Weekly Vulnerabilities Reports > October 9 to 15, 2017

Overview

282 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 46 high severity vulnerabilities. This weekly summary report vulnerabilities in 276 products from 87 vendors including Microsoft, Irfanview, Juniper, Google, and Kanboard. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Information Exposure", "Improper Input Validation", and "Authorization Bypass Through User-Controlled Key".

  • 231 reported vulnerabilities are remotely exploitables.
  • 18 reported vulnerabilities have public exploit available.
  • 80 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 226 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 62 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 9 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-13 CVE-2017-10622 Juniper Improper Authentication vulnerability in Juniper Junos Space 16.1/17.1

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user.

10.0
2017-10-13 CVE-2017-11771 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows Search Remote Code Execution Vulnerability".

10.0
2017-10-13 CVE-2016-5791 Jantek Improper Authentication vulnerability in Jantek Jtc-200 Firmware

An Improper Authentication issue was discovered in JanTek JTC-200, all versions.

10.0
2017-10-11 CVE-2017-5791 HP Improper Authentication vulnerability in HP Intelligent Management Center Plat 7.2

The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.

10.0
2017-10-11 CVE-2013-6924 Seagate Command Injection vulnerability in Seagate Blackarmor NAS 220 Firmware Sg20002000.1331

Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

10.0
2017-10-13 CVE-2017-6224 Ruckuswireless OS Command Injection vulnerability in Ruckuswireless Unleashed Firmware and Zonedirector Firmware

Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x.

9.3
2017-10-13 CVE-2017-6223 Ruckus OS Command Injection vulnerability in Ruckus Zonedirector Firmware

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

9.3
2017-10-13 CVE-2017-8718 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability".

9.3
2017-10-13 CVE-2017-8717 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability".

9.3
2017-10-13 CVE-2017-11826 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.

9.3
2017-10-13 CVE-2017-11825 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Office FOR mac

Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3
2017-10-13 CVE-2017-11812 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

9.3
2017-10-13 CVE-2017-11786 Microsoft Authentication Bypass BY Capture-Replay vulnerability in Microsoft Lync and Skype for Business

Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles authentication requests, aka "Skype for Business Elevation of Privilege Vulnerability."

9.3
2017-10-13 CVE-2017-11779 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability".

9.3
2017-10-13 CVE-2017-11769 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability".

9.3
2017-10-12 CVE-2017-10865 Hitachi Solutions Untrusted Search Path vulnerability in Hitachi-Solutions Confidential File Decryption

Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-10-12 CVE-2017-10864 Hitachi Solutions Untrusted Search Path vulnerability in Hitachi-Solutions Confidential File Viewer

Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2017-10-12 CVE-2017-10863 Hitachi Solutions Untrusted Search Path vulnerability in Hitachi-Solutions Confidential File Decryption

Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3

46 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-13 CVE-2016-4921 Juniper Resource Management Errors vulnerability in Juniper Junos

By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic.

7.8
2017-10-13 CVE-2017-11781 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".

7.8
2017-10-10 CVE-2017-15193 Wireshark Resource Exhaustion vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory.

7.8
2017-10-13 CVE-2017-8727 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka "Windows Shell Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11822 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11821 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11819 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 7

Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".

7.6
2017-10-13 CVE-2017-11813 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 11

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11811 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11810 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11809 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11808 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11807 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11806 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11805 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11804 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11802 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11801 Microsoft Information Exposure vulnerability in Microsoft Chakracore

ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".

7.6
2017-10-13 CVE-2017-11800 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11799 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11798 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11797 Microsoft Information Exposure vulnerability in Microsoft Chakracore

ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".

7.6
2017-10-13 CVE-2017-11796 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11793 Microsoft Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-13 CVE-2017-11792 Microsoft Buffer Errors vulnerability in Microsoft Chakracore and Edge

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

7.6
2017-10-15 CVE-2017-15304 Airtame Session Fixation vulnerability in Airtame Hdmi Dongle Firmware

/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header.

7.5
2017-10-14 CVE-2017-12629 Apache XXE vulnerability in Apache Solr

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class.

7.5
2017-10-13 CVE-2017-10615 Juniper Improper Input Validation vulnerability in Juniper Junos 14.1/14.1X53/14.2

A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM.

7.5
2017-10-13 CVE-2016-1265 Juniper Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos Space

A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors.

7.5
2017-10-12 CVE-2016-8736 Apache Deserialization of Untrusted Data vulnerability in Apache Openmeetings

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

7.5
2017-10-11 CVE-2017-5789 HP Buffer Errors vulnerability in HP Loadrunner and Performance Center

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors.

7.5
2017-10-11 CVE-2017-14003 Lavalink Improper Authentication vulnerability in Lavalink Ether-Serial Link Firmware

An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions.

7.5
2017-10-11 CVE-2017-0903 Rubygems
Debian
Canonical
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability.

7.5
2017-10-11 CVE-2017-15220 Flexense Buffer Errors vulnerability in Flexense VX Search 10.1.12

Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring.

7.5
2017-10-10 CVE-2017-15226 Zyxel OS Command Injection vulnerability in Zyxel Nbg6716 Firmware 1.00(Aakg.9)C0

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.

7.5
2017-10-10 CVE-2017-8994 HP Improper Input Validation vulnerability in HP Operations Orchestration

A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.

7.5
2017-10-10 CVE-2008-7315 Cpan Command Injection vulnerability in Cpan Ui::Dialog

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

7.5
2017-10-10 CVE-2017-12861 Epson Weak Password Requirements vulnerability in Epson Easymp 2.86

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device

7.5
2017-10-10 CVE-2017-14980 Flexense Buffer Errors vulnerability in Flexense Syncbreeze 10.0.28

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.

7.5
2017-10-10 CVE-2014-9474 Mpfr Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mpfr GNU Mpfr

Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.

7.5
2017-10-10 CVE-2014-0030 Apache XXE vulnerability in Apache Roller

The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.

7.5
2017-10-13 CVE-2016-4922 Juniper Command Injection vulnerability in Juniper Junos

Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system.

7.2
2017-10-13 CVE-2017-11823 Microsoft Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass".

7.2
2017-10-11 CVE-2017-5700 Intel Insufficiently Protected Credentials vulnerability in Intel products

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

7.2
2017-10-10 CVE-2017-9683 Google Integer Overflow OR Wraparound vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offset and size values are too large.

7.2
2017-10-10 CVE-2015-5675 Freebsd Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/9.3

The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic).

7.2

181 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-13 CVE-2017-8694 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

6.9
2017-10-13 CVE-2017-8689 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

6.9
2017-10-13 CVE-2017-11824 Microsoft Unspecified vulnerability in Microsoft products

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability".

6.9
2017-10-13 CVE-2017-11783 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability".

6.9
2017-10-11 CVE-2017-12188 Linux Path Traversal vulnerability in Linux Kernel

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."

6.9
2017-10-10 CVE-2015-8239 Sudo Project Race Condition vulnerability in Sudo Project Sudo

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

6.9
2017-10-13 CVE-2017-10623 Juniper Improper Authentication vulnerability in Juniper Junos Space

Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes.

6.8
2017-10-13 CVE-2016-1261 Juniper Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos

J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).

6.8
2017-10-13 CVE-2017-11780 Microsoft Unspecified vulnerability in Microsoft products

The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a remote code execution vulnerability when it fails to properly handle certain requests, aka "Windows SMB Remote Code Execution Vulnerability".

6.8
2017-10-13 CVE-2017-11774 Microsoft Buffer Errors vulnerability in Microsoft Outlook and Outlook 2013 RT

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

6.8
2017-10-13 CVE-2017-11763 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability".

6.8
2017-10-13 CVE-2017-11762 Microsoft Improper Input Validation vulnerability in Microsoft products

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability".

6.8
2017-10-12 CVE-2017-15281 Imagemagick
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

6.8
2017-10-11 CVE-2017-8025 EMC Improper Input Validation vulnerability in EMC Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability.

6.8
2017-10-11 CVE-2017-2888 Libsdl Integer Overflow OR Wraparound vulnerability in Libsdl SDL 2.0.5

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5.

6.8
2017-10-11 CVE-2017-2887 Libsdl
Debian
Out-Of-Bounds Write vulnerability in multiple products

An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1.

6.8
2017-10-11 CVE-2017-15264 Irfanview Buffer Errors vulnerability in Irfanview 4.44

IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image00000000_00400000+0x00000000000236e4."

6.8
2017-10-11 CVE-2017-15263 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x00000000000166c4."

6.8
2017-10-11 CVE-2017-15262 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x0000000000048d0c."

6.8
2017-10-11 CVE-2017-15261 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x0000000000057b35."

6.8
2017-10-11 CVE-2017-15260 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000129a59."

6.8
2017-10-11 CVE-2017-15259 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x000000000011624a."

6.8
2017-10-11 CVE-2017-15258 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c."

6.8
2017-10-11 CVE-2017-15257 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a."

6.8
2017-10-11 CVE-2017-15256 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8."

6.8
2017-10-11 CVE-2017-15255 Irfanview Buffer Errors vulnerability in Irfanview PDF 4.43

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x00000000001601b0."

6.8
2017-10-11 CVE-2017-15254 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlGetGlobalState+0x000000000007dfa5."

6.8
2017-10-11 CVE-2017-15253 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x000000000007dff2."

6.8
2017-10-11 CVE-2017-15252 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x00000000000158cb."

6.8
2017-10-11 CVE-2017-15251 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x00000000000e7326."

6.8
2017-10-11 CVE-2017-15250 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132e19."

6.8
2017-10-11 CVE-2017-15249 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x00000000000668d6."

6.8
2017-10-11 CVE-2017-15248 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x0000000000063ca6."

6.8
2017-10-11 CVE-2017-15247 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000001168a1."

6.8
2017-10-11 CVE-2017-15246 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x000000000001515b."

6.8
2017-10-11 CVE-2017-15245 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlGetGlobalState+0x0000000000057b76."

6.8
2017-10-11 CVE-2017-15244 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

6.8
2017-10-11 CVE-2017-15243 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x00000000000568a4."

6.8
2017-10-11 CVE-2017-15242 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x0000000000031abe."

6.8
2017-10-11 CVE-2017-15241 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000000929f5."

6.8
2017-10-11 CVE-2017-15240 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132cef."

6.8
2017-10-11 CVE-2017-15239 Irfanview Buffer Errors vulnerability in Irfanview and PDF

IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000040db4."

6.8
2017-10-11 CVE-2017-15238 Graphicsmagick
Debian
USE After Free vulnerability in multiple products

ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.

6.8
2017-10-10 CVE-2017-11053 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame().

6.8
2017-10-13 CVE-2017-15276 Opentext Path Traversal vulnerability in Opentext Documentum Content Server

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives).

6.5
2017-10-13 CVE-2017-15013 Opentext Improper Privilege Management vulnerability in Opentext Documentum Content Server

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.

6.5
2017-10-13 CVE-2017-15012 Opentext Improper Input Validation vulnerability in Opentext Documentum Content Server

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation.

6.5
2017-10-12 CVE-2017-9514 Atlassian Incorrect Permission Assignment FOR Critical Resource vulnerability in Atlassian Bamboo

Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded.

6.5
2017-10-12 CVE-2017-15285 Qualiteam Improper Input Validation vulnerability in Qualiteam X-Cart

X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution.

6.5
2017-10-10 CVE-2017-13706 Lansweeper XXE vulnerability in Lansweeper

XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705.

6.5
2017-10-13 CVE-2017-10616 Juniper USE of Hard-Coded Credentials vulnerability in Juniper Contrail

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials.

6.4
2017-10-13 CVE-2017-10612 Juniper Cross-Site Scripting vulnerability in Juniper Junos Space

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators.

6.0
2017-10-13 CVE-2016-5789 Jantek Cross-Site Request Forgery (CSRF) vulnerability in Jantek Jtc-200 Firmware

A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions.

6.0
2017-10-13 CVE-2017-10620 Juniper Improper Certificate Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates.

5.8
2017-10-10 CVE-2015-5639 Dwango Improper Certificate Validation vulnerability in Dwango Niconico

niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.

5.8
2017-10-10 CVE-2015-7842 Huawei Permission Issues vulnerability in Huawei products

Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions.

5.5
2017-10-13 CVE-2017-10624 Juniper Insufficient Verification of Data Authenticity vulnerability in Juniper Junos Space 15.1/15.2

Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes.

5.1
2017-10-15 CVE-2017-15363 Luracast Path Traversal vulnerability in Luracast Restler

Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.

5.0
2017-10-15 CVE-2017-15300 Ewbf Unspecified vulnerability in Ewbf Cuda Zcash Miner 0.3.4B

The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b hangs on incoming TCP connections until some sort of request is made (such as "GET / HTTP/1.1"), which allows for a Denial of Service attack preventing a user from viewing their mining statistics by an attacker opening a session with telnet or netcat and connecting to the miner on the HTTP API port.

5.0
2017-10-13 CVE-2017-10621 Juniper Resource Exhaustion vulnerability in Juniper Junos

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service.

5.0
2017-10-13 CVE-2017-10619 Juniper Unspecified vulnerability in Juniper Junos 12.3X48/15.1X49

When Express Path (formerly known as service offloading) is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certain multicast packets might cause the flowd process to crash, halting or interrupting traffic from flowing through the device and triggering RG1+ (data-plane) fail-over to the secondary node.

5.0
2017-10-13 CVE-2017-10617 Juniper XXE vulnerability in Juniper Contrail

The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files.

5.0
2017-10-13 CVE-2017-10614 Juniper Resource Exhaustion vulnerability in Juniper Junos

A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack.

5.0
2017-10-13 CVE-2017-10608 Juniper Resource Exhaustion vulnerability in Juniper Junos

Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs.

5.0
2017-10-13 CVE-2017-10607 Juniper Unspecified vulnerability in Juniper Junos 16.1

Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart.

5.0
2017-10-13 CVE-2016-4925 Juniper Data Processing Errors vulnerability in Juniper Junose

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler.

5.0
2017-10-13 CVE-2017-11776 Microsoft Information Exposure vulnerability in Microsoft Outlook 2016

Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user email content, aka "Microsoft Outlook Information Disclosure Vulnerability."

5.0
2017-10-13 CVE-2017-11772 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to properly handle objects in memory, aka "Microsoft Search Information Disclosure Vulnerability".

5.0
2017-10-12 CVE-2017-15290 Mirasys Cleartext Transmission of Sensitive Information vulnerability in Mirasys Video Management System

Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data is required for the client functionality.

5.0
2017-10-12 CVE-2017-15268 Qemu Missing Release of Resource After Effective Lifetime vulnerability in Qemu

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.

5.0
2017-10-12 CVE-2017-12849 Silverstripe Information Exposure vulnerability in Silverstripe

Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks.

5.0
2017-10-12 CVE-2017-10862 Really Insufficient Verification of Data Authenticity vulnerability in Really Jwt-Scala

jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token.

5.0
2017-10-12 CVE-2017-15286 Sqlite Null Pointer Dereference vulnerability in Sqlite 3.20.1

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

5.0
2017-10-11 CVE-2017-15267 GNU Null Pointer Dereference vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.

5.0
2017-10-11 CVE-2017-15236 Tiandy Information Exposure vulnerability in Tiandy IP Camera Firmware 5.56.17.120

Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.

5.0
2017-10-11 CVE-2017-15235 Horde Forced Browsing vulnerability in Horde Groupware 5.2.21

The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.

5.0
2017-10-10 CVE-2017-15192 Wireshark Unspecified vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash.

5.0
2017-10-10 CVE-2017-15191 Wireshark
Debian
USE of Externally-Controlled Format String vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.

5.0
2017-10-10 CVE-2017-15190 Wireshark Unspecified vulnerability in Wireshark 2.4.0/2.4.1

In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash.

5.0
2017-10-10 CVE-2017-15189 Wireshark Missing Release of Resource After Effective Lifetime vulnerability in Wireshark 2.4.0/2.4.1

In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop.

5.0
2017-10-10 CVE-2017-9717 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.

5.0
2017-10-10 CVE-2017-9715 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.

5.0
2017-10-10 CVE-2017-11064 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively.

5.0
2017-10-10 CVE-2017-11062 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread.

5.0
2017-10-10 CVE-2017-11061 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer over-read can occur.

5.0
2017-10-10 CVE-2017-11060 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively.

5.0
2017-10-10 CVE-2017-11055 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur.

5.0
2017-10-10 CVE-2017-11054 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.

5.0
2017-10-10 CVE-2017-11052 Google Out-Of-Bounds Read vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor command a buffer over-read can occur.

5.0
2017-10-10 CVE-2017-11051 Google Information Exposure vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero.

5.0
2017-10-10 CVE-2015-7503 Zend KEY Management Errors vulnerability in Zend Framework

Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.

5.0
2017-10-10 CVE-2015-7384 Nodejs Resource Exhaustion vulnerability in Nodejs Node.Js 4.0.0/4.1.0/4.1.1

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

5.0
2017-10-10 CVE-2017-12860 Epson USE of Hard-Coded Credentials vulnerability in Epson Easymp 2.86

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.

5.0
2017-10-10 CVE-2015-2856 Accellion Path Traversal vulnerability in Accellion File Transfer Appliance 80540/912180

Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a ..

5.0
2017-10-10 CVE-2017-14943 Trapezegroup Information Exposure vulnerability in Trapezegroup Transitmaster

Trapeze TransitMaster is vulnerable to information disclosure (emails / hashed passwords) via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber.

5.0
2017-10-10 CVE-2017-5637 Apache
Debian
Missing Authentication FOR Critical Function vulnerability in multiple products

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests.

5.0
2017-10-10 CVE-2017-14603 Digium Information Exposure vulnerability in Digium Asterisk and Certified Asterisk

In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report.

5.0
2017-10-09 CVE-2017-14972 Infocus Improper Authentication vulnerability in Infocus Mondopad 2.2.08

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file.

5.0
2017-10-14 CVE-2017-15299 Linux Null Pointer Dereference vulnerability in Linux Kernel

The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.

4.9
2017-10-13 CVE-2017-8703 Microsoft Buffer Errors vulnerability in Microsoft Windows 10 1703

The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".

4.9
2017-10-12 CVE-2017-15274 Linux Null Pointer Dereference vulnerability in Linux Kernel

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.

4.9
2017-10-12 CVE-2017-12192 Linux Null Pointer Dereference vulnerability in Linux Kernel

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

4.9
2017-10-13 CVE-2017-8715 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".

4.6
2017-10-13 CVE-2017-11782 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability".

4.6
2017-10-10 CVE-2017-9714 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request.

4.6
2017-10-10 CVE-2017-9706 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver.

4.6
2017-10-10 CVE-2017-9687 Google Double Free vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipc_log_context_destroy().

4.6
2017-10-10 CVE-2017-9686 Google Double Free vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used.

4.6
2017-10-10 CVE-2017-11067 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset.

4.6
2017-10-10 CVE-2017-11059 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow.

4.6
2017-10-10 CVE-2017-11057 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address.

4.6
2017-10-10 CVE-2017-11056 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault.

4.6
2017-10-10 CVE-2017-11050 Google Buffer Errors vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible source data size in the host driver, a buffer overflow can potentially occur.

4.6
2017-10-10 CVE-2017-11048 Google USE After Free vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur.

4.6
2017-10-10 CVE-2017-11046 Google Out-Of-Bounds Write vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur.

4.6
2017-10-10 CVE-2017-13723 X ORG
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.

4.6
2017-10-13 CVE-2017-11818 Microsoft 7PK - Security Features vulnerability in Microsoft products

The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability".

4.4
2017-10-11 CVE-2017-5722 Intel Improper Privilege Management vulnerability in Intel products

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.

4.4
2017-10-11 CVE-2017-5721 Intel Improper Input Validation vulnerability in Intel products

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.

4.4
2017-10-11 CVE-2017-5701 Intel Unspecified vulnerability in Intel products

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.

4.4
2017-10-10 CVE-2017-9697 Google Race Condition vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table.

4.4
2017-10-15 CVE-2017-15364 Ccsv Project Double Free vulnerability in Ccsv Project Ccsv 1.1.0

The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file.

4.3
2017-10-15 CVE-2017-15305 Nexusphp Project Cross-Site Scripting vulnerability in Nexusphp Project Nexusphp 1.5

XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.

4.3
2017-10-14 CVE-2017-15298 GIT SCM
Canonical
Resource Exhaustion vulnerability in Git-Scm GIT

Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb.

4.3
2017-10-13 CVE-2017-10618 Juniper Unspecified vulnerability in Juniper Junos

When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart.

4.3
2017-10-13 CVE-2017-10611 Juniper Unspecified vulnerability in Juniper Junos

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart.

4.3
2017-10-13 CVE-2017-10610 Juniper Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash.

4.3
2017-10-13 CVE-2016-4923 Juniper Cross-Site Scripting vulnerability in Juniper Junos

Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on the Junos device.

4.3
2017-10-13 CVE-2017-8726 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how affected Microsoft scripting engines handle objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

4.3
2017-10-13 CVE-2017-11794 Microsoft Information Exposure vulnerability in Microsoft Edge

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

4.3
2017-10-13 CVE-2017-11790 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer 10/11/9

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability".

4.3
2017-10-12 CVE-2017-15287 Bouqueteditor Project Cross-Site Scripting vulnerability in Bouqueteditor Project Bouqueteditor 2.0.0

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.

4.3
2017-10-12 CVE-2015-6358 Cisco Improper Certificate Validation vulnerability in Cisco products

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

4.3
2017-10-12 CVE-2017-15280 Umbraco XXE vulnerability in Umbraco CMS

XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.

4.3
2017-10-12 CVE-2017-15277 Graphicsmagick
Imagemagick
Information Exposure vulnerability in multiple products

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette.

4.3
2017-10-11 CVE-2017-8017 EMC Cross-Site Scripting vulnerability in EMC Smarts Network Configuration Manager

EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system.

4.3
2017-10-11 CVE-2017-14372 RSA Cross-Site Scripting vulnerability in RSA Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages.

4.3
2017-10-11 CVE-2017-14371 RSA Cross-Site Scripting vulnerability in RSA Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting via the request URL.

4.3
2017-10-11 CVE-2017-14588 Atlassian Cross-Site Scripting vulnerability in Atlassian Crucible

Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.

4.3
2017-10-11 CVE-2017-15266 GNU Divide BY Zero vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate.

4.3
2017-10-11 CVE-2017-15232 Libjpeg Turbo Null Pointer Dereference vulnerability in Libjpeg-Turbo 1.5.2

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

4.3
2017-10-11 CVE-2017-15215 Shaarli Project Cross-Site Scripting vulnerability in Shaarli Project Shaarli 0.9.1

Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to index.php.

4.3
2017-10-11 CVE-2017-15194 Cacti Cross-Site Scripting vulnerability in Cacti 1.1.25

include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.

4.3
2017-10-10 CVE-2017-15225 GNU Missing Release of Resource After Effective Lifetime vulnerability in GNU Binutils 2.29

_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file.

4.3
2017-10-10 CVE-2017-1503 IBM Cross-Site Scripting vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to HTTP response splitting attacks.

4.3
2017-10-10 CVE-2017-15218 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

4.3
2017-10-10 CVE-2017-15217 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

4.3
2017-10-10 CVE-2017-11063 Google Null Pointer Dereference vulnerability in Google Android 8.0

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.

4.3
2017-10-10 CVE-2016-10514 Piwigo Improper Access Control vulnerability in Piwigo

url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.

4.3
2017-10-10 CVE-2016-10513 Piwigo Cross-Site Scripting vulnerability in Piwigo

Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted search expression to include/functions_search.inc.php.

4.3
2017-10-10 CVE-2017-15216 Misp Project Cross-Site Scripting vulnerability in Misp-Project Misp

MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.js.

4.3
2017-10-10 CVE-2015-7778 Gurunavi Improper Certificate Validation vulnerability in Gurunavi Gournavi

Gurunavi App for iOS before 6.0.0 does not verify SSL certificates which could allow remote attackers to perform man-in-the-middle attacks.

4.3
2017-10-10 CVE-2014-9092 Libjpeg Turbo
Fedoraproject
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

4.3
2017-10-09 CVE-2017-15185 Libmp3Splt Project Improper Input Validation vulnerability in Libmp3Splt Project Libmp3Splt 0.9.2

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

4.3
2017-10-09 CVE-2017-14971 Infocuscorp Information Exposure vulnerability in Infocuscorp Infocus Mondopad 2.2.08

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability.

4.3
2017-10-13 CVE-2017-15014 Opentext Improper Privilege Management vulnerability in Opentext Documentum Content Server

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authenticated user uploads content to the repository, he performs the following steps: (1) calls the START_PUSH RPC-command; (2) uploads the file to the content server; (3) calls the END_PUSH_V2 RPC-command (here, Content Server returns a DATA_TICKET integer, intended to identify the location of the uploaded file on the Content Server filesystem); (4) creates a dmr_content object in the repository, which has a value of data_ticket equal to the value of DATA_TICKET returned at the end of END_PUSH_V2 call.

4.0
2017-10-13 CVE-2016-6815 Apache Credentials Management vulnerability in Apache Ranger

In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.

4.0
2017-10-12 CVE-2017-10857 Cybozu Improper Privilege Management vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.

4.0
2017-10-11 CVE-2017-14369 RSA Unspecified vulnerability in RSA Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege escalation vulnerability.

4.0
2017-10-11 CVE-2017-15212 Kanboard Information Exposure vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user.

4.0
2017-10-11 CVE-2017-15211 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user.

4.0
2017-10-11 CVE-2017-15210 Kanboard Information Exposure vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user.

4.0
2017-10-11 CVE-2017-15209 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove attachments from a private project of another user.

4.0
2017-10-11 CVE-2017-15208 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user.

4.0
2017-10-11 CVE-2017-15207 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user.

4.0
2017-10-11 CVE-2017-15206 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link to a private project of another user.

4.0
2017-10-11 CVE-2017-15205 Kanboard Information Exposure vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user.

4.0
2017-10-11 CVE-2017-15204 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.

4.0
2017-10-11 CVE-2017-15203 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories from a private project of another user.

4.0
2017-10-11 CVE-2017-15202 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a private project of another user.

4.0
2017-10-11 CVE-2017-15201 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user.

4.0
2017-10-11 CVE-2017-15200 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user.

4.0
2017-10-11 CVE-2017-15199 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.

4.0
2017-10-11 CVE-2017-15198 Kanboard Information Exposure vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user.

4.0
2017-10-11 CVE-2017-15197 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user.

4.0
2017-10-11 CVE-2017-15196 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can remove columns from a private project of another user.

4.0
2017-10-11 CVE-2017-15195 Kanboard Authorization Bypass Through User-Controlled KEY vulnerability in Kanboard

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user.

4.0
2017-10-10 CVE-2017-1538 IBM Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL.

4.0
2017-10-10 CVE-2017-12623 Apache XXE vulnerability in Apache Nifi

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack.

4.0
2017-10-10 CVE-2015-2988 Rakutencard Improper Certificate Validation vulnerability in Rakutencard Rakuten Card

Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.

4.0
2017-10-10 CVE-2017-14614 Gridgain Path Traversal vulnerability in Gridgain

Directory traversal vulnerability in the Visor GUI Console in GridGain before 1.7.16, 1.8.x before 1.8.12, 1.9.x before 1.9.7, and 8.x before 8.1.5 allows remote authenticated users to read arbitrary files on remote cluster nodes via a crafted path.

4.0

37 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-11 CVE-2017-13722 X ORG Out-Of-Bounds Read vulnerability in X.Org Libxfont 2.0.0/2.0.1

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.

3.6
2017-10-11 CVE-2017-13720 X ORG Out-Of-Bounds Read vulnerability in X.Org Libxfont 2.0.0/2.0.1

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service).

3.6
2017-10-15 CVE-2017-15360 Paessler Cross-Site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830

PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.

3.5
2017-10-13 CVE-2017-11820 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".

3.5
2017-10-13 CVE-2017-11815 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

3.5
2017-10-13 CVE-2017-11777 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".

3.5
2017-10-13 CVE-2017-11775 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".

3.5
2017-10-12 CVE-2017-15284 Octobercms Cross-Site Scripting vulnerability in Octobercms October 1.0.425

Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile.

3.5
2017-10-12 CVE-2017-15279 Umbraco Cross-Site Scripting vulnerability in Umbraco CMS

Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" (aka nodename) parameter during the creation of a new page, related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and Umbraco.Web/umbraco.presentation/umbraco/dialogs/notifications.aspx.cs.

3.5
2017-10-12 CVE-2017-15278 Teampass Cross-Site Scripting vulnerability in Teampass

Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9.

3.5
2017-10-11 CVE-2017-8016 EMC Cross-Site Scripting vulnerability in EMC Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field.

3.5
2017-10-11 CVE-2017-14370 RSA Cross-Site Scripting vulnerability in RSA Archer GRC Platform

RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field.

3.5
2017-10-11 CVE-2017-14587 Atlassian Cross-Site Scripting vulnerability in Atlassian Crucible

The administration user deletion resource in Atlassian Fisheye and Crucible before version 4.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the uname parameter.

3.5
2017-10-11 CVE-2017-7352 Purestorage Cross-Site Scripting vulnerability in Purestorage Purity 4.7.5

Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen.

3.5
2017-10-11 CVE-2017-15214 Flyspray Cross-Site Scripting vulnerability in Flyspray 1.0

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title, or id parameter to plugins/dokuwiki/lib/plugins/changelinks/syntax.php.

3.5
2017-10-11 CVE-2017-15213 Flyspray Cross-Site Scripting vulnerability in Flyspray 1.0

Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field to themes/CleanFS/templates/common.editallusers.tpl.

3.5
2017-10-11 CVE-2017-15188 Eyesofnetwork Cross-Site Scripting vulnerability in Eyesofnetwork Eonweb 5.10

A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.

3.5
2017-10-10 CVE-2017-15219 Dotcms Cross-Site Scripting vulnerability in Dotcms 4.1.1

The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting (XSS) affecting a vanity-urls Title field, a containers Description field, and a templates Description field.

3.5
2017-10-10 CVE-2015-6918 Saltstack Information Exposure vulnerability in Saltstack Salt 2015

salt before 2015.5.5 leaks git usernames and passwords to the log.

3.5
2017-10-10 CVE-2015-6521 Atutor Cross-Site Scripting vulnerability in Atutor 2.2

Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2.

3.5
2017-10-09 CVE-2017-14973 Identicard Cross-Site Scripting vulnerability in Identicard Two-Reader Controller Configuration Manager 1.18.8(396)

IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is vulnerable to Stored Cross-Site Scripting (XSS) via the notes field in /~user_handler?file=logged_in.shtm (aka the edit user page).

3.5
2017-10-12 CVE-2016-9263 Wordpress Improper Input Validation vulnerability in Wordpress

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file.

2.6
2017-10-10 CVE-2017-13675 Symantec Unspecified vulnerability in Symantec Endpoint Encryption

A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.

2.3
2017-10-13 CVE-2017-10613 Juniper Resource Exhaustion vulnerability in Juniper Junos

A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined action, to hang the kernel.

2.1
2017-10-13 CVE-2017-10606 Juniper Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40

Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products.

2.1
2017-10-13 CVE-2017-8693 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11829 Microsoft Files OR Directories Accessible TO External Parties vulnerability in Microsoft Windows 10 and Windows Server 2016

Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.

2.1
2017-10-13 CVE-2017-11816 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11814 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11785 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11784 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11765 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability".

2.1
2017-10-13 CVE-2017-11817 Microsoft Information Exposure vulnerability in Microsoft products

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly validates objects in memory, aka "Windows Information Disclosure Vulnerability".

1.9
2017-10-10 CVE-2017-15038 Qemu Race Condition vulnerability in Qemu

Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.

1.9
2017-10-10 CVE-2017-13721 X ORG
Debian
Improper Privilege Management vulnerability in multiple products

In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

1.9
2017-10-13 CVE-2016-4924 Juniper Permission Issues vulnerability in Juniper Junos 14.1/15.1

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys.

1.7
2017-10-10 CVE-2017-13679 Symantec Unspecified vulnerability in Symantec Encryption Desktop

A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.

1.4