017-12855 | XEN | Information Exposure vulnerability in XEN Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. | 2.1 |