Weekly Vulnerabilities Reports > August 14 to 20, 2017

Overview

267 new vulnerabilities reported during this period, including 99 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 284 products from 80 vendors including Google, Cisco, Debian, IBM, and Nexusphp Project. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Out-of-bounds Read", "Information Exposure", and "Cross-site Scripting".

  • 244 reported vulnerabilities are remotely exploitables.
  • 12 reported vulnerabilities have public exploit available.
  • 44 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 234 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 114 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 86 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

99 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-08-18 CVE-2017-7364 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition.

10.0
2017-08-18 CVE-2016-5872 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.

10.0
2017-08-18 CVE-2016-5871 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.

10.0
2017-08-18 CVE-2016-10392 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.

10.0
2017-08-18 CVE-2016-10391 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.

10.0
2017-08-18 CVE-2016-10390 Google Resource Management Errors vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.

10.0
2017-08-18 CVE-2016-10388 Google Configuration vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.

10.0
2017-08-18 CVE-2016-10387 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.

10.0
2017-08-18 CVE-2016-10386 Google Improper Validation of Array Index vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.

10.0
2017-08-18 CVE-2016-10385 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.

10.0
2017-08-18 CVE-2016-10384 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.

10.0
2017-08-18 CVE-2016-10382 Google Improper Access Control vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.

10.0
2017-08-18 CVE-2016-10381 Google DEPRECATED: Location vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.

10.0
2017-08-18 CVE-2016-10380 Google DEPRECATED: Location vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.

10.0
2017-08-18 CVE-2016-10347 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated.

10.0
2017-08-18 CVE-2016-10346 Google Integer Overflow or Wraparound vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.

10.0
2017-08-18 CVE-2016-10344 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE.

10.0
2017-08-18 CVE-2016-10343 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.

10.0
2017-08-18 CVE-2015-9073 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.

10.0
2017-08-18 CVE-2015-9072 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.

10.0
2017-08-18 CVE-2015-9071 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall.

10.0
2017-08-18 CVE-2015-9070 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall.

10.0
2017-08-18 CVE-2015-9069 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted.

10.0
2017-08-18 CVE-2015-9068 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated.

10.0
2017-08-18 CVE-2015-9067 Google Unspecified vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.

10.0
2017-08-18 CVE-2015-9066 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.

10.0
2017-08-18 CVE-2015-9065 Google 7PK - Security Features vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.

10.0
2017-08-18 CVE-2015-9064 Google Improper Access Control vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.

10.0
2017-08-18 CVE-2015-9063 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.

10.0
2017-08-18 CVE-2015-9062 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.

10.0
2017-08-18 CVE-2015-9061 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.

10.0
2017-08-18 CVE-2015-9060 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.

10.0
2017-08-18 CVE-2015-9055 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.

10.0
2017-08-18 CVE-2015-9054 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding.

10.0
2017-08-18 CVE-2015-9053 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM.

10.0
2017-08-18 CVE-2015-9052 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message.

10.0
2017-08-18 CVE-2015-9051 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on a length in a System Information message.

10.0
2017-08-18 CVE-2015-9050 Google Out-of-bounds Read vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call.

10.0
2017-08-18 CVE-2015-9049 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM.

10.0
2017-08-18 CVE-2015-9048 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets.

10.0
2017-08-18 CVE-2015-9047 Google Improper Access Control vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup.

10.0
2017-08-18 CVE-2015-9046 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.

10.0
2017-08-18 CVE-2015-9045 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements.

10.0
2017-08-18 CVE-2015-9044 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.

10.0
2017-08-18 CVE-2015-9043 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.

10.0
2017-08-18 CVE-2015-9042 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message.

10.0
2017-08-18 CVE-2015-9041 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning.

10.0
2017-08-18 CVE-2015-9040 Google Improper Access Control vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.

10.0
2017-08-18 CVE-2015-9039 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages.

10.0
2017-08-18 CVE-2015-9038 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end.

10.0
2017-08-18 CVE-2015-9037 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message.

10.0
2017-08-18 CVE-2015-9036 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted.

10.0
2017-08-18 CVE-2015-9035 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion.

10.0
2017-08-18 CVE-2015-9034 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow.

10.0
2017-08-18 CVE-2015-8596 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection.

10.0
2017-08-18 CVE-2015-8595 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in digital television/digital radio DRM.

10.0
2017-08-18 CVE-2015-8594 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in RFA-1x.

10.0
2017-08-18 CVE-2015-8593 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.

10.0
2017-08-18 CVE-2015-8592 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption.

10.0
2017-08-18 CVE-2015-0575 Google Inadequate Encryption Strength vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.

10.0
2017-08-18 CVE-2015-0574 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.

10.0
2017-08-18 CVE-2014-9981 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot.

10.0
2017-08-18 CVE-2014-9980 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.

10.0
2017-08-18 CVE-2014-9979 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.

10.0
2017-08-18 CVE-2014-9978 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.

10.0
2017-08-18 CVE-2014-9977 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.

10.0
2017-08-18 CVE-2014-9976 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.

10.0
2017-08-18 CVE-2014-9975 Google Inadequate Encryption Strength vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.

10.0
2017-08-18 CVE-2014-9974 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.

10.0
2017-08-18 CVE-2014-9973 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.

10.0
2017-08-18 CVE-2014-9972 Google NULL Pointer Dereference vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.

10.0
2017-08-18 CVE-2014-9971 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.

10.0
2017-08-18 CVE-2014-9969 Google Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.

10.0
2017-08-18 CVE-2014-9968 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.

10.0
2017-08-18 CVE-2014-9411 Google Range Error vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.

10.0
2017-08-18 CVE-2017-7278 Aptus Unspecified vulnerability in Aptus Styra Porttelefonkort 4400 Firmware A1

Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors.

10.0
2017-08-16 CVE-2017-8248 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS

A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

10.0
2017-08-18 CVE-2017-12943 Dlink Path Traversal vulnerability in Dlink Dir-600 B1 Firmware 2.01

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.

9.8
2017-08-17 CVE-2011-0469 Suse Code Injection vulnerability in Suse Opensuse

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.

9.8
2017-08-16 CVE-2017-7551 Fedoraproject Information Exposure Through an Error Message vulnerability in Fedoraproject 389 Directory Server 1.3.5.19/1.3.6.7

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

9.8
2017-08-18 CVE-2017-9685 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition.

9.3
2017-08-18 CVE-2017-9678 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().

9.3
2017-08-18 CVE-2017-8268 Google Out-of-bounds Read vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read.

9.3
2017-08-18 CVE-2017-8263 Google Unspecified vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a kernel fault can occur when doing certain operations on a read-only virtual address in userspace.

9.3
2017-08-18 CVE-2017-8255 Google Integer Overflow or Wraparound vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.

9.3
2017-08-18 CVE-2017-8253 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.

9.3
2017-08-18 CVE-2016-10389 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.

9.3
2017-08-18 CVE-2016-10383 Google Race Condition vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.

9.3
2017-08-18 CVE-2017-2289 Kddi Untrusted Search Path vulnerability in Kddi QUA Station Firmware 1.00.03

Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-18 CVE-2017-2228 Enecho Meti Untrusted Search Path vulnerability in Enecho.Meti Teikihoukokusho Sakuseishien Tool 4.0

Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-18 CVE-2017-10824 Teikoku Databank Untrusted Search Path vulnerability in Teikoku Databank Type A 5.2

Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-18 CVE-2017-10823 Enecho Meti Untrusted Search Path vulnerability in Enecho.Meti Shin Kinkyuji Houkoku Data Nyuryoku Program

Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-18 CVE-2017-10822 Enecho Meti Untrusted Search Path vulnerability in Enecho.Meti Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program

Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-18 CVE-2017-10821 Enecho Meti Untrusted Search Path vulnerability in Enecho.Meti Shin Kikan Toukei Houkoku Data Nyuryokuyou Program

Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-08-16 CVE-2017-8243 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file.

9.3
2017-08-16 CVE-2016-5864 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow.

9.3
2017-08-16 CVE-2016-5863 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.

9.3
2017-08-14 CVE-2017-9648 Solarcontrols Uncontrolled Search Path Element vulnerability in Solarcontrols Wattconfig M

An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior.

9.3
2017-08-14 CVE-2017-9646 Solarcontrols Uncontrolled Search Path Element vulnerability in Solarcontrols Heating Control Downloader

An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior.

9.3

48 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-08-20 CVE-2017-12976 GIT Annex Project Improper Input Validation vulnerability in Git-Annex Project Git-Annex

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.

8.8
2017-08-18 CVE-2017-12937 Graphicsmagick
Debian
Out-of-bounds Read vulnerability in multiple products

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.

8.8
2017-08-18 CVE-2017-12936 Graphicsmagick
Debian
Use After Free vulnerability in multiple products

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.

8.8
2017-08-18 CVE-2017-12935 Graphicsmagick
Debian
Out-of-bounds Read vulnerability in multiple products

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.

8.8
2017-08-14 CVE-2017-12426 Gitlab Improper Input Validation vulnerability in Gitlab

GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote attackers to execute arbitrary code via a crafted SSH URL in a project import.

8.8
2017-08-17 CVE-2017-6710 Cisco OS Command Injection vulnerability in Cisco Virtual Network Function Element Manager

A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server.

8.5
2017-08-16 CVE-2016-5861 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.

8.3
2017-08-19 CVE-2017-10663 Linux Improper Validation of Array Index vulnerability in Linux Kernel

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.

7.8
2017-08-19 CVE-2017-10662 Linux Unspecified vulnerability in Linux Kernel

The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.

7.8
2017-08-18 CVE-2017-12964 Libsass Uncontrolled Recursion vulnerability in Libsass 3.4.5

There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp.

7.8
2017-08-18 CVE-2017-10811 Buffalo OS Command Injection vulnerability in Buffalo Wcr-1166Ds Firmware 1.30

Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors.

7.7
2017-08-18 CVE-2017-9684 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.

7.6
2017-08-18 CVE-2017-8267 Google Race Condition vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.

7.6
2017-08-18 CVE-2017-8262 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition.

7.6
2017-08-18 CVE-2015-0576 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.

7.6
2017-08-16 CVE-2016-5867 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.

7.6
2017-08-16 CVE-2016-5862 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.

7.6
2017-08-16 CVE-2016-5860 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

7.6
2017-08-16 CVE-2016-5859 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

7.6
2017-08-16 CVE-2016-5853 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.

7.6
2017-08-20 CVE-2017-12974 Connect2Id Improper Verification of Cryptographic Signature vulnerability in Connect2Id Nimbus Jose+Jwt

Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation.

7.5
2017-08-20 CVE-2017-12972 Connect2Id Insufficient Verification of Data Authenticity vulnerability in Connect2Id Nimbus Jose+Jwt

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC.

7.5
2017-08-18 CVE-2007-5341 Mozilla Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

7.5
2017-08-18 CVE-2007-5199 X Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X Libxfont 1.3.1

A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.

7.5
2017-08-18 CVE-2015-4464 Kguardsecurity Improper Authentication vulnerability in Kguardsecurity Kg-Sha104 Firmware and Kg-Sha108 Firmware

Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server.

7.5
2017-08-18 CVE-2015-2675 Gnome Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Librest 0.7.92

The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.

7.5
2017-08-18 CVE-2017-12776 Nexusphp Project SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5

SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter.

7.5
2017-08-18 CVE-2017-11185 Strongswan NULL Pointer Dereference vulnerability in Strongswan

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.

7.5
2017-08-18 CVE-2017-12582 Qnap Missing Authorization vulnerability in Qnap Ts-212P Firmware 4.2.1

Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601.

7.5
2017-08-18 CVE-2015-1817 Musl Libc Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Musl-Libc Musl

Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors.

7.5
2017-08-18 CVE-2017-12942 Rarlab Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rarlab Unrar

libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.

7.5
2017-08-18 CVE-2017-12941 Rarlab Out-of-bounds Read vulnerability in Rarlab Unrar

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.

7.5
2017-08-18 CVE-2017-12940 Rarlab Out-of-bounds Read vulnerability in Rarlab Unrar

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.

7.5
2017-08-18 CVE-2017-12939 Unity3D
Microsoft
Improper Input Validation vulnerability in Unity3D Unity Editor

A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.

7.5
2017-08-18 CVE-2017-12933 PHP Out-of-bounds Read vulnerability in PHP

The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data.

7.5
2017-08-18 CVE-2017-12932 PHP Use After Free vulnerability in PHP

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size.

7.5
2017-08-17 CVE-2017-12910 Nexusphp Project SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5

SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter.

7.5
2017-08-17 CVE-2017-12909 Nexusphp Project SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5

SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.

7.5
2017-08-17 CVE-2017-12908 Nexusphp Project SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5

SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter.

7.5
2017-08-17 CVE-2017-7555 Augeas Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Augeas

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings.

7.5
2017-08-16 CVE-2017-7548 Postgresql
Debian
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
7.5
2017-08-16 CVE-2017-7546 Postgresql
Debian
Improper Authentication vulnerability in multiple products

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

7.5
2017-08-14 CVE-2017-9653 Osisoft Incorrect Authorization vulnerability in Osisoft products

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017.

7.5
2017-08-18 CVE-2017-3756 Lenovo
Microsoft
Unspecified vulnerability in Lenovo products

A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17.

7.2
2017-08-17 CVE-2017-6768 Cisco Untrusted Search Path vulnerability in Cisco Application Policy Infrastructure Controller

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.

7.2
2017-08-15 CVE-2017-8665 Microsoft Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Xamarin.Ios 10.11

The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability."

7.2
2017-08-17 CVE-2017-6790 Cisco Unspecified vulnerability in Cisco Telepresence Video Communication Server

A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance.

7.1
2017-08-19 CVE-2017-10661 Linux
Redhat
Debian
Use After Free vulnerability in multiple products

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

7.0

107 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-08-19 CVE-2017-11323 Estsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip

Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename.

6.8
2017-08-18 CVE-2017-12955 Exiv2 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26

There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26.

6.8
2017-08-18 CVE-2017-8272 Google Out-of-bounds Write vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.

6.8
2017-08-18 CVE-2017-8261 Google Unspecified vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a camera driver ioctl, a kernel overwrite can potentially occur.

6.8
2017-08-18 CVE-2017-8260 Google Improper Input Validation vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later.

6.8
2017-08-18 CVE-2017-8257 Google Race Condition vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use.

6.8
2017-08-18 CVE-2017-8256 Google Out-of-bounds Read vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses.

6.8
2017-08-18 CVE-2017-12881 Spring Batch Admin Project Cross-Site Request Forgery (CSRF) vulnerability in Spring Batch Admin Project Spring Batch Admin

Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.

6.8
2017-08-18 CVE-2015-5081 Django CMS Cross-Site Request Forgery (CSRF) vulnerability in Django-Cms Django CMS 3.1

Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.

6.8
2017-08-18 CVE-2017-12593 Asus Cross-Site Request Forgery (CSRF) vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac

ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.

6.8
2017-08-18 CVE-2017-12589 Tomaxcom Cross-Site Request Forgery (CSRF) vulnerability in Tomaxcom R60G Firmware and R60Gv2 Firmware

ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack.

6.8
2017-08-18 CVE-2017-10665 Phpgrid Path Traversal vulnerability in PHPgrid

Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd.

6.8
2017-08-17 CVE-2017-7556 Hawt Cross-Site Request Forgery (CSRF) vulnerability in Hawt Hawtio 1.5.3

Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.

6.8
2017-08-16 CVE-2017-12892 Foxitsoftware Untrusted Search Path vulnerability in Foxitsoftware PDF Compressor

Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.

6.8
2017-08-15 CVE-2017-12864 Opencv
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow.

6.8
2017-08-15 CVE-2017-12863 Opencv
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch.

6.8
2017-08-15 CVE-2017-12862 Opencv
Debian
Out-of-bounds Write vulnerability in multiple products

In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later.

6.8
2017-08-14 CVE-2017-12853 Rtsindia Cross-Site Request Forgery (CSRF) vulnerability in Rtsindia Rwr-3G-100 Firmware 1.0.56

The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.

6.8
2017-08-14 CVE-2017-9660 Fujielectric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft

A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0.

6.8
2017-08-14 CVE-2017-9659 Fujielectric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft

A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0.

6.8
2017-08-18 CVE-2017-12949 Podlove SQL Injection vulnerability in Podlove Podcast Publisher 2.5.3

lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.

6.5
2017-08-18 CVE-2017-12947 Easymodal Project SQL Injection vulnerability in Easymodal Project Easy Modal

classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.

6.5
2017-08-18 CVE-2017-12946 Easymodal Project SQL Injection vulnerability in Easymodal Project Easy Modal

classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.

6.5
2017-08-18 CVE-2015-5153 Pulp Project Permission Issues vulnerability in Pulp Project Pulp

Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name.

6.5
2017-08-18 CVE-2017-12592 Asus Unspecified vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac

ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability.

6.5
2017-08-18 CVE-2017-12420 Netapp Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Netapp Clustered Data Ontap

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code.

6.5
2017-08-14 CVE-2017-11156 Synology Incorrect Permission Assignment for Critical Resource vulnerability in Synology Download Station

Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors.

6.5
2017-08-14 CVE-2017-11150 Synology OS Command Injection vulnerability in Synology Office 2.2.01502/2.2.11506

Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.

6.5
2017-08-14 CVE-2017-1190 IBM Unspecified vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system.

6.2
2017-08-14 CVE-2017-9802 Apache Cross-site Scripting vulnerability in Apache Sling Servlets Post 2.3.20

The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.

6.1
2017-08-18 CVE-2017-12440 Openstack Missing Authentication for Critical Function vulnerability in Openstack 07132017

Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee.

6.0
2017-08-16 CVE-2017-6421 Google Classic Buffer Overflow vulnerability in Google Android

In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.

5.8
2017-08-18 CVE-2017-8270 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.

5.1
2017-08-18 CVE-2017-8266 Google Use After Free vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

5.1
2017-08-18 CVE-2017-8265 Google Race Condition vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.

5.1
2017-08-14 CVE-2017-9661 Simplight Uncontrolled Search Path Element vulnerability in Simplight Scada 4.3.0.27

An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior.

5.1
2017-08-18 CVE-2017-12963 Libsass Out-of-bounds Read vulnerability in Libsass 3.4.5

There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack.

5.0
2017-08-18 CVE-2017-12962 Libsass Missing Release of Resource after Effective Lifetime vulnerability in Libsass 3.4.5

There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack.

5.0
2017-08-18 CVE-2017-12961 GNU Improper Input Validation vulnerability in GNU Pspp 0.11.0

There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

5.0
2017-08-18 CVE-2017-12960 GNU Reachable Assertion vulnerability in GNU Pspp 0.11.0

There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

5.0
2017-08-18 CVE-2017-12959 GNU Reachable Assertion vulnerability in GNU Pspp 0.11.0

There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.

5.0
2017-08-18 CVE-2017-12958 GNU Out-of-bounds Read vulnerability in GNU Pspp 0.11.0

There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

5.0
2017-08-18 CVE-2017-9680 Google Information Exposure vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.

5.0
2017-08-18 CVE-2017-9679 Google Information Exposure vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs.

5.0
2017-08-18 CVE-2015-4071 Helpdesk PRO Project Information Exposure vulnerability in Helpdesk PRO Project Helpdesk PRO

The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}.

5.0
2017-08-18 CVE-2014-3451 Igniterealtime Improper Certificate Validation vulnerability in Igniterealtime Openfire

OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks.

5.0
2017-08-18 CVE-2015-7945 SPI INC Information Exposure vulnerability in Spi-Inc Ganeti

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.

5.0
2017-08-18 CVE-2015-7944 SPI INC Resource Management Errors vulnerability in Spi-Inc Ganeti

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation.

5.0
2017-08-18 CVE-2017-12944 Libtiff Allocation of Resources Without Limits or Throttling vulnerability in Libtiff 4.0.8

The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.

5.0
2017-08-18 CVE-2017-9454 Resiprocate Out-of-bounds Read vulnerability in Resiprocate

Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.

5.0
2017-08-18 CVE-2017-12938 Rarlab Path Traversal vulnerability in Rarlab Unrar

UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the .

5.0
2017-08-18 CVE-2017-12934 PHP Use After Free vulnerability in PHP

ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h.

5.0
2017-08-17 CVE-2017-6784 Cisco Information Exposure vulnerability in Cisco products

A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data.

5.0
2017-08-17 CVE-2017-6771 Cisco Information Exposure vulnerability in Cisco Ultra Services Framework 21.0.V0.65839

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information.

5.0
2017-08-17 CVE-2017-11662 Mindwerks Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2

The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

5.0
2017-08-17 CVE-2017-11661 Mindwerks Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2

The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

5.0
2017-08-15 CVE-2017-12852 Numpy Infinite Loop vulnerability in Numpy

The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation.

5.0
2017-08-17 CVE-2017-6782 Cisco Code Injection vulnerability in Cisco Prime Infrastructure 3.2(0.0)

A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application.

4.9
2017-08-18 CVE-2017-11160 Synology Untrusted Search Path vulnerability in Synology Assistant

Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.

4.6
2017-08-18 CVE-2017-11653 Razer Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file.

4.6
2017-08-18 CVE-2017-11652 Razer Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.

4.6
2017-08-18 CVE-2015-3649 Open URI Cached Project Improper Input Validation vulnerability in Open-Uri-Cached Project Open-Uri-Cached 20120107

The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created.

4.6
2017-08-18 CVE-2015-1878 Thalesesecurity Permissions, Privileges, and Access Controls vulnerability in Thalesesecurity Nshield Connect Firmware

Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel.

4.6
2017-08-17 CVE-2017-6786 Cisco Information Exposure vulnerability in Cisco Elastic Services Controller 2.2(9.76)

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system.

4.6
2017-08-17 CVE-2017-6781 Cisco Improper Authentication vulnerability in Cisco Policy Suite

A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system.

4.6
2017-08-17 CVE-2017-6775 Cisco Unspecified vulnerability in Cisco ASR 5000 Software 21.0.V0.65839

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges.

4.6
2017-08-17 CVE-2017-6773 Cisco Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system.

4.6
2017-08-17 CVE-2017-6767 Cisco Improper Privilege Management vulnerability in Cisco Application Policy Infrastructure Controller

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned.

4.6
2017-08-14 CVE-2017-1469 IBM Code Injection vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories.

4.6
2017-08-14 CVE-2017-9662 Fujielectric Improper Privilege Management vulnerability in Fujielectric Monitouch V-Sft

An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0.

4.6
2017-08-20 CVE-2017-12973 Connect2Id Improper Validation of Integrity Check Value vulnerability in Connect2Id Nimbus Jose+Jwt

Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack.

4.3
2017-08-20 CVE-2017-12966 Asn1C Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asn1C Project Asn1C 0.9.28

The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file.

4.3
2017-08-19 CVE-2017-12967 GNU Out-of-bounds Read vulnerability in GNU Binutils 2.29

The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.

4.3
2017-08-18 CVE-2017-12957 Exiv2 Out-of-bounds Read vulnerability in Exiv2 0.26

There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp.

4.3
2017-08-18 CVE-2017-12956 Exiv2 Out-of-bounds Read vulnerability in Exiv2 0.26

There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.

4.3
2017-08-18 CVE-2017-8254 Google Information Exposure vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.

4.3
2017-08-18 CVE-2017-12948 Pressforward Cross-site Scripting vulnerability in Pressforward

Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF.

4.3
2017-08-18 CVE-2015-5057 Broken Link Checker Project Cross-site Scripting vulnerability in Broken Link Checker Project Broken Link Checker

Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed.

4.3
2017-08-18 CVE-2017-0687 Google Unspecified vulnerability in Google Android

A denial of service vulnerability in the Android media framework (libavc).

4.3
2017-08-18 CVE-2017-9816 Paessler Cross-site Scripting vulnerability in Paessler Prtg Network Monitor

Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-08-18 CVE-2017-12859 Netapp Improper Input Validation vulnerability in Netapp Data Ontap

NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.

4.3
2017-08-18 CVE-2017-12680 Nexusphp Project Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5

Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php.

4.3
2017-08-18 CVE-2017-1501 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings.

4.3
2017-08-18 CVE-2017-12927 Cacti Cross-site Scripting vulnerability in Cacti 1.1.17

A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php.

4.3
2017-08-17 CVE-2017-6788 Cisco Cross-site Scripting vulnerability in Cisco Anyconnect Secure Mobility Client 4.4(4027)/4.5(58)

The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software.

4.3
2017-08-17 CVE-2017-6776 Cisco Cross-site Scripting vulnerability in Cisco Elastic Services Controller 2.2(9.76)/2.3(1)

A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

4.3
2017-08-17 CVE-2017-12907 Nexusphp Project Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5

Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url path to usersearch.php.

4.3
2017-08-17 CVE-2017-12445 Minidjvu Project Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8

The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

4.3
2017-08-17 CVE-2017-12444 Minidjvu Project Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8

The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

4.3
2017-08-17 CVE-2017-12443 Minidjvu Project Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8

The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

4.3
2017-08-17 CVE-2017-12442 Minidjvu Project Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8

The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

4.3
2017-08-17 CVE-2017-12441 Minidjvu Project Out-of-bounds Read vulnerability in Minidjvu Project Minidjvu 0.8

The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

4.3
2017-08-17 CVE-2017-11664 Mindwerks Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2

The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

4.3
2017-08-17 CVE-2017-11663 Mindwerks Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2

The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

4.3
2017-08-14 CVE-2016-6029 IBM Information Exposure vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

4.3
2017-08-18 CVE-2017-8446 Elasticsearch Improper Privilege Management vulnerability in Elasticsearch X-Pack and X-Pack Reporting

The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability.

4.0
2017-08-18 CVE-2015-4082 Attic Project Permissions, Privileges, and Access Controls vulnerability in Attic Project Attic

attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file".

4.0
2017-08-17 CVE-2017-6785 Cisco Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5)/11.0(1.10000.10)/11.5(1.10000.6)

A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration.

4.0
2017-08-17 CVE-2017-6783 Cisco Information Exposure vulnerability in Cisco products

A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user.

4.0
2017-08-17 CVE-2017-6778 Cisco Information Exposure vulnerability in Cisco Ultra Services Platform 21.0.V0.65839

A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information.

4.0
2017-08-17 CVE-2017-6777 Cisco Information Exposure vulnerability in Cisco Elastic Services Controller 2.3/2.3(2)

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information.

4.0
2017-08-17 CVE-2017-6774 Cisco Files or Directories Accessible to External Parties vulnerability in Cisco ASR 5000 Software 21.0.V0.65839

A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files.

4.0
2017-08-17 CVE-2017-6772 Cisco Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2)

A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information.

4.0
2017-08-16 CVE-2017-7547 Postgresql Unspecified vulnerability in Postgresql

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.

4.0
2017-08-14 CVE-2017-12851 Kanboard Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard

An authenticated standard user could reset the password of the admin by altering form data.

4.0
2017-08-14 CVE-2017-12850 Kanboard Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard

An authenticated standard user could reset the password of other users (including the admin) by altering form data.

4.0
2017-08-14 CVE-2017-11149 Synology Server-Side Request Forgery (SSRF) vulnerability in Synology Download Station

Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted URI.

4.0

13 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-08-18 CVE-2017-12882 Spring Batch Admin Project Cross-site Scripting vulnerability in Spring Batch Admin Project Spring Batch Admin

Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.

3.5
2017-08-18 CVE-2017-12591 Asus Cross-site Scripting vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac

ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter.

3.5
2017-08-18 CVE-2017-9767 Quali Cross-site Scripting vulnerability in Quali Cloudshell

Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Name or (2) Description parameter to RM/Reservation/ReserveNew; the (3) Description parameter to RM/Topology/Update; the (4) Name, (5) Description, (6) ExecutionBatches[0].Name, (7) ExecutionBatches[0].Description, or (8) Labels parameter to SnQ/JobTemplate/Edit; or (9) Alias or (10) Description parameter to RM/AbstractTemplate/AddOrUpdateAbstractTemplate.

3.5
2017-08-18 CVE-2017-1338 IBM Cross-site Scripting vulnerability in IBM products

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.

3.5
2017-08-14 CVE-2016-6021 IBM Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management

IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting.

3.5
2017-08-14 CVE-2017-9655 Osisoft Cross-site Scripting vulnerability in Osisoft products

A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017.

3.5
2017-08-18 CVE-2017-9682 Google Race Condition vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition.

2.6
2017-08-16 CVE-2016-5858 Google Information Exposure vulnerability in Google Android

In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.

2.6
2017-08-16 CVE-2016-5855 Google Information Exposure vulnerability in Google Android

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.

2.6
2017-08-16 CVE-2016-5854 Google Information Exposure vulnerability in Google Android

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.

2.6
2017-08-16 CVE-2016-5347 Google Information Exposure vulnerability in Google Android

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.

2.6
2017-08-18 CVE-2017-8445 Elastic Improper Certificate Validation vulnerability in Elastic X-Pack

An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1.

2.1
2017-08-15 CVE-2017-12855 XEN Information Exposure vulnerability in XEN

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use.

2.1