Weekly Vulnerabilities Reports > September 11 to 17, 2017

Overview

444 new vulnerabilities reported during this period, including 34 critical vulnerabilities and 181 high severity vulnerabilities. This weekly summary report vulnerabilities in 354 products from 114 vendors including Microsoft, Tcpdump, Stdutility, Debian, and Dlink. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Out-of-bounds Read", "Information Exposure", "SQL Injection", and "Cross-site Scripting".

  • 328 reported vulnerabilities are remotely exploitables.
  • 40 reported vulnerabilities have public exploit available.
  • 94 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 396 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 105 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 12 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

34 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-09-17 CVE-2017-14244 Iball Forced Browsing vulnerability in Iball Ib-Wra150N Firmware Fwiblr7011A1.0.2

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.

10.0
2017-09-17 CVE-2017-14243 Utstar Improper Authentication vulnerability in Utstar Wa3002G4 Firmware Wa3002G40021.01

An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi, resetrouter.cgi, and password.cgi.

10.0
2017-09-15 CVE-2017-9328 Terra Master OS Command Injection vulnerability in Terra-Master Terramaster Operating System

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.

10.0
2017-09-15 CVE-2017-10845 Nttdocomo Unspecified vulnerability in Nttdocomo Wi-Fi Station L-02F Firmware

Wi-Fi STATION L-02F Software version V10g and earlier allows remote attackers to access the device with administrative privileges and perform unintended operations through a backdoor account.

10.0
2017-09-13 CVE-2017-11351 Axesstel Use of Hard-coded Credentials vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14

Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account.

10.0
2017-09-11 CVE-2017-7649 Eclipse Improper Authentication vulnerability in Eclipse Kura 2.0.2

The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured.

10.0
2017-09-14 CVE-2013-7429 Mapsplugin XML Injection (aka Blind XPath Injection) vulnerability in Mapsplugin Googlemaps 3.0

The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.

9.8
2017-09-13 CVE-2017-14429 Dlink OS Command Injection vulnerability in Dlink Dir-850L Firmware

The DHCP client on D-Link DIR-850L REV.

9.8
2017-09-13 CVE-2017-14421 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

9.8
2017-09-13 CVE-2017-14417 Dlink Missing Authentication for Critical Function vulnerability in Dlink Dir-850L Firmware

register_send.php on D-Link DIR-850L REV.

9.8
2017-09-13 CVE-2017-11462 MIT
Fedoraproject
Double Free vulnerability in multiple products

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

9.8
2017-09-13 CVE-2015-5206 Apache Unspecified vulnerability in Apache Traffic Server 5.3.0/5.3.1

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.

9.8
2017-09-13 CVE-2015-5168 Apache Unspecified vulnerability in Apache Traffic Server 5.3.0/5.3.1

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.

9.8
2017-09-15 CVE-2017-10860 DAJ Untrusted Search Path vulnerability in DAJ I-Filter Installer 6.0

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.

9.3
2017-09-15 CVE-2017-10859 DAJ Untrusted Search Path vulnerability in DAJ I-Filter Installer 6.0

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-09-15 CVE-2017-10858 DAJ Untrusted Search Path vulnerability in DAJ I-Filter Installer

Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-09-15 CVE-2017-10855 Fujitsu
Microsoft
Untrusted Search Path vulnerability in Fujitsu Fence-Explorer

Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-09-13 CVE-2017-8759 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."

9.3
2017-09-13 CVE-2017-8744 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2017-09-13 CVE-2017-8743 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office Online Server, Powerpoint and Sharepoint Server

A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability".

9.3
2017-09-13 CVE-2017-8742 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability".

9.3
2017-09-13 CVE-2017-8725 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Publisher 2007/2010

A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".

9.3
2017-09-13 CVE-2017-8692 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle objects in memory, aka "Uniscribe Remote Code Execution Vulnerability".

9.3
2017-09-13 CVE-2017-8682 Microsoft Improper Input Validation vulnerability in Microsoft products

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office 2007 Service Pack 3 , and Microsoft Office 2010 Service Pack 2 allows an attacker to execute remote code by the way it handles embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability".

9.3
2017-09-13 CVE-2017-8660 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

9.3
2017-09-13 CVE-2017-8632 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2017-09-13 CVE-2017-8630 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office 2016

Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2017-09-13 CVE-2017-8567 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel for mac 2011

A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution".

9.3
2017-09-11 CVE-2017-14263 Honeywell Session Fixation vulnerability in Honeywell products

Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI.

9.3
2017-09-11 CVE-2017-14262 Samsung Inadequate Encryption Strength vulnerability in Samsung products

On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter.

9.3
2017-09-15 CVE-2014-9463 Vbseo
Vbulletin
Code Injection vulnerability in Vbseo

functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.

9.0
2017-09-13 CVE-2017-12249 Cisco Exposure of Resource to Wrong Sphere vulnerability in Cisco Meeting Server

A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system.

9.0
2017-09-12 CVE-2015-9228 Imagely Unrestricted Upload of File with Dangerous Type vulnerability in Imagely Nextgen Gallery

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.

9.0
2017-09-11 CVE-2015-4523 Symantec Permissions, Privileges, and Access Controls vulnerability in Symantec Malware Analysis Appliance and Malware Analyzer G2

Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute arbitrary code via vectors related to saving files during analysis.

9.0

181 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-09-13 CVE-2017-2816 Libofx Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11.

8.8
2017-09-13 CVE-2016-8744 Apache Deserialization of Untrusted Data vulnerability in Apache Brooklyn

Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs.

8.8
2017-09-13 CVE-2016-8737 Apache Cross-Site Request Forgery (CSRF) vulnerability in Apache Brooklyn

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user.

8.8
2017-09-14 CVE-2017-0782 Google Classic Buffer Overflow vulnerability in Google Android

A remote code execution vulnerability in the Android system (bluetooth).

8.3
2017-09-14 CVE-2017-0781 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in the Android system (bluetooth).

8.3
2017-09-13 CVE-2017-14418 Dlink Insufficiently Protected Credentials vulnerability in Dlink Dir-850L Firmware

The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV.

8.1
2017-09-12 CVE-2017-1000251 Linux
Debian
Nvidia
Redhat
Out-of-bounds Write vulnerability in multiple products

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

8.0
2017-09-12 CVE-2017-14315 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data.

7.9
2017-09-15 CVE-2017-14497 Linux
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls.

7.8
2017-09-13 CVE-2017-14428 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.8
2017-09-13 CVE-2017-14427 Dlink Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.8
2017-09-13 CVE-2017-14426 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.8
2017-09-13 CVE-2017-14425 Dlink Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.8
2017-09-13 CVE-2017-14424 Dlink Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.8
2017-09-13 CVE-2017-8631 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

7.8
2017-09-15 CVE-2017-10814 Corega Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Corega WLR 300 NM Firmware

Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors.

7.7
2017-09-15 CVE-2017-10813 Corega OS Command Injection vulnerability in Corega WLR 300 NM Firmware

CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

7.7
2017-09-13 CVE-2017-8757 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge handles objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability".

7.6
2017-09-13 CVE-2017-8756 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8755 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8753 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8752 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8751 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8750 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8749 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8748 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8747 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8741 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8740 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8738 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8737 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability".

7.6
2017-09-13 CVE-2017-8734 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8731 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8729 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-8728 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability".

7.6
2017-09-13 CVE-2017-8699 Microsoft Improper Input Validation vulnerability in Microsoft products

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows Shell validates file copy destinations, aka "Windows Shell Remote Code Execution Vulnerability".

7.6
2017-09-13 CVE-2017-8696 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to execute code remotely via a specially crafted website or a specially crafted document or email attachment, aka "Microsoft Graphics Component Remote Code Execution."

7.6
2017-09-13 CVE-2017-8649 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-11766 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

7.6
2017-09-13 CVE-2017-11764 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-09-17 CVE-2017-14512 Nexusphp Project SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5

NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an editforum action, a different vulnerability than CVE-2017-12981.

7.5
2017-09-15 CVE-2014-7808 Apache Cryptographic Issues vulnerability in Apache Wicket

Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.

7.5
2017-09-14 CVE-2017-13067 Qnap Unspecified vulnerability in Qnap QTS

QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901.

7.5
2017-09-14 CVE-2017-1002151 Redhat Missing Authorization vulnerability in Redhat Pagure

Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization

7.5
2017-09-14 CVE-2017-1002028 Angrybyte SQL Injection vulnerability in Angrybyte Gallery-Transformation 1.0

Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query.

7.5
2017-09-14 CVE-2017-1002027 Rayanehdownload SQL Injection vulnerability in Rayanehdownload Rk-Responsive-Contact-Form 1.0

Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php.

7.5
2017-09-14 CVE-2017-1002023 Daisythemes SQL Injection vulnerability in Daisythemes Easy Team Manager 1.3.2

Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php

7.5
2017-09-14 CVE-2017-1002022 Surveys Project SQL Injection vulnerability in Surveys Project Surveys 1.01.8

Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query.

7.5
2017-09-14 CVE-2017-1002021 Surveys Project SQL Injection vulnerability in Surveys Project Surveys 1.01.8

Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query.

7.5
2017-09-14 CVE-2017-1002020 Surveys Project SQL Injection vulnerability in Surveys Project Surveys 1.01.8

Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.

7.5
2017-09-14 CVE-2017-1002019 Eventr Project SQL Injection vulnerability in Eventr Project Eventr 1.02.2

Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.

7.5
2017-09-14 CVE-2017-1002018 Eventr Project SQL Injection vulnerability in Eventr Project Eventr 1.02.2

Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.

7.5
2017-09-14 CVE-2017-1002016 Flickr Picture Backup Project Unrestricted Upload of File with Dangerous Type vulnerability in Flickr Picture Backup Project Flickr Picture Backup 0.7

Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files.

7.5
2017-09-14 CVE-2017-1002015 Anblik SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter.

7.5
2017-09-14 CVE-2017-1002014 Anblik SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter.

7.5
2017-09-14 CVE-2017-1002013 Anblik SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php.

7.5
2017-09-14 CVE-2017-1002012 Anblik SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.

7.5
2017-09-14 CVE-2017-1002010 Ontraport SQL Injection vulnerability in Ontraport Membership Simplified 1.58

Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function.

7.5
2017-09-14 CVE-2017-1002009 Ontraport SQL Injection vulnerability in Ontraport Membership Simplified 1.58

Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function.

7.5
2017-09-14 CVE-2017-1002008 Membership Simplified Project Unrestricted Upload of File with Dangerous Type vulnerability in Membership Simplified Project Membership Simplified 1.58

Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.

7.5
2017-09-14 CVE-2017-1002003 Wp2Android Turn WP Site Into Android APP Project Unrestricted Upload of File with Dangerous Type vulnerability in Wp2Android-Turn-Wp-Site-Into-Android-App Project Wp2Android-Turn-Wp-Site-Into-Android-App 1.1.4

Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.

7.5
2017-09-14 CVE-2017-1002002 Webapp Builder Project Unrestricted Upload of File with Dangerous Type vulnerability in Webapp-Builder Project Webapp-Builder 2.0

Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/

7.5
2017-09-14 CVE-2017-1002001 Mobile APP Builder BY Wappress Project Unrestricted Upload of File with Dangerous Type vulnerability in Mobile-App-Builder-By-Wappress Project Mobile-App-Builder-By-Wappress 1.05

Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.

7.5
2017-09-14 CVE-2017-1002000 Mobile Friendly APP Builder BY Easytouch Project Unrestricted Upload of File with Dangerous Type vulnerability in Mobile-Friendly-App-Builder-By-Easytouch Project Mobile-Friendly-App-Builder-By-Easytouch 3.0

Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

7.5
2017-09-14 CVE-2017-13725 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

7.5
2017-09-14 CVE-2017-13690 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

7.5
2017-09-14 CVE-2017-13689 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().

7.5
2017-09-14 CVE-2017-13688 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().

7.5
2017-09-14 CVE-2017-13687 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().

7.5
2017-09-14 CVE-2017-13055 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().

7.5
2017-09-14 CVE-2017-13054 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().

7.5
2017-09-14 CVE-2017-13053 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

7.5
2017-09-14 CVE-2017-13052 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().

7.5
2017-09-14 CVE-2017-13051 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

7.5
2017-09-14 CVE-2017-13050 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

7.5
2017-09-14 CVE-2017-13049 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().

7.5
2017-09-14 CVE-2017-13048 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

7.5
2017-09-14 CVE-2017-13047 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

7.5
2017-09-14 CVE-2017-13046 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

7.5
2017-09-14 CVE-2017-13045 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().

7.5
2017-09-14 CVE-2017-13044 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().

7.5
2017-09-14 CVE-2017-13043 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().

7.5
2017-09-14 CVE-2017-13042 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().

7.5
2017-09-14 CVE-2017-13041 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().

7.5
2017-09-14 CVE-2017-13040 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.

7.5
2017-09-14 CVE-2017-13039 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

7.5
2017-09-14 CVE-2017-13038 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().

7.5
2017-09-14 CVE-2017-13037 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().

7.5
2017-09-14 CVE-2017-13036 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

7.5
2017-09-14 CVE-2017-13035 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().

7.5
2017-09-14 CVE-2017-13034 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

7.5
2017-09-14 CVE-2017-13033 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

7.5
2017-09-14 CVE-2017-13032 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().

7.5
2017-09-14 CVE-2017-13031 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().

7.5
2017-09-14 CVE-2017-13030 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.

7.5
2017-09-14 CVE-2017-13029 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().

7.5
2017-09-14 CVE-2017-13028 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().

7.5
2017-09-14 CVE-2017-13027 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().

7.5
2017-09-14 CVE-2017-13026 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.

7.5
2017-09-14 CVE-2017-13025 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

7.5
2017-09-14 CVE-2017-13024 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

7.5
2017-09-14 CVE-2017-13023 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

7.5
2017-09-14 CVE-2017-13022 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().

7.5
2017-09-14 CVE-2017-13021 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().

7.5
2017-09-14 CVE-2017-13020 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

7.5
2017-09-14 CVE-2017-13019 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

7.5
2017-09-14 CVE-2017-13018 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

7.5
2017-09-14 CVE-2017-13017 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().

7.5
2017-09-14 CVE-2017-13016 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

7.5
2017-09-14 CVE-2017-13015 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().

7.5
2017-09-14 CVE-2017-13014 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.

7.5
2017-09-14 CVE-2017-13013 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.

7.5
2017-09-14 CVE-2017-13012 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

7.5
2017-09-14 CVE-2017-13011 Tcpdump Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().

7.5
2017-09-14 CVE-2017-13010 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

7.5
2017-09-14 CVE-2017-13009 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().

7.5
2017-09-14 CVE-2017-13008 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

7.5
2017-09-14 CVE-2017-13007 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().

7.5
2017-09-14 CVE-2017-13006 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.

7.5
2017-09-14 CVE-2017-13005 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().

7.5
2017-09-14 CVE-2017-13004 Tcpdump
Debian
Out-of-bounds Read vulnerability in multiple products

The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().

7.5
2017-09-14 CVE-2017-13003 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().

7.5
2017-09-14 CVE-2017-13002 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().

7.5
2017-09-14 CVE-2017-13001 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().

7.5
2017-09-14 CVE-2017-13000 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().

7.5
2017-09-14 CVE-2017-12999 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().

7.5
2017-09-14 CVE-2017-12998 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().

7.5
2017-09-14 CVE-2017-12996 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().

7.5
2017-09-14 CVE-2017-12994 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

7.5
2017-09-14 CVE-2017-12993 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.

7.5
2017-09-14 CVE-2017-12992 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().

7.5
2017-09-14 CVE-2017-12991 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

7.5
2017-09-14 CVE-2017-12988 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().

7.5
2017-09-14 CVE-2017-12987 Tcpdump
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

7.5
2017-09-14 CVE-2017-12986 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

7.5
2017-09-14 CVE-2017-12985 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().

7.5
2017-09-14 CVE-2017-12902 Tcpdump
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.

7.5
2017-09-14 CVE-2017-12901 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().

7.5
2017-09-14 CVE-2017-12900 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().

7.5
2017-09-14 CVE-2017-12899 Tcpdump
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().

7.5
2017-09-14 CVE-2017-12898 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().

7.5
2017-09-14 CVE-2017-12897 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().

7.5
2017-09-14 CVE-2017-12896 Tcpdump
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

7.5
2017-09-14 CVE-2017-12895 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

7.5
2017-09-14 CVE-2017-12894 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().

7.5
2017-09-14 CVE-2017-12893 Tcpdump Out-of-bounds Read vulnerability in Tcpdump

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().

7.5
2017-09-13 CVE-2017-14430 Dlink Improper Input Validation vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.5
2017-09-13 CVE-2017-14423 Dlink Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-850L Firmware

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV.

7.5
2017-09-13 CVE-2017-14422 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

7.5
2017-09-13 CVE-2017-14403 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.

7.5
2017-09-13 CVE-2017-14402 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input validation in include/function.php.

7.5
2017-09-13 CVE-2017-14401 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.

7.5
2017-09-13 CVE-2017-8686 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows Server 2012 and Windows Server 2016

The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows Server DHCP service, aka "Windows DHCP Server Remote Code Execution Vulnerability".

7.5
2017-09-12 CVE-2017-14397 Anydesk
Microsoft
Injection vulnerability in Anydesk

AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability.

7.5
2017-09-12 CVE-2017-14396 Osticket SQL Injection vulnerability in Osticket 1.10

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.

7.5
2017-09-12 CVE-2017-8015 EMC SQL Injection vulnerability in EMC Appsync 2.0/3.0.0

EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.

7.5
2017-09-12 CVE-2017-14346 Blog Project Unrestricted Upload of File with Dangerous Type vulnerability in Blog Project Blog 20170912

upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.

7.5
2017-09-12 CVE-2017-14345 Blog Project SQL Injection vulnerability in Blog Project Blog 20170912

SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php.

7.5
2017-09-11 CVE-2015-7877 User Dashboard Project SQL Injection vulnerability in User Dashboard Project User Dashboard 7.X1.2/7.X1.3/7.X1.Xdev

Multiple SQL injection vulnerabilities in the User Dashboard module 7.x before 7.x-1.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2017-09-11 CVE-2017-14265 Libraw Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libraw

A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3.

7.5
2017-09-11 CVE-2017-14252 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.

7.5
2017-09-11 CVE-2017-14247 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060.

7.5
2017-09-11 CVE-2017-14242 Dolibarr SQL Injection vulnerability in Dolibarr 6.0.0

SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter.

7.5
2017-09-11 CVE-2017-14238 Dolibarr SQL Injection vulnerability in Dolibarr 6.0.0

SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter.

7.5
2017-09-15 CVE-2017-4924 Vmware Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO

VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device.

7.2
2017-09-14 CVE-2017-13779 Gstn Incorrect Permission Assignment for Critical Resource vulnerability in Gstn India Goods and Services TAX Network Offline Utility Tool 1.1

GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions.

7.2
2017-09-13 CVE-2017-12612 Apache Deserialization of Untrusted Data vulnerability in Apache Spark

In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket.

7.2
2017-09-13 CVE-2017-7441 Sophos Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos Hitmanpro 3.7.20

In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks.

7.2
2017-09-13 CVE-2017-8720 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

7.2
2017-09-12 CVE-2017-1452 IBM
Linux
Microsoft
Unspecified vulnerability in IBM DB2 and DB2 Connect

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files.

7.2
2017-09-12 CVE-2017-1451 IBM
Linux
Microsoft
Unspecified vulnerability in IBM DB2 and DB2 Connect

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access.

7.2
2017-09-12 CVE-2017-1439 IBM
Linux
Microsoft
Unspecified vulnerability in IBM DB2 and DB2 Connect

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access.

7.2
2017-09-12 CVE-2017-1438 IBM
Linux
Microsoft
Unspecified vulnerability in IBM DB2 and DB2 Connect

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access.

7.2
2017-09-12 CVE-2017-14344 Jungo Improper Input Validation vulnerability in Jungo Windriver

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier.

7.2
2017-09-12 CVE-2017-14319 XEN Unspecified vulnerability in XEN

A grant unmapping issue was discovered in Xen through 4.9.x.

7.2
2017-09-12 CVE-2017-14316 XEN Out-of-bounds Read vulnerability in XEN

A parameter verification issue was discovered in Xen through 4.9.x.

7.2
2017-09-11 CVE-2017-14312 Nagios Improper Privilege Management vulnerability in Nagios Core

Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.

7.2
2017-09-11 CVE-2017-14153 Jungo Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jungo Windriver

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier.

7.2
2017-09-11 CVE-2017-14075 Jungo Out-of-bounds Write vulnerability in Jungo Windriver

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier.

7.2
2017-09-12 CVE-2017-14341 Imagemagick
Canonical
Debian
Resource Exhaustion vulnerability in multiple products

ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.

7.1
2017-09-12 CVE-2017-14325 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.

7.1

189 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-09-15 CVE-2017-14484 Gentoo Improper Privilege Management vulnerability in Gentoo Sci-Mathematics-Gimps 28.10

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.

6.9
2017-09-13 CVE-2017-8714 Microsoft Improper Input Validation vulnerability in Microsoft products

The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".

6.9
2017-09-13 CVE-2017-8675 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability"..

6.9
2017-09-17 CVE-2017-14520 Freedesktop Improper Input Validation vulnerability in Freedesktop Poppler 0.59.0

In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.

6.8
2017-09-17 CVE-2017-14518 Freedesktop Improper Input Validation vulnerability in Freedesktop Poppler 0.59.0

In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.

6.8
2017-09-17 CVE-2017-14500 Newsbeuter OS Command Injection vulnerability in Newsbeuter

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904.

6.8
2017-09-15 CVE-2017-9805 Apache Deserialization of Untrusted Data vulnerability in Apache Struts

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

6.8
2017-09-14 CVE-2017-2809 Ansible Vault Project Code Injection vulnerability in Ansible-Vault Project Ansible-Vault

An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5.

6.8
2017-09-14 CVE-2017-14482 GNU
Debian
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el.
6.8
2017-09-13 CVE-2017-1508 IBM
Linux
Unspecified vulnerability in IBM Informix Dynamic Server 12.10

IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges.

6.8
2017-09-13 CVE-2017-11350 Axesstel Cross-Site Request Forgery (CSRF) vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14

Cross-Site Request Forgery (CSRF) exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices.

6.8
2017-09-13 CVE-2017-14412 Mp3Gain Out-of-bounds Write vulnerability in Mp3Gain 1.5.2

An invalid memory write was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2.

6.8
2017-09-13 CVE-2017-14411 Mp3Gain Out-of-bounds Write vulnerability in Mp3Gain 1.5.2

A stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2.

6.8
2017-09-13 CVE-2017-14409 Mp3Gain Out-of-bounds Write vulnerability in Mp3Gain 1.5.2

A buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2.

6.8
2017-09-13 CVE-2017-0161 Microsoft Race Condition vulnerability in Microsoft products

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain certain sequencing requirements, aka "NetBIOS Remote Code Execution Vulnerability".

6.8
2017-09-12 CVE-2017-14348 Libraw Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libraw

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.

6.8
2017-09-12 CVE-2017-14337 Misp Project Improper Authentication vulnerability in Misp-Project Misp

When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunction with a non-MISP external user management ReST API, if an external user provides X.509 certificate authentication and this API returns an empty value, the unauthenticated user can be granted access as an arbitrary user.

6.8
2017-09-12 CVE-2017-14266 Broadcom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Tcpreplay 3.4.4

tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.

6.8
2017-09-11 CVE-2015-8351 Gwolle Guestbook Project Code Injection vulnerability in Gwolle Guestbook Project Gwolle Guestbook

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php.

6.8
2017-09-11 CVE-2017-14267 EE Cross-Site Request Forgery (CSRF) vulnerability in EE 4Gee Wifi MBB Firmware

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings.

6.8
2017-09-11 CVE-2017-14261 Bento4 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616

In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability.

6.8
2017-09-11 CVE-2017-14260 Axiosys Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.0616

In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability.

6.8
2017-09-11 CVE-2017-14259 Bento4 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616

In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability.

6.8
2017-09-11 CVE-2017-14258 Bento4 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616

In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability.

6.8
2017-09-11 CVE-2017-14257 Bento4 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616

In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability.

6.8
2017-09-17 CVE-2017-14509 Sugarcrm Improper Input Validation vulnerability in Sugarcrm

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26).

6.5
2017-09-17 CVE-2017-14508 Sugarcrm SQL Injection vulnerability in Sugarcrm

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26).

6.5
2017-09-17 CVE-2017-14504 Graphicsmagick
Debian
NULL Pointer Dereference vulnerability in multiple products

ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.

6.5
2017-09-14 CVE-2017-1002026 Eventespresso SQL Injection vulnerability in Eventespresso Event Espresso 3.1.37.11.L

Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement.

6.5
2017-09-14 CVE-2017-1002025 ADD Edit Delete Listing FOR Member Module Project SQL Injection vulnerability in Add-Edit-Delete-Listing-For-Member-Module Project Add-Edit-Delete-Listing-For-Member-Module 1.0

Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement.

6.5
2017-09-13 CVE-2017-14405 Eyesofnetwork OS Command Injection vulnerability in Eyesofnetwork 5.10

The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php.

6.5
2017-09-12 CVE-2017-14399 Blackcat CMS Unrestricted Upload of File with Dangerous Type vulnerability in Blackcat-Cms Blackcat CMS 1.2.2

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php.

6.5
2017-09-11 CVE-2015-9227 Alegrocart Code Injection vulnerability in Alegrocart 1.2.8

PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2.

6.5
2017-09-11 CVE-2015-9226 Alegrocart SQL Injection vulnerability in Alegrocart 1.2.8

Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php.

6.5
2017-09-11 CVE-2017-14251 Typo3 Unrestricted Upload of File with Dangerous Type vulnerability in Typo3

Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code.

6.5
2017-09-15 CVE-2017-0898 Ruby Lang Use of Externally-Controlled Format String vulnerability in Ruby-Lang Ruby

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value.

6.4
2017-09-14 CVE-2017-0783 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android system (bluetooth).

6.1
2017-09-14 CVE-2017-1002150 Fedoraproject Open Redirect vulnerability in Fedoraproject Python-Fedora 0.8.0

python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection

6.1
2017-09-13 CVE-2017-14416 Dlink Cross-site Scripting vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

6.1
2017-09-13 CVE-2017-14415 Dlink Cross-site Scripting vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

6.1
2017-09-13 CVE-2017-14414 Dlink Cross-site Scripting vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

6.1
2017-09-13 CVE-2017-14413 Dlink Cross-site Scripting vulnerability in Dlink Dir-850L Firmware

D-Link DIR-850L REV.

6.1
2017-09-12 CVE-2017-1352 IBM Command Injection vulnerability in IBM Maximo Asset Management 7.5/7.6

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file.

6.0
2017-09-13 CVE-2017-14420 Dlink Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware

The D-Link NPAPI extension, as used on D-Link DIR-850L REV.

5.9
2017-09-13 CVE-2017-14419 Dlink Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware

The D-Link NPAPI extension, as used on D-Link DIR-850L REV.

5.9
2017-09-13 CVE-2015-2750 Drupal
Debian
Open Redirect vulnerability in multiple products

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.

5.8
2017-09-13 CVE-2015-2749 Drupal
Debian
Open Redirect vulnerability in multiple products

Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.

5.8
2017-09-11 CVE-2015-5054 Ellucian Open Redirect vulnerability in Ellucian Banner Student

Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.

5.8
2017-09-13 CVE-2017-3165 Apache Cross-site Scripting vulnerability in Apache Brooklyn

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources.

5.4
2017-09-17 CVE-2017-14519 Freedesktop Infinite Loop vulnerability in Freedesktop Poppler 0.59.0

In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).

5.0
2017-09-17 CVE-2017-14515 Tenda Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda W15E Firmware

Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.

5.0
2017-09-17 CVE-2017-14514 Tenda Path Traversal vulnerability in Tenda W15E Firmware

Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.

5.0
2017-09-17 CVE-2017-14513 Metinfo Path Traversal vulnerability in Metinfo 5.3.17

Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.

5.0
2017-09-17 CVE-2017-14511 SAP Improper Input Validation vulnerability in SAP E-Recruiting

An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617.

5.0
2017-09-17 CVE-2017-14502 Libarchive Off-by-one Error vulnerability in Libarchive 3.3.2

read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.

5.0
2017-09-15 CVE-2017-2299 Puppet Improper Certificate Validation vulnerability in Puppet Puppetlabs-Apache

Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust.

5.0
2017-09-15 CVE-2017-10846 Nttdocomo Missing Authorization vulnerability in Nttdocomo Wi-Fi Station L-02F Firmware

Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access restrictions to obtain information on device settings via unspecified vectors.

5.0
2017-09-14 CVE-2017-1002007 Dtracker Project Missing Authorization vulnerability in Dtracker Project Dtracker 1.5

Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

5.0
2017-09-14 CVE-2017-1002006 Dtracker Project Missing Authorization vulnerability in Dtracker Project Dtracker 1.5

Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

5.0
2017-09-14 CVE-2017-1002005 Dtracker Project SQL Injection vulnerability in Dtracker Project Dtracker 1.5

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query.

5.0
2017-09-14 CVE-2017-1002004 Dtracker Project SQL Injection vulnerability in Dtracker Project Dtracker 1.5

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query.

5.0
2017-09-14 CVE-2017-12997 Tcpdump Infinite Loop vulnerability in Tcpdump

The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().

5.0
2017-09-14 CVE-2017-12995 Tcpdump Infinite Loop vulnerability in Tcpdump

The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().

5.0
2017-09-14 CVE-2017-12990 Tcpdump Infinite Loop vulnerability in Tcpdump

The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.

5.0
2017-09-14 CVE-2017-12989 Tcpdump Infinite Loop vulnerability in Tcpdump

The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

5.0
2017-09-13 CVE-2017-7561 Redhat HTTP Request Smuggling vulnerability in Redhat Jboss Enterprise Application Platform

Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

5.0
2017-09-13 CVE-2017-14404 Eyesofnetwork Information Exposure vulnerability in Eyesofnetwork 5.10

The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_list=php://filter/ substring.

5.0
2017-09-13 CVE-2017-11761 Microsoft Information Exposure vulnerability in Microsoft Exchange Server 2013/2016

Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Microsoft Exchange Information Disclosure Vulnerability"

5.0
2017-09-12 CVE-2017-1162 IBM Information Exposure vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized users.

5.0
2017-09-12 CVE-2014-9635 Jenkins
Apache
7PK - Security Features vulnerability in Jenkins

Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies.

5.0
2017-09-12 CVE-2014-9634 Jenkins
Apache
7PK - Security Features vulnerability in Jenkins

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session.

5.0
2017-09-12 CVE-2014-9624 Mantisbt Improper Authentication vulnerability in Mantisbt

CAPTCHA bypass vulnerability in MantisBT before 1.2.19.

5.0
2017-09-12 CVE-2017-14335 Hbgk Improper Input Validation vulnerability in Hbgk products

On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.

5.0
2017-09-11 CVE-2015-4689 Ellucian Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ellucian Banner Student

Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset."

5.0
2017-09-11 CVE-2015-4688 Ellucian Information Exposure vulnerability in Ellucian Banner Student

Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate user accounts via a series of requests.

5.0
2017-09-11 CVE-2017-14269 EE Information Exposure vulnerability in EE 4Gee Wifi MBB Firmware

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.

5.0
2017-09-11 CVE-2017-14240 Dolibarr Information Exposure vulnerability in Dolibarr 6.0.0

There is a sensitive information disclosure vulnerability in document.php in Dolibarr ERP/CRM version 6.0.0 via the file parameter.

5.0
2017-09-15 CVE-2017-14340 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory.

4.9
2017-09-15 CVE-2017-14489 Linux Improper Input Validation vulnerability in Linux Kernel

The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.

4.9
2017-09-15 CVE-2017-14483 Gentoo Race Condition vulnerability in Gentoo Dev-Python-Flower

flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command.

4.9
2017-09-13 CVE-2017-14431 XEN Missing Release of Resource after Effective Lifetime vulnerability in XEN

Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207.

4.9
2017-09-13 CVE-2017-7560 Redhat Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Rhnsd

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.

4.9
2017-09-13 CVE-2017-6007 Sophos Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos Hitmanpro 3.7.20

A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call.

4.9
2017-09-13 CVE-2017-8704 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability".

4.9
2017-09-12 CVE-2017-14318 XEN NULL Pointer Dereference vulnerability in XEN

An issue was discovered in Xen 4.5.x through 4.9.x.

4.9
2017-09-14 CVE-2015-7553 Redhat Race Condition vulnerability in Redhat Enterprise Linux, Enterprise MRG and Kernel-Rt

Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.

4.7
2017-09-12 CVE-2017-14317 XEN Race Condition vulnerability in XEN

A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x.

4.7
2017-09-15 CVE-2015-1527 Google Integer Overflow or Wraparound vulnerability in Google Android

Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727.

4.6
2017-09-13 CVE-2017-6008 Sophos Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos Hitmanpro 3.7.20

A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.

4.6
2017-09-13 CVE-2017-14398 Razerzone Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Razer Synapse 2.20.15.1104

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection.

4.6
2017-09-13 CVE-2017-8746 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability".

4.6
2017-09-13 CVE-2017-8716 Microsoft Unspecified vulnerability in Microsoft Windows 10 1703

Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles objects in memory, aka "Windows Security Feature Bypass Vulnerability".

4.6
2017-09-11 CVE-2017-14310 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000001869."

4.6
2017-09-11 CVE-2017-14309 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006ec8."

4.6
2017-09-11 CVE-2017-14308 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006ddd."

4.6
2017-09-11 CVE-2017-14307 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77400000!TpAllocCleanupGroup+0x0000000000000402."

4.6
2017-09-11 CVE-2017-14306 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006e10."

4.6
2017-09-11 CVE-2017-14305 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at STDUJBIG2File!DllUnregisterServer+0x0000000000005578."

4.6
2017-09-11 CVE-2017-14304 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllGetClassObject+0x00000000000043e0."

4.6
2017-09-11 CVE-2017-14303 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllGetClassObject+0x0000000000003047."

4.6
2017-09-11 CVE-2017-14302 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at STDUJBIG2File!DllGetClassObject+0x00000000000064d7."

4.6
2017-09-11 CVE-2017-14301 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllUnregisterServer+0x00000000000076d3."

4.6
2017-09-11 CVE-2017-14300 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x0000000000004479."

4.6
2017-09-11 CVE-2017-14299 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x000000000000384b."

4.6
2017-09-11 CVE-2017-14298 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000038e8."

4.6
2017-09-11 CVE-2017-14297 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000002f35."

4.6
2017-09-11 CVE-2017-14296 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000043e6."

4.6
2017-09-11 CVE-2017-14295 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2File+0x00000000000015e9."

4.6
2017-09-11 CVE-2017-14294 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000566e."

4.6
2017-09-11 CVE-2017-14293 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Heap Corruption starting at wow64!Wow64LdrpInitialize+0x00000000000008e1."

4.6
2017-09-11 CVE-2017-14292 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000570e."

4.6
2017-09-11 CVE-2017-14291 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x00000000000076d8."

4.6
2017-09-11 CVE-2017-14290 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

4.6
2017-09-11 CVE-2017-14289 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000303e."

4.6
2017-09-11 CVE-2017-14288 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x0000000000002ff7."

4.6
2017-09-11 CVE-2017-14287 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "Read Access Violation on Control Flow starting at STDUJBIG2File+0x00000000000015eb."

4.6
2017-09-11 CVE-2017-14286 Stdutility Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000cb8c."

4.6
2017-09-11 CVE-2017-14285 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x000000000000039b."

4.6
2017-09-11 CVE-2017-14284 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77400000!RtlGetCurrentDirectory_U+0x000000000000016c."

4.6
2017-09-11 CVE-2017-14283 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000008fe4."

4.6
2017-09-11 CVE-2017-14282 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000005862."

4.6
2017-09-11 CVE-2017-14281 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at jbig2dec+0x00000000000090f1."

4.6
2017-09-11 CVE-2017-14280 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at jbig2dec+0x000000000000571d."

4.6
2017-09-11 CVE-2017-14279 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000005643."

4.6
2017-09-11 CVE-2017-14278 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000005940."

4.6
2017-09-11 CVE-2017-14277 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000005956."

4.6
2017-09-11 CVE-2017-14276 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Possible Stack Corruption starting at jbig2dec+0x0000000000002fbe."

4.6
2017-09-11 CVE-2017-14275 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

4.6
2017-09-11 CVE-2017-14274 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008706."

4.6
2017-09-11 CVE-2017-14273 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x00000000000003b0."

4.6
2017-09-11 CVE-2017-14272 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d."

4.6
2017-09-11 CVE-2017-14271 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlImpersonateSelfEx+0x000000000000024e."

4.6
2017-09-11 CVE-2017-14270 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlFillMemoryUlong+0x0000000000000010."

4.6
2017-09-13 CVE-2017-8702 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows an attacker to gain greater access to sensitive information and system functionality, due to the way that WER handles and executes files, aka "Windows Elevation of Privilege Vulnerability".

4.4
2017-09-17 CVE-2017-14517 Freedesktop NULL Pointer Dereference vulnerability in Freedesktop Poppler 0.59.0

In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.

4.3
2017-09-17 CVE-2017-14510 Sugarcrm Cross-site Scripting vulnerability in Sugarcrm

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26).

4.3
2017-09-17 CVE-2017-14505 Imagemagick NULL Pointer Dereference vulnerability in Imagemagick 7.0.71

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.

4.3
2017-09-17 CVE-2017-14503 Libarchive Out-of-bounds Read vulnerability in Libarchive 3.3.2

libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.

4.3
2017-09-17 CVE-2017-14501 Libarchive Out-of-bounds Read vulnerability in Libarchive 3.3.2

An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.

4.3
2017-09-15 CVE-2017-14498 Silverstripe Cross-site Scripting vulnerability in Silverstripe

SilverStripe CMS before 3.6.1 has XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an admin/assets/add pathname, as demonstrated by the admin/pages/edit/EditorToolbar/MediaForm/field/AssetUploadField/upload URI, aka issue SS-2017-017.

4.3
2017-09-15 CVE-2017-10856 Seil Unspecified vulnerability in Seil products

SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72, SEIL/BPV4 5.00 to 5.72 allows remote attackers to cause a temporary failure of the device's encrypted communications via a specially crafted packet.

4.3
2017-09-14 CVE-2017-1002017 Bobcares Cross-site Scripting vulnerability in Bobcares Gift-Certificate-Creator 1.0

Vulnerability in wordpress plugin gift-certificate-creator v1.0, The code in gc-list.php doesn't sanitize user input to prevent a stored XSS vulnerability.

4.3
2017-09-13 CVE-2017-14410 Mp3Gain Out-of-bounds Read vulnerability in Mp3Gain 1.5.2

A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2.

4.3
2017-09-13 CVE-2017-14408 Mp3Gain Out-of-bounds Read vulnerability in Mp3Gain 1.5.2

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2.

4.3
2017-09-13 CVE-2017-14407 Mp3Gain Out-of-bounds Read vulnerability in Mp3Gain 1.5.2

A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2.

4.3
2017-09-13 CVE-2017-14406 Mp3Gain NULL Pointer Dereference vulnerability in Mp3Gain 1.5.2

A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2.

4.3
2017-09-13 CVE-2017-8758 Microsoft Cross-site Scripting vulnerability in Microsoft Exchange Server 2016

Microsoft Exchange Server 2016 allows an elevation of privilege vulnerability when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Cross-Site Scripting Vulnerability."

4.3
2017-09-13 CVE-2017-8739 Microsoft Information Exposure vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".

4.3
2017-09-13 CVE-2017-8736 Microsoft Information Exposure vulnerability in Microsoft Edge and Internet Explorer

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the parent domain, due to Microsoft browser parent domain verification in certain functionality, aka "Microsoft Browser Information Disclosure Vulnerability".

4.3
2017-09-13 CVE-2017-8735 Microsoft Unspecified vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability".

4.3
2017-09-13 CVE-2017-8733 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 10/11/9

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into believing that the user was visiting a legitimate website, due to the way that Internet Explorer handles specific HTML content, aka "Internet Explorer Spoofing Vulnerability".

4.3
2017-09-13 CVE-2017-8724 Microsoft Unspecified vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability".

4.3
2017-09-13 CVE-2017-8723 Microsoft Improper Input Validation vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability".

4.3
2017-09-13 CVE-2017-8710 Microsoft XXE vulnerability in Microsoft Windows 7 and Windows Server 2008

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input containing a reference to an external entity, aka "Windows Information Disclosure Vulnerability".

4.3
2017-09-13 CVE-2017-8648 Microsoft Information Exposure vulnerability in Microsoft Windows 10 1703

Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

4.3
2017-09-13 CVE-2017-8643 Microsoft Information Exposure vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Microsoft Edge handles clipboard events, aka "Microsoft Edge Information Disclosure Vulnerability".

4.3
2017-09-13 CVE-2017-8628 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".

4.3
2017-09-13 CVE-2017-8597 Microsoft Information Exposure vulnerability in Microsoft Windows 10 1703

Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

4.3
2017-09-12 CVE-2017-1520 IBM
Linux
Microsoft
Improper Authentication vulnerability in IBM DB2 and DB2 Connect

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT.

4.3
2017-09-12 CVE-2017-1519 IBM
Linux
Microsoft
Improper Input Validation vulnerability in IBM DB2 and DB2 Connect

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability.

4.3
2017-09-12 CVE-2017-14400 Imagemagick NULL Pointer Dereference vulnerability in Imagemagick 7.0.71

In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.

4.3
2017-09-12 CVE-2017-14347 Nexusphp Project Cross-site Scripting vulnerability in Nexusphp Project Nexusphp 1.5

NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.php in a delete action.

4.3
2017-09-12 CVE-2017-8918 Blackwave XXE vulnerability in Blackwave Dive Assistant 8.0

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file.

4.3
2017-09-12 CVE-2017-14343 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

4.3
2017-09-12 CVE-2017-14342 Imagemagick
Canonical
Resource Exhaustion vulnerability in multiple products

ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

4.3
2017-09-12 CVE-2017-14333 GNU Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution.

4.3
2017-09-12 CVE-2017-14326 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-09-12 CVE-2017-14324 Imagemagick Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.71

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.

4.3
2017-09-12 CVE-2017-3133 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.

4.3
2017-09-12 CVE-2017-3132 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken.

4.3
2017-09-12 CVE-2017-14314 Graphicsmagick
Debian
Out-of-bounds Read vulnerability in multiple products

Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

4.3
2017-09-12 CVE-2017-14313 Shibboleth Project Cross-site Scripting vulnerability in Shibboleth Project Shibboleth

The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg().

4.3
2017-09-11 CVE-2015-8354 Ultimatemember Cross-site Scripting vulnerability in Ultimatemember Ultimate Member

Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to wp-admin/users.php.

4.3
2017-09-11 CVE-2015-8353 Role Scoper Project Cross-site Scripting vulnerability in Role Scoper Project Role Scoper

Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the object_name parameter in a rs-object_role_edit page to wp-admin/admin.php.

4.3
2017-09-11 CVE-2015-8350 Inboundnow Cross-site Scripting vulnerability in Inboundnow Call TO Action 2.5

Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) open-tab parameter in a wp_cta_global_settings action to wp-admin/edit.php or (2) wp-cta-variation-id parameter to ab-testing-call-to-action-example/.

4.3
2017-09-11 CVE-2015-8349 Gameconnect Cross-site Scripting vulnerability in Gameconnect Sourcebans

Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.

4.3
2017-09-11 CVE-2015-4687 Ellucian Cross-site Scripting vulnerability in Ellucian Banner Student 8.5.1.2

Cross-site scripting (XSS) vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-09-11 CVE-2017-14268 EE Cross-site Scripting vulnerability in EE 4Gee Wifi MBB Firmware

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request.

4.3
2017-09-11 CVE-2017-14249 Imagemagick Divide By Zero vulnerability in Imagemagick 7.0.68

ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.

4.3
2017-09-11 CVE-2017-14248 Imagemagick Out-of-bounds Read vulnerability in Imagemagick 7.0.68

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

4.3
2017-09-15 CVE-2015-0110 IBM Improper Access Control vulnerability in IBM products

IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL.

4.0
2017-09-14 CVE-2017-13761 Fastly Information Exposure vulnerability in Fastly 1.2.25

The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.

4.0
2017-09-14 CVE-2017-1002100 Kubernetes Information Exposure vulnerability in Kubernetes

Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet.

4.0
2017-09-14 CVE-2017-1002024 Kindsoft Improper Authentication vulnerability in Kindsoft Kind Editor and Kindeditor

Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.

4.0
2017-09-13 CVE-2017-1556 IBM Improper Input Validation vulnerability in IBM API Connect 5.0.7.0/5.0.7.1/5.0.7.2

IBM API Connect 5.0.7.0 through 5.0.7.2 is vulnerable to a regular expression attack that could allow an authenticated attacker to use a regex and cause the system to slow or hang.

4.0
2017-09-13 CVE-2015-7880 Drupal Information Exposure vulnerability in Drupal

The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and knowledge of usernames.

4.0
2017-09-13 CVE-2017-6330 Symantec Unspecified vulnerability in Symantec Encryption Desktop 10.3.2

Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."

4.0
2017-09-13 CVE-2017-8754 Microsoft Improper Input Validation vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability".

4.0
2017-09-11 CVE-2017-7650 Eclipse
Debian
Improper Authentication vulnerability in multiple products

In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'.

4.0

40 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-09-15 CVE-2017-4926 Vmware Cross-site Scripting vulnerability in VMWare Vcenter Server 6.5

VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross-site scripting (XSS).

3.5
2017-09-14 CVE-2017-1490 IBM Information Exposure vulnerability in IBM Jazz Reporting Service

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

3.5
2017-09-14 CVE-2017-1002011 Anblik Cross-site Scripting vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, There is a stored XSS vulnerability via the $value->gallery_name and $value->gallery_description where anyone with privileges to modify or add galleries/images and inject javascript into the database.

3.5
2017-09-13 CVE-2017-13724 Axesstel Cross-site Scripting vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14

On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page.

3.5
2017-09-13 CVE-2017-8745 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation 2013

An elevation of privilege vulnerability exists in Microsoft SharePoint Foundation 2013 Service Pack 1 when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Cross Site Scripting Vulnerability".

3.5
2017-09-13 CVE-2017-8629 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013

Microsoft SharePoint Server 2013 Service Pack 1 allows an elevation of privilege vulnerability when it fails to properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint XSS Vulnerability".

3.5
2017-09-12 CVE-2015-9230 AIT PRO Cross-site Scripting vulnerability in Ait-Pro Bulletproof Security .52.4

In the admin/db-backup-security/db-backup-security.php page in the BulletProof Security plugin before .52.5 for WordPress, XSS is possible for remote authenticated administrators via the DBTablePrefix parameter.

3.5
2017-09-12 CVE-2015-9229 Imagely Cross-site Scripting vulnerability in Imagely Nextgen Gallery 2.1.15

In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.

3.5
2017-09-12 CVE-2017-7735 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the "Groups" input while creating or editing User Groups.

3.5
2017-09-12 CVE-2017-7734 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config Revisions.

3.5
2017-09-12 CVE-2017-3131 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView.

3.5
2017-09-11 CVE-2015-7879 Stickynote Project Cross-site Scripting vulnerability in Stickynote Project Stickynote

Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page.

3.5
2017-09-11 CVE-2017-14241 Dolibarr Cross-site Scripting vulnerability in Dolibarr 6.0.0

Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the Title parameter to htdocs/admin/menus/edit.php.

3.5
2017-09-11 CVE-2017-14239 Dolibarr Cross-site Scripting vulnerability in Dolibarr 6.0.0

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 6.0.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) CompanyName, (2) CompanyAddress, (3) CompanyZip, (4) CompanyTown, (5) Fax, (6) EMail, (7) Web, (8) ManagingDirectors, (9) Note, (10) Capital, (11) ProfId1, (12) ProfId2, (13) ProfId3, (14) ProfId4, (15) ProfId5, or (16) ProfId6 parameter to htdocs/admin/company.php.

3.5
2017-09-14 CVE-2017-0785 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android system (bluetooth).

3.3
2017-09-13 CVE-2017-14124 Unicon Software Improper Privilege Management vulnerability in Unicon-Software RP

In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions.

3.3
2017-09-12 CVE-2017-1000250 Bluez Information Exposure vulnerability in Bluez

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory.

3.3
2017-09-13 CVE-2017-8695 Microsoft Information Exposure vulnerability in Microsoft products

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to obtain information to further compromise a user's system via a specially crafted document or an untrusted webpage, aka "Graphics Component Information Disclosure Vulnerability."

2.6
2017-09-15 CVE-2017-4925 Vmware NULL Pointer Dereference vulnerability in VMWare products

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability.

2.1
2017-09-13 CVE-2017-8688 Microsoft Information Exposure vulnerability in Microsoft products

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8687 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8685 Microsoft Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8684 Microsoft Information Exposure vulnerability in Microsoft products

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8683 Microsoft Information Exposure vulnerability in Microsoft products

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability".

2.1
2017-09-13 CVE-2017-8681 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8680 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8679 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8678 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8677 Microsoft Information Exposure vulnerability in Microsoft products

The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly discloses kernel memory addresses, aka "Win32k Information Disclosure Vulnerability".

2.1
2017-09-13 CVE-2017-8676 Microsoft Information Exposure vulnerability in Microsoft products

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially crafted application, aka "Windows GDI+ Information Disclosure Vulnerability."

2.1
2017-09-12 CVE-2017-1434 IBM
Linux
Microsoft
Information Exposure vulnerability in IBM DB2 and DB2 Connect

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

2.1
2017-09-11 CVE-2017-1000249 File Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in File Project File 5.29

An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary.

2.1
2017-09-13 CVE-2017-8719 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8713 Microsoft Information Exposure vulnerability in Microsoft products

The Windows Hyper-V component on Microsoft Windows Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8712 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8711 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8709 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8708 Microsoft Information Exposure vulnerability in Microsoft products

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8707 Microsoft Information Exposure vulnerability in Microsoft products

The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka Hyper-V Information Disclosure Vulnerability".

1.9
2017-09-13 CVE-2017-8706 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability".

1.9