Weekly Vulnerabilities Reports > August 21 to 27, 2017
Overview
154 new vulnerabilities reported during this period, including 28 critical vulnerabilities and 56 high severity vulnerabilities. This weekly summary report vulnerabilities in 127 products from 85 vendors including Imagemagick, Debian, Canonical, Atlassian, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Path Traversal", and "Improper Input Validation".
- 123 reported vulnerabilities are remotely exploitables.
- 40 reported vulnerabilities have public exploit available.
- 55 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 105 reported vulnerabilities are exploitable by an anonymous user.
- Imagemagick has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Nexusphp has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
28 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-27 | CVE-2017-13707 | Axcient | Improper Privilege Management vulnerability in Axcient Replibit 2017.05.11 Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. | 9.8 |
2017-08-25 | CVE-2017-12816 | Kaspersky | Incorrect Permission Assignment for Critical Resource vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC. | 9.8 |
2017-08-25 | CVE-2017-12707 | Spidercontrol | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Spidercontrol Scada Microbrowser 1.6.30.144 A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. | 9.8 |
2017-08-25 | CVE-2014-7859 | D Link | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link products Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and "Referer" header values. | 9.8 |
2017-08-25 | CVE-2014-7858 | D Link | Improper Authentication vulnerability in D-Link Dnr-326 Firmware The check_login function in D-Link DNR-326 before 2.10 build 03 allows remote attackers to bypass authentication and log in by setting the username cookie parameter to an arbitrary string. | 9.8 |
2017-08-25 | CVE-2014-7857 | D Link | Improper Authentication vulnerability in D-Link products D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin. | 9.8 |
2017-08-24 | CVE-2015-8352 | ZEN Cart | Path Traversal vulnerability in Zen-Cart ZEN Cart 1.5.4 Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. | 9.8 |
2017-08-24 | CVE-2015-1801 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S4 Firmware I9500Xxuemk8 The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges. | 9.8 |
2017-08-24 | CVE-2017-13669 | Nexusphp | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php. | 9.8 |
2017-08-24 | CVE-2017-12679 | Nexusphp | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php. | 9.8 |
2017-08-23 | CVE-2017-11357 | Telerik | Unrestricted Upload of File with Dangerous Type vulnerability in Telerik UI for Asp.Net Ajax Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | 9.8 |
2017-08-23 | CVE-2017-11317 | Telerik | Inadequate Encryption Strength vulnerability in Telerik UI for Asp.Net Ajax Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | 9.8 |
2017-08-23 | CVE-2017-12965 | Apache2Triad | Session Fixation vulnerability in Apache2Triad 1.5.4 Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web sessions via the PHPSESSID parameter. | 9.8 |
2017-08-23 | CVE-2015-5224 | Kernel | Unspecified vulnerability in Kernel Util-Linux The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks. | 9.8 |
2017-08-23 | CVE-2017-13137 | Formcrafts | SQL Injection vulnerability in Formcrafts Formcraft 1.0.5 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. | 9.8 |
2017-08-23 | CVE-2017-12858 | Libzip | Double Free vulnerability in Libzip 1.2.0 Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors. | 9.8 |
2017-08-23 | CVE-2017-12791 | Saltstack | Path Traversal vulnerability in Saltstack Salt Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. | 9.8 |
2017-08-23 | CVE-2017-13139 | Imagemagick Debian Canonical | Out-of-bounds Read vulnerability in multiple products In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | 9.8 |
2017-08-22 | CVE-2016-4460 | Apache | Improper Authentication vulnerability in Apache Pony Mail 0.6C/0.7B/0.8B Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication. | 9.8 |
2017-08-22 | CVE-2015-6473 | Wago | 7PK - Security Features vulnerability in Wago 750-849 Firmware and 758-870 Firmware WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation. | 9.8 |
2017-08-22 | CVE-2015-6472 | Wago | Credentials Management vulnerability in Wago products WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management. | 9.8 |
2017-08-22 | CVE-2017-12787 | Noviflow | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. | 9.8 |
2017-08-22 | CVE-2017-12786 | Noviflow | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. | 9.8 |
2017-08-22 | CVE-2017-12785 | Noviflow | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. | 9.8 |
2017-08-22 | CVE-2015-2857 | Accellion | Command Injection vulnerability in Accellion File Transfer Appliance 80540/911200 Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter. | 9.8 |
2017-08-21 | CVE-2017-7420 | Microfocus | Improper Authentication vulnerability in Microfocus products An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275). | 9.8 |
2017-08-21 | CVE-2017-12981 | Nexusphp | SQL Injection vulnerability in Nexusphp 1.5 NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action. | 9.8 |
2017-08-21 | CVE-2017-11366 | Codiad | OS Command Injection vulnerability in Codiad components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by search_file_type. | 9.8 |
56 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-25 | CVE-2017-7926 | Osisoft | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API 1.8 A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). | 8.8 |
2017-08-25 | CVE-2017-12857 | Polycom | Information Exposure vulnerability in Polycom Unified Communications Software Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. | 8.8 |
2017-08-25 | CVE-2017-12703 | Westermo | Cross-Site Request Forgery (CSRF) vulnerability in Westermo products A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 8.8 |
2017-08-24 | CVE-2015-8355 | Orion Soft | SQL Injection vulnerability in Orion-Soft Bitrix 2.1.2 Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php. | 8.8 |
2017-08-24 | CVE-2015-7259 | ZTE | Credentials Management vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57 ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs. | 8.8 |
2017-08-24 | CVE-2015-7258 | ZTE | Credentials Management vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57 ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection. | 8.8 |
2017-08-24 | CVE-2017-12137 | XEN Citrix Debian | Classic Buffer Overflow vulnerability in multiple products arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | 8.8 |
2017-08-24 | CVE-2017-12135 | XEN Citrix Debian | Incorrect Calculation vulnerability in multiple products Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. | 8.8 |
2017-08-24 | CVE-2017-12134 | XEN Citrix | Incorrect Calculation vulnerability in multiple products The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. | 8.8 |
2017-08-23 | CVE-2017-13147 | Graphicsmagick | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | 8.8 |
2017-08-23 | CVE-2017-12970 | Apache2Triad | Cross-Site Request Forgery (CSRF) vulnerability in Apache2Triad 1.5.4 Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack the authentication of authenticated users for requests that (1) add or (2) delete user accounts via a request to phpsftpd/users.php. | 8.8 |
2017-08-23 | CVE-2017-12904 | Newsbeuter Debian | Improper Neutralization of Special Elements in Data Query Logic vulnerability in multiple products Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL. | 8.8 |
2017-08-23 | CVE-2017-11610 | Supervisord Fedoraproject Debian Redhat | Incorrect Default Permissions vulnerability in multiple products The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. | 8.8 |
2017-08-23 | CVE-2017-13146 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c. | 8.8 |
2017-08-22 | CVE-2017-5208 | Icoutils Project Debian Redhat | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. | 8.8 |
2017-08-22 | CVE-2015-5258 | Fedoraproject Vmware | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3. | 8.8 |
2017-08-22 | CVE-2017-7557 | Powerdns | Cross-Site Request Forgery (CSRF) vulnerability in Powerdns Dnsdist 1.1.0 dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack. | 8.8 |
2017-08-21 | CVE-2017-7423 | Microfocus | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Enterprise Developer and Enterprise Server A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. | 8.8 |
2017-08-21 | CVE-2017-5187 | Microfocus | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus products A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter (CWE-275) configuration information and inject OS commands (CWE-78) via forged requests. | 8.8 |
2017-08-21 | CVE-2017-12983 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.68 Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 8.8 |
2017-08-25 | CVE-2015-3206 | Apple | Improper Authentication vulnerability in Apple Pykerberos The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other unspecified impact by performing a man-in-the-middle attack. | 8.1 |
2017-08-27 | CVE-2017-12595 | Qpdf Project | Improper Input Validation vulnerability in Qpdf Project Qpdf 6.0.0/7.0.B1 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc. | 7.8 |
2017-08-25 | CVE-2017-9650 | Automatedlogic Carrier | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 7.8 |
2017-08-25 | CVE-2015-1324 | Canonical | Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries. | 7.8 |
2017-08-24 | CVE-2017-13686 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel 4.13 net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system calls. | 7.8 |
2017-08-24 | CVE-2015-8308 | Lxdm Project | Improper Authentication vulnerability in Lxdm Project Lxdm LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections. | 7.8 |
2017-08-24 | CVE-2017-12136 | XEN Citrix Debian | Race Condition vulnerability in multiple products Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling. | 7.8 |
2017-08-24 | CVE-2017-0805 | Improper Validation of Array Index vulnerability in Google Android A elevation of privilege vulnerability in the Android media framework (libstagefright). | 7.8 | |
2017-08-23 | CVE-2017-11159 | Synology | Untrusted Search Path vulnerability in Synology Photo Station Uploader Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | 7.8 |
2017-08-23 | CVE-2017-13130 | BMC | Uncontrolled Search Path Element vulnerability in BMC Patrol mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring. | 7.8 |
2017-08-22 | CVE-2015-3617 | Fortinet | Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortimanager Firmware Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands. | 7.8 |
2017-08-21 | CVE-2017-6329 | Symantec | Uncontrolled Search Path Element vulnerability in Symantec VIP Access for Desktop 2.2.3 Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. | 7.8 |
2017-08-27 | CVE-2017-13710 | GNU | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | 7.5 |
2017-08-27 | CVE-2017-13709 | Flightgear | Improper Input Validation vulnerability in Flightgear 2017.2.1 In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. | 7.5 |
2017-08-25 | CVE-2017-12817 | Kaspersky | Missing Encryption of Sensitive Data vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted. | 7.5 |
2017-08-25 | CVE-2017-12694 | Spidercontrol | Path Traversal vulnerability in Spidercontrol Scada web Server A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. | 7.5 |
2017-08-25 | CVE-2015-4181 | Phpmybackuppro | Path Traversal vulnerability in PHPmybackuppro Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. | 7.5 |
2017-08-25 | CVE-2015-4180 | Phpmybackuppro | Path Traversal vulnerability in PHPmybackuppro Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. | 7.5 |
2017-08-25 | CVE-2015-4017 | Saltstack | Improper Certificate Validation vulnerability in Saltstack Salt 2014.7.5 Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules. | 7.5 |
2017-08-25 | CVE-2015-1395 | Fedoraproject Canonical GNU | Path Traversal vulnerability in multiple products Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. | 7.5 |
2017-08-25 | CVE-2016-5816 | Westermo | Use of Hard-coded Credentials vulnerability in Westermo products A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 7.5 |
2017-08-25 | CVE-2017-13692 | Htacg | Improper Input Validation vulnerability in Htacg Tidy 5.5.31 In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument. | 7.5 |
2017-08-24 | CVE-2015-7516 | Onosproject | NULL Pointer Dereference vulnerability in Onosproject Onos ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870). | 7.5 |
2017-08-24 | CVE-2015-7257 | ZTE | Weak Password Recovery Mechanism for Forgotten Password vulnerability in ZTE Zxv10 W300 Firmware W300V2.1.0Fer7Peo57/W300V2.1.0Her7Peo57 ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin". | 7.5 |
2017-08-24 | CVE-2015-1800 | Samsung | Information Exposure vulnerability in Samsung Galaxy S4 Firmware I9500Xxuemk8 The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information. | 7.5 |
2017-08-24 | CVE-2017-9511 | Atlassian | Path Traversal vulnerability in Atlassian Crucible The MultiPathResource class in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to read arbitrary files via a path traversal vulnerability when Fisheye or Crucible is running on the Microsoft Windows operating system. | 7.5 |
2017-08-24 | CVE-2017-9512 | Atlassian | Information Exposure vulnerability in Atlassian Crucible The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks. | 7.5 |
2017-08-24 | CVE-2017-11424 | Pyjwt Project Debian | In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. | 7.5 |
2017-08-24 | CVE-2017-12836 | GNU Canonical Debian | CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar." | 7.5 |
2017-08-23 | CVE-2017-13143 | Imagemagick | Information Exposure vulnerability in Imagemagick In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory. | 7.5 |
2017-08-21 | CVE-2017-8037 | Cloudfoundry | Information Exposure vulnerability in Cloudfoundry Capi-Release and Cf-Release In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. | 7.5 |
2017-08-21 | CVE-2017-12784 | Ccfile | Improper Input Validation vulnerability in Ccfile CC File Transfer 3.6 In Youngzsoft CCFile (aka CC File Transfer) 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. | 7.5 |
2017-08-25 | CVE-2017-7930 | Osisoft | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 7.4 |
2017-08-21 | CVE-2017-12977 | 10Web | SQL Injection vulnerability in 10Web Photo Gallery The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. | 7.2 |
2017-08-25 | CVE-2017-9644 | Automatedlogic Carrier | Unquoted Search Path or Element vulnerability in multiple products An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 7.0 |
2017-08-25 | CVE-2015-1325 | Canonical | Race Condition vulnerability in Canonical Ubuntu Linux Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges. | 7.0 |
69 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-26 | CVE-2017-7693 | Riverbed | Path Traversal vulnerability in Riverbed Opnet APP Response Xpert 9.6.1 Directory traversal vulnerability in viewer_script.jsp in Riverbed OPNET App Response Xpert (ARX) version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files. | 6.5 |
2017-08-24 | CVE-2015-7896 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | 6.5 |
2017-08-24 | CVE-2017-12074 | Synology | Path Traversal vulnerability in Synology DNS Server Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter. | 6.5 |
2017-08-24 | CVE-2017-13658 | Imagemagick | Reachable Assertion vulnerability in Imagemagick In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. | 6.5 |
2017-08-23 | CVE-2017-13648 | Graphicsmagick | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | 6.5 |
2017-08-23 | CVE-2017-12809 | Qemu Debian | NULL Pointer Dereference vulnerability in multiple products QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. | 6.5 |
2017-08-23 | CVE-2017-13145 | Imagemagick Debian Canonical | Improper Input Validation vulnerability in multiple products In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash. | 6.5 |
2017-08-23 | CVE-2017-13144 | Imagemagick | Improper Input Validation vulnerability in Imagemagick In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder. | 6.5 |
2017-08-23 | CVE-2017-13142 | Imagemagick | Improper Check for Unusual or Exceptional Conditions vulnerability in Imagemagick In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. | 6.5 |
2017-08-23 | CVE-2017-13141 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. | 6.5 |
2017-08-23 | CVE-2017-13140 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT. | 6.5 |
2017-08-23 | CVE-2017-13134 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
2017-08-23 | CVE-2017-13133 | Imagemagick | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. | 6.5 |
2017-08-23 | CVE-2017-13132 | Imagemagick | Reachable Assertion vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file. | 6.5 |
2017-08-23 | CVE-2017-13131 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file. | 6.5 |
2017-08-22 | CVE-2017-12843 | Cyrusimap Fedoraproject | Improper Input Validation vulnerability in multiple products Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command. | 6.5 |
2017-08-22 | CVE-2017-13066 | Graphicsmagick | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | 6.5 |
2017-08-22 | CVE-2017-13065 | Graphicsmagick Debian | NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | 6.5 |
2017-08-22 | CVE-2017-13064 | Graphicsmagick Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | 6.5 |
2017-08-22 | CVE-2017-13063 | Graphicsmagick Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | 6.5 |
2017-08-22 | CVE-2017-13062 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file. | 6.5 |
2017-08-22 | CVE-2017-13061 | Imagemagick | Improper Input Validation vulnerability in Imagemagick 7.0.65 In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. | 6.5 |
2017-08-22 | CVE-2017-13060 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.65 In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
2017-08-22 | CVE-2017-13059 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file. | 6.5 |
2017-08-22 | CVE-2017-13058 | Imagemagick | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
2017-08-21 | CVE-2017-7424 | Microfocus | Path Traversal vulnerability in Microfocus Enterprise Developer and Enterprise Server A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is configured. | 6.5 |
2017-08-25 | CVE-2017-9640 | Automatedlogic Carrier | Path Traversal vulnerability in multiple products A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 6.3 |
2017-08-23 | CVE-2017-12847 | Nagios | Improper Initialization vulnerability in Nagios Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill `cat /pathname/nagios.lock`" command. | 6.3 |
2017-08-25 | CVE-2015-5701 | TUG | Link Following vulnerability in TUG Texlive mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. | 6.1 |
2017-08-25 | CVE-2015-5700 | TUG | Link Following vulnerability in TUG Texlive mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. | 6.1 |
2017-08-25 | CVE-2015-3257 | Zend | Cross-site Scripting vulnerability in Zend Diactoros Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not properly sanitize path input, which allows remote attackers to perform cross-site scripting (XSS) or open redirect attacks. | 6.1 |
2017-08-25 | CVE-2014-9564 | IBM | CRLF Injection vulnerability in IBM En6131 Firmware and Ib6131 Firmware CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting (XSS) attacks, or obtain sensitive information via multiple unspecified parameters. | 6.1 |
2017-08-25 | CVE-2017-13697 | Finecms Project | Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.11 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable. | 6.1 |
2017-08-24 | CVE-2015-4699 | Cloud4Wi | Cross-site Scripting vulnerability in Cloud4Wi Splash Portal 5.9.6 Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI. | 6.1 |
2017-08-24 | CVE-2017-13671 | Misp | Cross-site Scripting vulnerability in Misp app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. | 6.1 |
2017-08-23 | CVE-2017-9506 | Atlassian | Server-Side Request Forgery (SSRF) vulnerability in Atlassian Oauth The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF). | 6.1 |
2017-08-23 | CVE-2017-12971 | Apache2Triad | Cross-site Scripting vulnerability in Apache2Triad 1.5.4 Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php. | 6.1 |
2017-08-23 | CVE-2017-13138 | Qodeinteractive | Cross-site Scripting vulnerability in Qodeinteractive Bridge DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme before 11.2 for WordPress allows remote attackers to inject arbitrary JavaScript. | 6.1 |
2017-08-22 | CVE-2014-6189 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Security Network Protection 3100, 4100, 5100, and 7100 devices with firmware 5.2 before 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 and 5.3 before 5.3.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-08-21 | CVE-2017-7421 | Microfocus | Cross-site Scripting vulnerability in Microfocus products Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features. | 6.1 |
2017-08-21 | CVE-2017-12984 | Phpmywind | Cross-site Scripting vulnerability in PHPmywind 5.3 PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, admin/message.php, and admin/message_update.php. | 6.1 |
2017-08-21 | CVE-2017-12980 | Dokuwiki | Cross-site Scripting vulnerability in Dokuwiki DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. | 6.1 |
2017-08-21 | CVE-2017-12979 | Dokuwiki | Cross-site Scripting vulnerability in Dokuwiki DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. | 6.1 |
2017-08-25 | CVE-2017-7934 | Osisoft | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 5.9 |
2017-08-24 | CVE-2015-5293 | Redhat | Improper Access Control vulnerability in Redhat Enterprise Virtualization Manager Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable. | 5.9 |
2017-08-24 | CVE-2014-4616 | Python Simplejson Project Opensuse Project Opensuse | Improper Validation of Array Index vulnerability in multiple products Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. | 5.9 |
2017-08-25 | CVE-2015-3211 | PHP FPM | Link Following vulnerability in PHP-Fpm php-fpm allows local users to write to or create arbitrary files via a symlink attack. | 5.5 |
2017-08-25 | CVE-2014-9637 | Fedoraproject Mageia Canonical GNU | Resource Management Errors vulnerability in multiple products GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | 5.5 |
2017-08-25 | CVE-2017-13695 | Linux | Information Exposure vulnerability in Linux Kernel The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. | 5.5 |
2017-08-25 | CVE-2017-13694 | Linux | Information Exposure vulnerability in Linux Kernel The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. | 5.5 |
2017-08-25 | CVE-2017-13693 | Linux | Information Exposure vulnerability in Linux Kernel The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. | 5.5 |
2017-08-24 | CVE-2017-13666 | Multicorewareinc | Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265 An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. | 5.5 |
2017-08-23 | CVE-2017-13649 | Unrealircd | Improper Initialization vulnerability in Unrealircd UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command. | 5.5 |
2017-08-22 | CVE-2016-6310 | Redhat | Information Exposure vulnerability in Redhat Enterprise Virtualization oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. | 5.5 |
2017-08-21 | CVE-2017-12982 | Uclouvain | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c. | 5.5 |
2017-08-24 | CVE-2017-9555 | Synology | Cross-site Scripting vulnerability in Synology Photo Station Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 5.4 |
2017-08-24 | CVE-2017-12879 | Paessler | Cross-site Scripting vulnerability in Paessler Prtg Network Monitor Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML. | 5.4 |
2017-08-24 | CVE-2017-9510 | Atlassian | Cross-site Scripting vulnerability in Atlassian Fisheye The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters. | 5.4 |
2017-08-24 | CVE-2017-9509 | Atlassian | Cross-site Scripting vulnerability in Atlassian Crucible The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file. | 5.4 |
2017-08-24 | CVE-2017-9508 | Atlassian | Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file. | 5.4 |
2017-08-24 | CVE-2017-9507 | Atlassian | Cross-site Scripting vulnerability in Atlassian Crucible The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the review filter title parameter. | 5.4 |
2017-08-21 | CVE-2017-7422 | Microfocus | Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features, if this component is configured. | 5.4 |
2017-08-21 | CVE-2017-12978 | Cacti | Cross-site Scripting vulnerability in Cacti lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user. | 5.4 |
2017-08-25 | CVE-2014-7860 | D Link | Information Exposure vulnerability in D-Link Dns-320L Firmware and Dns-327L Firmware The web/web_file/fb_publish.php script in D-Link DNS-320L before 1.04b12 and DNS-327L before 1.03b04 Build0119 does not authenticate requests, which allows remote attackers to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album_id and access_token. | 5.3 |
2017-08-25 | CVE-2017-12709 | Westermo | Use of Hard-coded Credentials vulnerability in Westermo products A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. | 5.3 |
2017-08-24 | CVE-2015-5146 | Fedoraproject Debian NTP | Improper Input Validation vulnerability in multiple products ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. | 5.3 |
2017-08-22 | CVE-2016-6311 | Redhat | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform 7.0 Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers. | 5.3 |
2017-08-22 | CVE-2016-2102 | Haproxy | Improper Authentication vulnerability in Haproxy HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. | 5.3 |
2017-08-23 | CVE-2017-12844 | Icewarp | Cross-site Scripting vulnerability in Icewarp Mail Server 10.4.4 Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name. | 4.8 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-08-22 | CVE-2017-1422 | IBM | Information Exposure vulnerability in IBM Maas360 DTM 3.81 IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. | 3.3 |