Weekly Vulnerabilities Reports > October 16 to 22, 2017

Overview

458 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 40 high severity vulnerabilities. This weekly summary report vulnerabilities in 461 products from 149 vendors including Oracle, Debian, Irfanview, Microsoft, and Xnview. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", "Cross-site Scripting", "Improper Input Validation", and "Cross-Site Request Forgery (CSRF)".

  • 391 reported vulnerabilities are remotely exploitables.
  • 24 reported vulnerabilities have public exploit available.
  • 76 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 354 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 184 reported vulnerabilities.
  • SAP has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

10 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-18 CVE-2017-14322 Interspire Improper Authentication vulnerability in Interspire Email Marketer

The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted value.

10.0
2017-10-17 CVE-2017-3761 Lenovo OS Command Injection vulnerability in Lenovo Service Framework

The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input.

10.0
2017-10-16 CVE-2015-4650 Arubanetworks Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Clearpass Policy Manager

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors.

10.0
2017-10-16 CVE-2017-15295 SAP Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030

Xpress Server in SAP POS does not require authentication for read/write/delete file access.

10.0
2017-10-16 CVE-2017-15293 SAP Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030

Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials.

10.0
2017-10-16 CVE-2017-15376 Mobatek Code Injection vulnerability in Mobatek Mobaxterm 10.4

The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23.

10.0
2017-10-19 CVE-2017-10955 EMC Improper Input Validation vulnerability in EMC Data Protection Advisor 6.3.0

** DISPUTED ** This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0.

9.0
2017-10-18 CVE-2015-5164 Pulpproject
Redhat
Deserialization of Untrusted Data vulnerability in Pulpproject Qpid

The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.

9.0
2017-10-17 CVE-2014-9118 Dasanzhone Command Injection vulnerability in Dasanzhone Znid 2426A Firmware

The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.

9.0
2017-10-16 CVE-2016-4461 Apache
Netapp
Improper Input Validation vulnerability in multiple products

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation.

9.0

40 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-19 CVE-2017-10260 Oracle Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware

Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management).

7.8
2017-10-17 CVE-2014-9697 Huawei Resource Exhaustion vulnerability in Huawei products

Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.

7.8
2017-10-19 CVE-2017-15643 Ikarussecurity Http Request Smuggling vulnerability in Ikarussecurity Ikarus Antivirus 2.16.7

An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7.

7.6
2017-10-19 CVE-2015-4422 Huawei Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Huawei Mate 7 Firmware

The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application.

7.6
2017-10-19 CVE-2015-4421 Huawei Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Huawei Mate 7 Firmware

The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified input.

7.6
2017-10-22 CVE-2017-15804 GNU Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Glibc

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.

7.5
2017-10-20 CVE-2011-1935 Debain Data Processing Errors vulnerability in Debain Libpcap 1.1.1

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.

7.5
2017-10-20 CVE-2017-15670 GNU Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Glibc

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

7.5
2017-10-20 CVE-2017-6145 F5 Insufficient Session Expiration vulnerability in F5 products

iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens.

7.5
2017-10-19 CVE-2017-5636 Apache Injection vulnerability in Apache Nifi

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node.

7.5
2017-10-19 CVE-2017-10402 Oracle Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 8.5.1/9.0.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report).

7.5
2017-10-19 CVE-2017-10391 Oracle Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration).

7.5
2017-10-19 CVE-2017-10366 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor).

7.5
2017-10-19 CVE-2017-10352 Oracle Unspecified vulnerability in Oracle Weblogic Server

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services).

7.5
2017-10-19 CVE-2017-10265 Oracle Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware

Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management).

7.5
2017-10-18 CVE-2015-5740 Golang
Fedoraproject
Redhat
Http Request Smuggling vulnerability in multiple products

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.

7.5
2017-10-18 CVE-2015-5739 Golang
Fedoraproject
Redhat
Http Request Smuggling vulnerability in multiple products

The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length."

7.5
2017-10-18 CVE-2015-5376 GSI Office SQL Injection vulnerability in Gsi-Office Winpat Portal 3.2.0.1001/3.6.1.0

SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field.

7.5
2017-10-18 CVE-2017-15579 Phpsugar SQL Injection vulnerability in PHPsugar PHP Melody

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.

7.5
2017-10-18 CVE-2017-15575 Redmine
Debian
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.
7.5
2017-10-17 CVE-2017-13999 WE CON Buffer Errors vulnerability in We-Con Levi Studio HMI Editor 1.8.0

A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior.

7.5
2017-10-17 CVE-2017-15539 Zorovavi Blog Project SQL Injection vulnerability in Zorovavi/Blog Project Zorovavi/Blog

SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.

7.5
2017-10-17 CVE-2017-3758 Lenovo Unspecified vulnerability in Lenovo Service Framework

Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.

7.5
2017-10-17 CVE-2015-7806 Form Manager Project Command Injection vulnerability in Form Manager Project Form Manager 1.7.2

Eval injection vulnerability in the fm_saveHelperGatherItems function in ajax.php in the Form Manager plugin before 1.7.3 for WordPress allows remote attackers to execute arbitrary code via unspecified vectors.

7.5
2017-10-17 CVE-2014-9733 Nwjs Improper Input Validation vulnerability in Nwjs Nw.Js

nw.js before 0.11.5 can simulate user input events in a normal frame, which allows remote attackers to have unspecified impact via unknown vectors.

7.5
2017-10-17 CVE-2014-9487 Mediawiki XXE vulnerability in Mediawiki

The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

7.5
2017-10-16 CVE-2015-7687 Openbsd
Fedoraproject
USE After Free vulnerability in multiple products

Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.

7.5
2017-10-16 CVE-2015-2780 Berta Unrestricted Upload of File With Dangerous Type vulnerability in Berta CMS

Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

7.5
2017-10-16 CVE-2017-14952 ICU Project Double Free vulnerability in Icu-Project International Components FOR Unicode

Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

7.5
2017-10-16 CVE-2014-9148 Fiyo Improper Access Control vulnerability in Fiyo CMS

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

7.5
2017-10-16 CVE-2014-8621 Store Locator Project SQL Injection vulnerability in Store Locator Project Store Locator 2.3/3.11

SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote attackers to execute arbitrary SQL commands via the sl_custom_field parameter to sl-xml.php.

7.5
2017-10-16 CVE-2017-15373 Softwarepublico SQL Injection vulnerability in Softwarepublico E-Sic 1.0

E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area).

7.5
2017-10-22 CVE-2015-5699 Cumulusnetworks Permissions, Privileges, and Access Controls vulnerability in Cumulusnetworks Cumulus Linux 2.5.3

The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.

7.2
2017-10-20 CVE-2017-12628 Apache Deserialization of Untrusted Data vulnerability in Apache James Server 2.3.2/2.3.2.1/3.0.0

The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands.

7.2
2017-10-19 CVE-2017-12579 Hashicorp Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant VMWare Fusion

An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell.

7.2
2017-10-19 CVE-2017-12301 Cisco Improper Input Validation vulnerability in Cisco Nx-Os

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device.

7.2
2017-10-18 CVE-2017-15595 XEN Resource Exhaustion vulnerability in XEN

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.

7.2
2017-10-18 CVE-2017-15592 XEN Exposure of Resource TO Wrong Sphere vulnerability in XEN

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.

7.2
2017-10-16 CVE-2017-15383 Nero Unquoted Search Path OR Element vulnerability in Nero 7.10.1.0

Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.

7.2
2017-10-16 CVE-2017-15302 Cpuid Unspecified vulnerability in Cpuid Cpu-Z

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver (e.g., cpuz143_x64.sys for version 1.43) that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604.

7.2

364 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-18 CVE-2017-15588 XEN Race Condition vulnerability in XEN 4.9.0

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.

6.9
2017-10-16 CVE-2017-15265 Linux USE After Free vulnerability in Linux Kernel

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

6.9
2017-10-22 CVE-2017-15789 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."

6.8
2017-10-22 CVE-2017-15788 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83."

6.8
2017-10-22 CVE-2017-15787 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063."

6.8
2017-10-22 CVE-2017-15786 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x00000000001a78db."

6.8
2017-10-22 CVE-2017-15785 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."

6.8
2017-10-22 CVE-2017-15784 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnview+0x0000000000370074."

6.8
2017-10-22 CVE-2017-15783 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1."

6.8
2017-10-22 CVE-2017-15782 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."

6.8
2017-10-22 CVE-2017-15781 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADImage+0x0000000000286a76."

6.8
2017-10-22 CVE-2017-15780 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285dad."

6.8
2017-10-22 CVE-2017-15779 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADImage+0x00000000000034b0."

6.8
2017-10-22 CVE-2017-15778 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285de7."

6.8
2017-10-22 CVE-2017-15777 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750."

6.8
2017-10-22 CVE-2017-15776 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285ec1."

6.8
2017-10-22 CVE-2017-15775 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000259aa4."

6.8
2017-10-22 CVE-2017-15774 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADImage+0x0000000000221a9a."

6.8
2017-10-22 CVE-2017-15773 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285d79."

6.8
2017-10-22 CVE-2017-15772 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285e9d."

6.8
2017-10-22 CVE-2017-15769 Irfanview Buffer Errors vulnerability in Irfanview 4.50

IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W+0x0000000000001b22."

6.8
2017-10-22 CVE-2017-15768 Irfanview Buffer Errors vulnerability in Irfanview 4.50

IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch Selection starting at image000007f7_42060000+0x0000000000094113."

6.8
2017-10-22 CVE-2017-15767 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADIMAGE+0x00000000003d5b52."

6.8
2017-10-22 CVE-2017-15766 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f0a0."

6.8
2017-10-22 CVE-2017-15765 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at CADIMAGE+0x00000000003e9462."

6.8
2017-10-22 CVE-2017-15764 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001e6b0."

6.8
2017-10-22 CVE-2017-15763 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001eca0."

6.8
2017-10-22 CVE-2017-15762 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f31b."

6.8
2017-10-22 CVE-2017-15761 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ecaa."

6.8
2017-10-22 CVE-2017-15760 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ce82."

6.8
2017-10-22 CVE-2017-15759 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3."

6.8
2017-10-22 CVE-2017-15758 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b."

6.8
2017-10-22 CVE-2017-15757 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029ba."

6.8
2017-10-22 CVE-2017-15756 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d7c4."

6.8
2017-10-22 CVE-2017-15755 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091."

6.8
2017-10-22 CVE-2017-15754 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000013968."

6.8
2017-10-22 CVE-2017-15753 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029c2."

6.8
2017-10-22 CVE-2017-15752 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d6b0."

6.8
2017-10-22 CVE-2017-15751 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39."

6.8
2017-10-22 CVE-2017-15750 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Babacad4Image and Irfanview

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009ae0."

6.8
2017-10-22 CVE-2017-15749 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000000348b9."

6.8
2017-10-22 CVE-2017-15748 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADIMAGE+0x000000000000613a."

6.8
2017-10-22 CVE-2017-15747 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."

6.8
2017-10-22 CVE-2017-15746 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000003d21b3."

6.8
2017-10-22 CVE-2017-15745 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000002ca2e."

6.8
2017-10-22 CVE-2017-15744 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADIMAGE+0x00000000003d35a7."

6.8
2017-10-22 CVE-2017-15743 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADIMAGE+0x00000000003d24a0."

6.8
2017-10-22 CVE-2017-15742 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d2328."

6.8
2017-10-22 CVE-2017-15741 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378."

6.8
2017-10-22 CVE-2017-15740 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e."

6.8
2017-10-22 CVE-2017-15739 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."

6.8
2017-10-22 CVE-2017-15738 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8."

6.8
2017-10-22 CVE-2017-15737 Irfanview Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Cadimage and Irfanview

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f."

6.8
2017-10-22 CVE-2017-15803 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150."

6.8
2017-10-22 CVE-2017-15802 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087."

6.8
2017-10-22 CVE-2017-15801 Xnview
Microsoft
Buffer Errors vulnerability in Xnview 2.43

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e."

6.8
2017-10-22 CVE-2017-15735 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.

6.8
2017-10-22 CVE-2017-15734 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.

6.8
2017-10-22 CVE-2017-15733 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.

6.8
2017-10-22 CVE-2017-15732 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.

6.8
2017-10-22 CVE-2017-15731 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.

6.8
2017-10-22 CVE-2017-15730 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.

6.8
2017-10-22 CVE-2017-15729 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.

6.8
2017-10-20 CVE-2017-13127 VIP
Apple
Google
Information Exposure vulnerability in VIP

The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack.

6.8
2017-10-19 CVE-2017-15645 Webmin Cross-Site Request Forgery (CSRF) vulnerability in Webmin

CSRF exists in Webmin 1.850.

6.8
2017-10-19 CVE-2017-10427 Oracle Unspecified vulnerability in Oracle Retail Xstore Point of Service

Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale).

6.8
2017-10-19 CVE-2017-10424 Oracle Unspecified vulnerability in Oracle Mysql Enterprise Monitor

Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web).

6.8
2017-10-19 CVE-2017-10393 Oracle Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container).

6.8
2017-10-19 CVE-2017-10385 Oracle Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container).

6.8
2017-10-19 CVE-2017-10346 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).

6.8
2017-10-19 CVE-2017-10309 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).

6.8
2017-10-19 CVE-2017-10285 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI).

6.8
2017-10-19 CVE-2017-12271 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device.

6.8
2017-10-18 CVE-2015-5227 Inboundnow Injection vulnerability in Inboundnow Wordpress Landing Pages

The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter.

6.8
2017-10-18 CVE-2015-7715 Realtyna Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Property Listing 8.9/8.9.2

Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php.

6.8
2017-10-18 CVE-2017-8022 EMC Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Networker

An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4).

6.8
2017-10-18 CVE-2014-3709 Keycloak Cross-Site Request Forgery (CSRF) vulnerability in Keycloak

The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

6.8
2017-10-18 CVE-2017-13083 Rufus Project Download of Code Without Integrity Check vulnerability in Rufus Project Rufus 2.17

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code

6.8
2017-10-18 CVE-2017-15587 Artifex Integer Overflow OR Wraparound vulnerability in Artifex Mupdf 1.11

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

6.8
2017-10-17 CVE-2017-15565 Freedesktop
Debian
Null Pointer Dereference vulnerability in multiple products

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.

6.8
2017-10-17 CVE-2017-14013 Prominent Incorrect Resource Transfer Between Spheres vulnerability in Prominent Multiflex M10A Controller Firmware

A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface.

6.8
2017-10-17 CVE-2017-14011 Prominent Cross-Site Request Forgery (CSRF) vulnerability in Prominent Multiflex M10A Controller Firmware

A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface.

6.8
2017-10-17 CVE-2017-14007 Prominent Insufficient Session Expiration vulnerability in Prominent Multiflex M10A Controller Firmware

An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface.

6.8
2017-10-17 CVE-2017-3759 Lenovo Improper Input Validation vulnerability in Lenovo Service Framework

The Lenovo Service Framework Android application accepts some responses from the server without proper validation.

6.8
2017-10-16 CVE-2017-15385 Radare Buffer Errors vulnerability in Radare Radare2 2.0.0

The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file.

6.8
2017-10-16 CVE-2017-9367 Blackberry Path Traversal vulnerability in Blackberry Workspaces Appliance-X and Workspaces Vapp

A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.

6.8
2017-10-16 CVE-2017-15221 ASX TO MP3 Converter Project Buffer Errors vulnerability in ASX TO MP3 Converter Project ASX TO MP3 Converter 3.1.3.7

ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324.

6.8
2017-10-16 CVE-2017-15296 SAP Cross-Site Request Forgery (CSRF) vulnerability in SAP Customer Relationship Management

The Java component in SAP CRM has CSRF.

6.8
2017-10-16 CVE-2017-15369 Artifex USE After Free vulnerability in Artifex Mupdf

The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.

6.8
2017-10-16 CVE-2017-15368 Radare Out-Of-Bounds Read vulnerability in Radare Radare2 2.0.0

The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_bin2str call.

6.8
2017-10-22 CVE-2017-11292 Adobe
Apple
Linux
Microsoft
Google
Improper Validation of Array Index vulnerability in Adobe Flash Player

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index.

6.5
2017-10-20 CVE-2017-2133 Panasonic SQL Injection vulnerability in Panasonic Kx-Hjb1000 Firmware Ghx1Yg14.50/Hjb10004.47

SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2017-10-20 CVE-2017-15651 Paessler Improper Input Validation vulnerability in Paessler Prtg Network Monitor 17.3.33.2830

PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.

6.5
2017-10-19 CVE-2017-10404 Oracle Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 8.5.1/9.0.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery).

6.5
2017-10-19 CVE-2017-10396 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Affairwhere 2.2.5.0/2.2.6.0/2.2.7.0

Vulnerability in the Oracle Hospitality Cruise AffairWhere component of Oracle Hospitality Applications (subcomponent: AffairWhere).

6.5
2017-10-19 CVE-2017-10333 Oracle Unspecified vulnerability in Oracle Siebel UI Framework 16.0/17.0

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI).

6.5
2017-10-19 CVE-2017-12251 Cisco Improper Authentication vulnerability in Cisco Cloud Services Platform 2100

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device.

6.5
2017-10-18 CVE-2016-5714 Puppet
Puppetlabs
Improper Access Control vulnerability in multiple products

Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability."

6.5
2017-10-18 CVE-2015-7714 Realtyna SQL Injection vulnerability in Realtyna Property Listing 8.9/8.9.2

Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6) cat_id, (7) text_search, (8) plisting, or (9) pwizard parameter to administrator/index.php.

6.5
2017-10-17 CVE-2017-14005 Prominent Weak Password Recovery Mechanism FOR Forgotten Password vulnerability in Prominent Multiflex M10A Controller Firmware

An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface.

6.5
2017-10-17 CVE-2017-5531 Tibco Unspecified vulnerability in Tibco products

Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications.

6.5
2017-10-17 CVE-2014-2664 X2Engine Unrestricted Upload of File With Dangerous Type vulnerability in X2Engine X2Crm

Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

6.5
2017-10-17 CVE-2014-9489 Gollum Project Improper Access Control vulnerability in Gollum Project Gollum, Gollum-Lib and Grit Adapter

The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string "master" is in any of the wiki documents, allows remote authenticated users to execute arbitrary code via the -O or --open-files-in-pager flags.

6.5
2017-10-20 CVE-2017-2132 Panasonic Improper Input Validation vulnerability in Panasonic Kx-Hjb1000 Firmware Ghx1Yg14.50/Hjb10004.47

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors.

6.4
2017-10-19 CVE-2017-10405 Oracle Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 8.5.1/9.0.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report).

6.4
2017-10-19 CVE-2017-10362 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Sawbridge).

6.4
2017-10-19 CVE-2017-10330 Oracle Unspecified vulnerability in Oracle Common Applications

Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Gantt Server).

6.4
2017-10-19 CVE-2017-10329 Oracle Unspecified vulnerability in Oracle Global Order Promising

Vulnerability in the Oracle Global Order Promising component of Oracle E-Business Suite (subcomponent: Reschedule Sales Orders).

6.4
2017-10-19 CVE-2017-12285 Cisco Improper Input Validation vulnerability in Cisco Prime Network Analysis Module 6.2(1B)

A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal.

6.4
2017-10-17 CVE-2017-9625 Envitech Improper Authentication vulnerability in Envitech Envidas Ultimate 1.0.0.4

An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5.

6.4
2017-10-17 CVE-2017-8805 Debian Path Traversal vulnerability in Debian Ftpsync

Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.

6.4
2017-10-16 CVE-2014-3702 Redhat Path Traversal vulnerability in Redhat Edeploy

Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a ..

6.4
2017-10-19 CVE-2017-10275 Oracle Unspecified vulnerability in Oracle Solaris AK 2013

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Filesystem).

6.3
2017-10-19 CVE-2017-10369 Oracle Unspecified vulnerability in Oracle Virtual Directory 11.1.1.7.0/11.1.1.9.0

Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Server).

6.0
2017-10-18 CVE-2017-15578 Phpsugar SQL Injection vulnerability in PHPsugar PHP Melody

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.

6.0
2017-10-16 CVE-2014-7851 Ovirt
Redhat
Permissions, Privileges, and Access Controls vulnerability in multiple products

oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.

6.0
2017-10-20 CVE-2017-6144 F5 Improper Certificate Validation vulnerability in F5 Big-Ip Policy Enforcement Manager 12.1.0/12.1.1/12.1.2

In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Allocation Code (TAC) database file via HTTPS, the server's certificate is not verified.

5.8
2017-10-19 CVE-2017-3446 Oracle Unspecified vulnerability in Oracle Trade Management

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface).

5.8
2017-10-19 CVE-2017-3445 Oracle Unspecified vulnerability in Oracle Trade Management

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface).

5.8
2017-10-19 CVE-2017-3444 Oracle Unspecified vulnerability in Oracle Trade Management

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface).

5.8
2017-10-19 CVE-2017-10417 Oracle Unspecified vulnerability in Oracle Advanced Outbound Telephony

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Setup and Configuration).

5.8
2017-10-19 CVE-2017-10416 Oracle Unspecified vulnerability in Oracle Advanced Outbound Telephony

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Setup and Configuration).

5.8
2017-10-19 CVE-2017-10415 Oracle Unspecified vulnerability in Oracle Isupport

Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Others).

5.8
2017-10-19 CVE-2017-10414 Oracle Unspecified vulnerability in Oracle Istore

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Checkout and Order Placement).

5.8
2017-10-19 CVE-2017-10413 Oracle Unspecified vulnerability in Oracle Mobile Field Service

Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite (subcomponent: Multiplatform Based on HTML5).

5.8
2017-10-19 CVE-2017-10412 Oracle Unspecified vulnerability in Oracle Knowledge Management

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface).

5.8
2017-10-19 CVE-2017-10411 Oracle Unspecified vulnerability in Oracle Knowledge Management

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface).

5.8
2017-10-19 CVE-2017-10410 Oracle Unspecified vulnerability in Oracle Knowledge Management

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: Search).

5.8
2017-10-19 CVE-2017-10409 Oracle Unspecified vulnerability in Oracle Istore

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Merchant UI).

5.8
2017-10-19 CVE-2017-10406 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology).

5.8
2017-10-19 CVE-2017-10400 Oracle Unspecified vulnerability in Oracle Glassfish Server 3.1.2

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface).

5.8
2017-10-19 CVE-2017-10397 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0.2.0

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: BaseMasterPage).

5.8
2017-10-19 CVE-2017-10381 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology).

5.8
2017-10-19 CVE-2017-10368 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise SCM Eprocurement 9.1.00/9.2.00

Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status).

5.8
2017-10-19 CVE-2017-10367 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement).

5.8
2017-10-19 CVE-2017-10360 Oracle Unspecified vulnerability in Oracle Webcenter Content 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server).

5.8
2017-10-19 CVE-2017-10359 Oracle Unspecified vulnerability in Oracle Hyperion Bi+ 11.1.2.4.0

Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion (subcomponent: UI and Visualization).

5.8
2017-10-19 CVE-2017-10354 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Prtl Interaction HUB 9.1.00

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal).

5.8
2017-10-19 CVE-2017-10344 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export).

5.8
2017-10-19 CVE-2017-10340 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export).

5.8
2017-10-19 CVE-2017-10338 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Prtl Interaction HUB 9.1.00

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal).

5.8
2017-10-19 CVE-2017-10327 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Query).

5.8
2017-10-19 CVE-2017-10326 Oracle Unspecified vulnerability in Oracle Common Applications Calendar

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar).

5.8
2017-10-19 CVE-2017-10325 Oracle Unspecified vulnerability in Oracle Common Applications Calendar

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar).

5.8
2017-10-19 CVE-2017-10323 Oracle Unspecified vulnerability in Oracle web Applications Desktop Integrator

Vulnerability in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite (subcomponent: Application Service).

5.8
2017-10-19 CVE-2017-10315 Oracle Unspecified vulnerability in Oracle Siebel UI Framework 16.0/17.0

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI).

5.8
2017-10-19 CVE-2017-10312 Oracle Unspecified vulnerability in Oracle Hyperion Bi+ 11.1.2.4

Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion (subcomponent: UI and Visualization).

5.8
2017-10-19 CVE-2017-10303 Oracle Unspecified vulnerability in Oracle Interaction Center Intelligence 12.1.1/12.1.2/12.1.3

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite (subcomponent: Setup).

5.8
2017-10-19 CVE-2017-10302 Oracle Unspecified vulnerability in Oracle Siebel UI Framework 16.0/17.0

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI).

5.8
2017-10-19 CVE-2017-10293 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc).

5.8
2017-10-19 CVE-2017-10277 Oracle Unspecified vulnerability in Oracle Mysql Connector/Net

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net).

5.8
2017-10-19 CVE-2017-10263 Oracle Unspecified vulnerability in Oracle Siebel UI Framework 16.0/17.0

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI).

5.8
2017-10-19 CVE-2017-10161 Oracle Unspecified vulnerability in Oracle Agile Engineering Data Management 6.1.3.0/6.2.2.0

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security).

5.8
2017-10-19 CVE-2017-10159 Oracle Unspecified vulnerability in Oracle Communications Policy Management 11.5/12.0

Vulnerability in the Oracle Communications Policy Management component of Oracle Communications Applications (subcomponent: Portal, CMP).

5.8
2017-10-19 CVE-2017-10158 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Core).

5.8
2017-10-19 CVE-2017-10060 Oracle Unspecified vulnerability in Oracle Business Intelligence

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web General).

5.8
2017-10-19 CVE-2017-10055 Oracle Unspecified vulnerability in Oracle Iplanet web Server 7.0

Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware (subcomponent: Admin Graphical User Interface).

5.8
2017-10-19 CVE-2017-10050 Oracle Unspecified vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect).

5.8
2017-10-19 CVE-2017-10034 Oracle Unspecified vulnerability in Oracle Business Intelligence Publisher 11.1.1.7.0/11.1.1.9.0

Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Core Formatting API).

5.8
2017-10-19 CVE-2017-10026 Oracle Unspecified vulnerability in Oracle SOA Suite 11.1.1.7.0

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer).

5.8
2017-10-18 CVE-2015-6961 Web2Py Open Redirect vulnerability in Web2Py 2.9.11

Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.

5.8
2017-10-18 CVE-2015-7943 Drupal
Jquery Update Project
Labjs Project
Open Redirect vulnerability in multiple products

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2017-10-17 CVE-2017-13082 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

5.8
2017-10-19 CVE-2017-10425 Oracle Unspecified vulnerability in Oracle Hospitality Simphony

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Service Host).

5.5
2017-10-19 CVE-2017-10420 Oracle Unspecified vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure).

5.5
2017-10-19 CVE-2017-10418 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PeopleSoft CDA).

5.5
2017-10-19 CVE-2017-10395 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0.2.0

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp).

5.5
2017-10-19 CVE-2017-10394 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security).

5.5
2017-10-19 CVE-2017-10372 Oracle Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base).

5.5
2017-10-19 CVE-2017-10365 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).

5.5
2017-10-19 CVE-2017-10364 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Environment Mgmt).

5.5
2017-10-19 CVE-2017-10363 Oracle Unspecified vulnerability in Oracle Flexcube Universal Banking

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security).

5.5
2017-10-19 CVE-2017-10361 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Shipboard Property Management System 8.0.2.0

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC DRS).

5.5
2017-10-19 CVE-2017-10358 Oracle Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace).

5.5
2017-10-19 CVE-2017-10353 Oracle Unspecified vulnerability in Oracle Hospitality Hotel Mobile 1.1

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI).

5.5
2017-10-19 CVE-2017-10337 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure).

5.5
2017-10-19 CVE-2017-10162 Oracle Unspecified vulnerability in Oracle Siebel Core-Server Framework 16.0/17.0

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services).

5.5
2017-10-19 CVE-2017-10077 Oracle Unspecified vulnerability in Oracle Applications DBA

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: AD Utilities).

5.5
2017-10-19 CVE-2017-10065 Oracle Unspecified vulnerability in Oracle Retail Point-Of-Service

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security).

5.5
2017-10-17 CVE-2017-13086 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

5.4
2017-10-17 CVE-2017-13084 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

5.4
2017-10-17 CVE-2017-13077 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

5.4
2017-10-19 CVE-2017-10388 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).

5.1
2017-10-17 CVE-2017-3760 Lenovo Improper Validation of Integrity Check Value vulnerability in Lenovo Service Framework

The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data.

5.1
2017-10-22 CVE-2017-15723 Irssi
Debian
Null Pointer Dereference vulnerability in multiple products

In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.

5.0
2017-10-22 CVE-2017-15721 Irssi
Debian
Null Pointer Dereference vulnerability in multiple products

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference.

5.0
2017-10-22 CVE-2017-15228 Irssi Out-Of-Bounds Read vulnerability in Irssi

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.

5.0
2017-10-22 CVE-2017-15227 Irssi USE After Free vulnerability in Irssi

Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on.

5.0
2017-10-22 CVE-2015-5177 Openslp
Debian
Double Free vulnerability in multiple products

Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package.

5.0
2017-10-20 CVE-2017-6165 F5 Information Exposure Through LOG Files vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.

5.0
2017-10-20 CVE-2017-2131 Panasonic Information Exposure vulnerability in Panasonic Kx-Hjb1000 Firmware Ghx1Yg14.50/Hjb10004.47

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors.

5.0
2017-10-19 CVE-2017-15650 Musl Libc Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Musl-Libc Musl

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.

5.0
2017-10-19 CVE-2017-15647 Fiberhome Path Traversal vulnerability in Fiberhome Routerfiberhome Firmware

On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.

5.0
2017-10-19 CVE-2017-15644 Webmin Server-Side Request Forgery (SSRF) vulnerability in Webmin

SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000.

5.0
2017-10-19 CVE-2017-10933 ZTE Path Traversal vulnerability in ZTE Zxdt22 Sf01 Firmware

All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address.

5.0
2017-10-19 CVE-2015-6668 WP Jobmanager Information Exposure vulnerability in Wp-Jobmanager JOB Manager

The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference.

5.0
2017-10-19 CVE-2012-4380 Mediawiki Improper Access Control vulnerability in Mediawiki

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors.

5.0
2017-10-19 CVE-2017-5635 Apache Improper Authentication vulnerability in Apache Nifi

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.

5.0
2017-10-19 CVE-2012-6707 Wordpress Inadequate Encryption Strength vulnerability in Wordpress

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values.

5.0
2017-10-19 CVE-2017-10383 Oracle Information Exposure vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface).

5.0
2017-10-19 CVE-2017-10373 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Health Center).

5.0
2017-10-19 CVE-2017-10357 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization).

5.0
2017-10-19 CVE-2017-10355 Oracle Unspecified vulnerability in Oracle Jdk, JRE and Jrockit

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).

5.0
2017-10-19 CVE-2017-10350 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS).

5.0
2017-10-19 CVE-2017-10349 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP).

5.0
2017-10-19 CVE-2017-10348 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).

5.0
2017-10-19 CVE-2017-10347 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization).

5.0
2017-10-19 CVE-2017-10342 Oracle Unspecified vulnerability in Oracle Java Advanced Management Console 2.7

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server).

5.0
2017-10-19 CVE-2017-10336 Oracle Unspecified vulnerability in Oracle Weblogic Server

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).

5.0
2017-10-19 CVE-2017-10335 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Elastic Search).

5.0
2017-10-19 CVE-2017-10332 Oracle Information Exposure vulnerability in Oracle Universal Work Queue

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration).

5.0
2017-10-19 CVE-2017-10331 Oracle Information Exposure vulnerability in Oracle Application Object Library

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics).

5.0
2017-10-19 CVE-2017-10328 Oracle Information Exposure vulnerability in Oracle Application Object Library

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics).

5.0
2017-10-19 CVE-2017-10324 Oracle Information Exposure vulnerability in Oracle E-Business Suite Technology Stack

Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms).

5.0
2017-10-19 CVE-2017-10322 Oracle Unspecified vulnerability in Oracle Common Applications Calendar

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar).

5.0
2017-10-19 CVE-2017-10319 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure).

5.0
2017-10-19 CVE-2017-10310 Oracle Information Exposure vulnerability in Oracle Hyperion Financial Reporting 11.1.2

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models).

5.0
2017-10-19 CVE-2017-10300 Oracle Information Exposure vulnerability in Oracle Siebel Customer Relationship Management Desktop 16.0/17.0

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Siebel Business Service Issues).

5.0
2017-10-19 CVE-2017-10287 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise SCM Strategic Sourcing 9.2

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing).

5.0
2017-10-19 CVE-2017-10281 Oracle Unspecified vulnerability in Oracle Jdk, JRE and Jrockit

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).

5.0
2017-10-19 CVE-2017-10280 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Test Framework).

5.0
2017-10-19 CVE-2017-10276 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS).

5.0
2017-10-19 CVE-2017-10271 Oracle Unspecified vulnerability in Oracle Weblogic Server

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security).

5.0
2017-10-19 CVE-2017-10264 Oracle Unspecified vulnerability in Oracle Siebel UI Framework 16.0/17.0

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI).

5.0
2017-10-19 CVE-2017-10259 Oracle Information Exposure vulnerability in Oracle Coreid Access 11.1.2.3.0

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin).

5.0
2017-10-19 CVE-2017-10203 Oracle Unspecified vulnerability in Oracle Mysql Connector/Net

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net).

5.0
2017-10-19 CVE-2017-10155 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth).

5.0
2017-10-19 CVE-2017-10154 Oracle Information Exposure vulnerability in Oracle Access Manager 11.1.2.3.0

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin).

5.0
2017-10-19 CVE-2017-10066 Oracle Unspecified vulnerability in Oracle E-Business Suite Technology Stack

Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms).

5.0
2017-10-19 CVE-2017-10037 Oracle Information Exposure vulnerability in Oracle Business Intelligence Publisher 11.1.1.7.0/11.1.1.9.0

Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Service API).

5.0
2017-10-19 CVE-2017-3883 Cisco Allocation of Resources Without Limits OR Throttling vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

5.0
2017-10-19 CVE-2017-15609 Octopus Missing Encryption of Sensitive Data vulnerability in Octopus Deploy

Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variable JSON file in certain situations involving Offline Drop Targets.

5.0
2017-10-19 CVE-2017-12293 Cisco Buffer Errors vulnerability in Cisco Webex Meetings Server 2.7

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2017-10-19 CVE-2017-12260 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition.

5.0
2017-10-19 CVE-2017-12259 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Small Business IP Phone Firmware

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition.

5.0
2017-10-18 CVE-2017-15602 GNU Infinite Loop vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.

5.0
2017-10-18 CVE-2017-15601 GNU Buffer Errors vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.

5.0
2017-10-18 CVE-2017-15600 GNU Null Pointer Dereference vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.

5.0
2017-10-18 CVE-2014-8491 Codeasily Information Exposure vulnerability in Codeasily Grand Flagallery 1.56

The Grand Flagallery plugin before 4.25 for WordPress allows remote attackers to obtain the installation path via a request to (1) flagallery-skins/banner_widget_default/gallery.php or (2) flash-album-gallery/skins/banner_widget_default/gallery.php.

5.0
2017-10-18 CVE-2014-3164 Google Null Pointer Dereference vulnerability in Google Android

cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.

5.0
2017-10-18 CVE-2017-15583 ABB Information Exposure vulnerability in ABB Fox515T Firmware

The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Local File Inclusion.

5.0
2017-10-18 CVE-2017-15577 Redmine
Debian
Information Exposure vulnerability in multiple products

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.

5.0
2017-10-18 CVE-2017-15576 Redmine
Debian
Information Exposure vulnerability in multiple products

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information.

5.0
2017-10-18 CVE-2017-15572 Redmine
Debian
Information Exposure Through LOG Files vulnerability in multiple products

In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redirect.

5.0
2017-10-17 CVE-2014-8324 Aircrack NG Improper Input Validation vulnerability in Aircrack-Ng 1.0

network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.

5.0
2017-10-17 CVE-2014-8323 Aircrack NG Improper Input Validation vulnerability in Aircrack-Ng 1.0

buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.

5.0
2017-10-16 CVE-2017-9368 Blackberry Information Exposure vulnerability in Blackberry Workspaces Appliance-X and Workspaces Vapp

An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.

5.0
2017-10-16 CVE-2017-15297 SAP Improper Authentication vulnerability in SAP Host Agent 7.21

SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint.

5.0
2017-10-16 CVE-2014-9147 Fiyo Information Exposure vulnerability in Fiyo CMS

Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.

5.0
2017-10-19 CVE-2017-10423 Oracle Unspecified vulnerability in Oracle Retail Back Office

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security).

4.9
2017-10-19 CVE-2017-10386 Oracle Unspecified vulnerability in Oracle Java Advanced Management Console 2.7

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server).

4.9
2017-10-19 CVE-2017-10375 Oracle Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base).

4.9
2017-10-19 CVE-2017-10370 Oracle Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base).

4.9
2017-10-19 CVE-2017-10306 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2

Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security).

4.9
2017-10-19 CVE-2017-10304 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2

Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security).

4.9
2017-10-19 CVE-2017-10163 Oracle Unspecified vulnerability in Oracle Business Intelligence

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web General).

4.9
2017-10-19 CVE-2017-10099 Oracle Unspecified vulnerability in Oracle Sparc-Sun System Firmware

Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracle Sun Systems Products Suite (subcomponent: Firmware).

4.9
2017-10-18 CVE-2017-15596 XEN Resource Exhaustion vulnerability in XEN

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.

4.9
2017-10-18 CVE-2017-15593 XEN Missing Release of Resource After Effective Lifetime vulnerability in XEN

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.

4.9
2017-10-18 CVE-2017-15591 XEN Improper Input Validation vulnerability in XEN

An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.

4.9
2017-10-22 CVE-2017-12317 Cisco USE of Hard-Coded Credentials vulnerability in Cisco Advanced Malware Protection

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software.

4.6
2017-10-20 CVE-2013-6049 APT Listbugs Project
Debian
Improper Input Validation vulnerability in multiple products

apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors.

4.6
2017-10-19 CVE-2017-14019 Progea Unquoted Search Path OR Element vulnerability in Progea Movicon 11.5.1181

An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior.

4.6
2017-10-19 CVE-2017-14017 Progea Uncontrolled Search Path Element vulnerability in Progea Movicon 11.4/11.4.1150/11.5.1181

An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior.

4.6
2017-10-19 CVE-2017-15649 Linux Race Condition vulnerability in Linux Kernel

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.

4.6
2017-10-19 CVE-2017-10403 Oracle Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 8.5.1/9.0.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery).

4.6
2017-10-19 CVE-2017-10321 Oracle Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1

Vulnerability in the Core RDBMS component of Oracle Database Server.

4.6
2017-10-18 CVE-2017-15594 XEN Unspecified vulnerability in XEN

An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.

4.6
2017-10-18 CVE-2017-15590 XEN Unspecified vulnerability in XEN 4.9.0

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

4.6
2017-10-17 CVE-2017-6273 Nvidia Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nvidia Adsp Firmware

NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.

4.6
2017-10-16 CVE-2017-0316 Nvidia
Microsoft
Improper Input Validation vulnerability in Nvidia Geforce Experience

In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.

4.6
2017-10-16 CVE-2015-7504 Qemu
XEN
Debian
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.

4.6
2017-10-19 CVE-2017-3588 Oracle Unspecified vulnerability in Oracle Solaris Cluster 3.3/4.3

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL).

4.4
2017-10-22 CVE-2017-15722 Irssi
Debian
Out-Of-Bounds Read vulnerability in multiple products

In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.

4.3
2017-10-22 CVE-2017-15736 Spip Cross-Site Scripting vulnerability in Spip

Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php.

4.3
2017-10-20 CVE-2017-15671 GNU Missing Release of Resource After Effective Lifetime vulnerability in GNU Glibc

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).

4.3
2017-10-20 CVE-2017-15291 TP Link Cross-Site Scripting vulnerability in Tp-Link Tl-Mr3220 Firmware

Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field.

4.3
2017-10-20 CVE-2017-6141 F5 Improper Input Validation vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2, certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel (TMM).

4.3
2017-10-19 CVE-2017-15648 Phpsugar Cross-Site Scripting vulnerability in PHPsugar PHP Melody

In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.

4.3
2017-10-19 CVE-2017-15646 Webmin Cross-Site Scripting vulnerability in Webmin

Webmin before 1.860 has XSS with resultant remote code execution.

4.3
2017-10-19 CVE-2012-4379 Mediawiki Improper Access Control vulnerability in Mediawiki

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element.

4.3
2017-10-19 CVE-2017-15642 Soundexchange
Debian
USE After Free vulnerability in multiple products

In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.

4.3
2017-10-19 CVE-2017-10422 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Change Assistant).

4.3
2017-10-19 CVE-2017-10408 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.3
2017-10-19 CVE-2017-10407 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.3
2017-10-19 CVE-2017-10401 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Materials Management 7.30.564.0

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications (subcomponent: MMSUpdater).

4.3
2017-10-19 CVE-2017-10392 Oracle Unspecified vulnerability in Oracle VM Virtualbox 5.1.28

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.3
2017-10-19 CVE-2017-10387 Oracle Unspecified vulnerability in Oracle Customer Relationship Management Technical Foundation

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences).

4.3
2017-10-19 CVE-2017-10382 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology).

4.3
2017-10-19 CVE-2017-10343 Oracle Information Exposure vulnerability in Oracle Hospitality Simphony 2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export).

4.3
2017-10-19 CVE-2017-10341 Oracle Unspecified vulnerability in Oracle Java Advanced Management Console 2.7

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server).

4.3
2017-10-19 CVE-2017-10339 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect).

4.3
2017-10-19 CVE-2017-10318 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect).

4.3
2017-10-19 CVE-2017-10295 Oracle Unspecified vulnerability in Oracle Jdk, JRE and Jrockit

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).

4.3
2017-10-19 CVE-2017-10190 Oracle Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1

Vulnerability in the Java VM component of Oracle Database Server.

4.3
2017-10-19 CVE-2017-10166 Oracle Unspecified vulnerability in Oracle Security Service and Security Service FMW

Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: C Oracle SSL API).

4.3
2017-10-19 CVE-2017-15612 Mistune Project Cross-Site Scripting vulnerability in Mistune Project Mistune 0.7.4

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.

4.3
2017-10-19 CVE-2017-12298 Cisco Cross-Site Scripting vulnerability in Cisco Webex Meeting Center

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system.

4.3
2017-10-19 CVE-2017-12296 Cisco Cross-Site Scripting vulnerability in Cisco Webex Meetings Server 2.6/2.7/2.8

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system.

4.3
2017-10-19 CVE-2017-12288 Cisco Cross-Site Scripting vulnerability in Cisco Finesse 11.5(1)

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device.

4.3
2017-10-19 CVE-2017-12272 Cisco Cross-Site Scripting vulnerability in Cisco IOS XE 16.1.2/16.2.0/16.3(1)

A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.

4.3
2017-10-18 CVE-2015-1239 Google Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
4.3
2017-10-18 CVE-2015-2156 Netty
Lightbend
Playframework
Improper Input Validation vulnerability in multiple products

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

4.3
2017-10-18 CVE-2014-7242 MS INS Improper Certificate Validation vulnerability in Ms-Ins Sumaho and Sumaho Driving Capability Diagnosis

The SumaHo application 3.0.0 and earlier for Android and the SumaHo "driving capability" diagnosis result transmission application 1.2.2 and earlier for Android allow man-in-the-middle attackers to spoof servers and obtain sensitive information by leveraging failure to verify SSL/TLS server certificates.

4.3
2017-10-18 CVE-2014-3706 Redhat Improper Certificate Validation vulnerability in Redhat Enterprise MRG 3.0

ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates.

4.3
2017-10-18 CVE-2017-8024 EMC Cross-Site Scripting vulnerability in EMC Isilon Onefs

EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.

4.3
2017-10-18 CVE-2017-15574 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment.

4.3
2017-10-18 CVE-2017-15573 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because markup is mishandled in wiki content.

4.3
2017-10-18 CVE-2017-15571 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.

4.3
2017-10-18 CVE-2017-15570 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/_list.html.erb via crafted column data.

4.3
2017-10-18 CVE-2017-15569 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list.

4.3
2017-10-18 CVE-2017-15568 Redmine
Debian
Cross-Site Scripting vulnerability in multiple products

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/application_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of issue history.

4.3
2017-10-18 CVE-2016-10515 Redmine Cross-Site Scripting vulnerability in Redmine

In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages.

4.3
2017-10-17 CVE-2014-9678 Flowpaper Improper Input Validation vulnerability in Flowpaper Flexpaper

FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter.

4.3
2017-10-17 CVE-2014-9677 Flowpaper Cross-Site Scripting vulnerability in Flowpaper Flexpaper

Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter.

4.3
2017-10-16 CVE-2015-3229 Fedoraproject Permissions, Privileges, and Access Controls vulnerability in Fedoraproject Spin-Kickstarts

fedora-cloud-atomic.ks in spin-kickstarts allows remote attackers to conduct man-in-the-middle attacks by leveraging use of HTTP to download Fedora Atomic updates.

4.3
2017-10-16 CVE-2017-15384 Phpjabbers Cross-Site Scripting vulnerability in PHPjabbers Rate ME 1.0

rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action.

4.3
2017-10-16 CVE-2017-15361 Infineon
Acer
Aopen
ASI
Asus
Bobicus
CTL
Dell
Edugear
Edxis
Epik
Google
Haier
Hexa
Hisense
HP
Lenovo
LG
Medion
Mercer
Ncomputing
Nexian
Pcmerge
Poin2
Positivo
Prowise
RGS
Samsung
Sector Five
Senkatel
Toshiba
True
Videonet
Viglen
Xolo
Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA.

4.3
2017-10-16 CVE-2017-15294 SAP Cross-Site Scripting vulnerability in SAP Customer Relationship Management

The Java administration console in SAP CRM has XSS.

4.3
2017-10-16 CVE-2014-8087 Post Highlights Projects Cross-Site Scripting vulnerability in Post Highlights Projects Post Highlights

Cross-site scripting (XSS) vulnerability in the post highlights plugin before 2.6.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the txt parameter in a headline action to ajax/ph_save.php.

4.3
2017-10-16 CVE-2014-0029 Redhat Cross-Site Scripting vulnerability in Redhat Subscription Asset Manager 1.0.0

Multiple cross-site scripting (XSS) vulnerabilities in the SAM web application in Red Hat katello-headpin allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3
2017-10-16 CVE-2017-15375 Wpjobboard Cross-Site Scripting vulnerability in Wpjobboard 4.5.1

Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress.

4.3
2017-10-16 CVE-2017-15374 Shopware Cross-Site Scripting vulnerability in Shopware

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules.

4.3
2017-10-16 CVE-2017-15372 Soundexchange
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2.

4.3
2017-10-16 CVE-2017-15371 Soundexchange
Debian
Reachable Assertion vulnerability in multiple products

There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2.

4.3
2017-10-16 CVE-2017-15370 Soundexchange
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2.

4.3
2017-10-16 CVE-2017-15362 Osticket Cross-Site Scripting vulnerability in Osticket 1.10.1

osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS.

4.3
2017-10-16 CVE-2017-15303 Cpuid Out-Of-Bounds Write vulnerability in Cpuid Cpu-Z

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41).

4.3
2017-10-19 CVE-2017-10428 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.1
2017-10-19 CVE-2017-10389 Oracle Unspecified vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS).

4.1
2017-10-19 CVE-2012-4382 Mediawiki Information Exposure vulnerability in Mediawiki

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.

4.0
2017-10-19 CVE-2017-15639 Getmura XXE vulnerability in Getmura Mura CMS

tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable feeds" feature.

4.0
2017-10-19 CVE-2017-10426 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Staffing Front Office 9.2

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office).

4.0
2017-10-19 CVE-2017-10421 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure).

4.0
2017-10-19 CVE-2017-10384 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).

4.0
2017-10-19 CVE-2017-10380 Oracle Unspecified vulnerability in Oracle Java Advanced Management Console 2.7

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server).

4.0
2017-10-19 CVE-2017-10379 Oracle Information Exposure vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).

4.0
2017-10-19 CVE-2017-10378 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).

4.0
2017-10-19 CVE-2017-10334 Oracle Information Exposure vulnerability in Oracle Weblogic Server

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).

4.0
2017-10-19 CVE-2017-10320 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).

4.0
2017-10-19 CVE-2017-10316 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect).

4.0
2017-10-19 CVE-2017-10314 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached).

4.0
2017-10-19 CVE-2017-10313 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS).

4.0
2017-10-19 CVE-2017-10311 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS).

4.0
2017-10-19 CVE-2017-10299 Oracle Information Exposure vulnerability in Oracle Agile Product Lifecycle Management Framework 9.3.5/9.3.6

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security).

4.0
2017-10-19 CVE-2017-10296 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).

4.0
2017-10-19 CVE-2017-10284 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure).

4.0
2017-10-19 CVE-2017-10279 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).

4.0
2017-10-19 CVE-2017-10274 Oracle Unspecified vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO).

4.0
2017-10-19 CVE-2017-10261 Oracle Information Exposure vulnerability in Oracle Database 11.2.0.4/12.1.0.2

Vulnerability in the XML Database component of Oracle Database Server.

4.0
2017-10-19 CVE-2017-10227 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).

4.0
2017-10-19 CVE-2017-10194 Oracle Information Exposure vulnerability in Oracle Integrated Lights OUT Manager Firmware

Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management).

4.0
2017-10-19 CVE-2017-10167 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).

4.0
2017-10-19 CVE-2017-10165 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).

4.0
2017-10-19 CVE-2017-10164 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise FIN Staffing Front Office 9.2

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office).

4.0
2017-10-19 CVE-2017-10152 Oracle Information Exposure vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).

4.0
2017-10-19 CVE-2017-15611 Octopus Incorrect Permission Assignment FOR Critical Resource vulnerability in Octopus Deploy

In Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to invite new users (aka UserInvite) can invite users to teams with escalated privileges.

4.0
2017-10-19 CVE-2017-15610 Octopus Information Exposure vulnerability in Octopus Deploy

An issue was discovered in Octopus before 3.17.7.

4.0
2017-10-19 CVE-2017-12287 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in a temporary denial of service (DoS) condition.

4.0
2017-10-18 CVE-2017-15359 3CX Path Traversal vulnerability in 3CX 15.5.3554.1

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters.

4.0
2017-10-18 CVE-2014-7813 Redhat Resource Exhaustion vulnerability in Redhat Cloudforms 3.0 Management Engine

Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols.

4.0
2017-10-17 CVE-2017-14009 Prominent Cleartext Transmission of Sensitive Information vulnerability in Prominent Multiflex M10A Controller Firmware

An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface.

4.0
2017-10-17 CVE-2014-8357 Dasanzhone Credentials Management vulnerability in Dasanzhone Znid 2426A Firmware

backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf.

4.0
2017-10-16 CVE-2016-8734 Apache
Debian
Resource Exhaustion vulnerability in multiple products

Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion.

4.0

44 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-19 CVE-2017-10419 Oracle Unspecified vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS).

3.6
2017-10-19 CVE-2017-10308 Oracle Unspecified vulnerability in Oracle Agile Product Lifecycle Management Framework 9.3.5/9.3.6

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance).

3.6
2017-10-19 CVE-2017-10054 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Materials Management 7.30.564.0

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications (subcomponent: MMS).

3.6
2017-10-17 CVE-2014-2277 Perltidy Project Improper Access Control vulnerability in Perltidy Project Perltidy

The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.

3.6
2017-10-22 CVE-2017-15728 Phpmyfaq Cross-Site Scripting vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.

3.5
2017-10-22 CVE-2017-15727 Phpmyfaq Cross-Site Scripting vulnerability in PHPmyfaq

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.

3.5
2017-10-20 CVE-2010-3659 Typo3 Cross-Site Scripting vulnerability in Typo3

Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms.

3.5
2017-10-19 CVE-2016-8748 Apache Cross-Site Scripting vulnerability in Apache Nifi

In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user.

3.5
2017-10-19 CVE-2017-10399 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0.2.0

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp).

3.5
2017-10-19 CVE-2017-10286 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).

3.5
2017-10-19 CVE-2017-10283 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema).

3.5
2017-10-19 CVE-2017-10153 Oracle Unspecified vulnerability in Oracle Communications Webrtc Session Controller 7.0/7.1/7.2

Vulnerability in the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Gson)).

3.5
2017-10-19 CVE-2017-10014 Oracle Unspecified vulnerability in Oracle Hospitality Hotel Mobile 1.1

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI).

3.5
2017-10-18 CVE-2017-14956 Alienvault Cross-Site Request Forgery (CSRF) vulnerability in Alienvault Unified Security Management 4.14

AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script.

3.5
2017-10-18 CVE-2015-3400 Zfsonlinux Information Exposure vulnerability in Zfsonlinux ZFS 0.6.4

sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the zfs repository, provides world readable access to the shared zfs file system, which might allow remote authenticated users to obtain sensitive information by reading shared files.

3.5
2017-10-18 CVE-2014-3531 Theforeman Cross-Site Scripting vulnerability in Theforeman Foreman

Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2) description.

3.5
2017-10-17 CVE-2017-15538 Ilias Cross-Site Scripting vulnerability in Ilias

Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php.

3.5
2017-10-16 CVE-2014-0208 Theforeman Cross-Site Scripting vulnerability in Theforeman Foreman

Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman before 1.4.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted key name.

3.5
2017-10-19 CVE-2017-10270 Oracle Unspecified vulnerability in Oracle Identity Manager Connector 9.1.1.5.0

Vulnerability in the Oracle Identity Manager Connector component of Oracle Fusion Middleware (subcomponent: Microsoft Active Directory).

3.3
2017-10-19 CVE-2017-10033 Oracle Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0/12.2.1.2.0

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Support Tools).

3.3
2017-10-19 CVE-2017-10398 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0.2.0

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: BaseMasterPage).

3.2
2017-10-17 CVE-2017-13088 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

2.9
2017-10-17 CVE-2017-13087 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

2.9
2017-10-17 CVE-2017-13081 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

2.9
2017-10-17 CVE-2017-13080 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

2.9
2017-10-17 CVE-2017-13079 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

2.9
2017-10-17 CVE-2017-13078 Canonical
Debian
Freebsd
Opensuse
Redhat
W1 FI
Suse
USE of Insufficiently Random Values vulnerability in multiple products

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

2.9
2017-10-19 CVE-2017-10051 Oracle Unspecified vulnerability in Oracle Outside in Technology 8.5.3.0

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters).

2.7
2017-10-19 CVE-2017-10345 Oracle Unspecified vulnerability in Oracle Jdk, JRE and Jrockit

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).

2.6
2017-10-19 CVE-2017-10356 Oracle Information Exposure vulnerability in Oracle JDK and JRE

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).

2.1
2017-10-19 CVE-2017-10351 Oracle Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Application Server).

2.1
2017-10-19 CVE-2017-10317 Oracle Information Exposure vulnerability in Oracle Hospitality Suite8 8.10.1/8.10.2

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect).

2.1
2017-10-19 CVE-2017-10197 Oracle Information Exposure vulnerability in Oracle Hospitality Opera 5 Property Services 5.4.2/5.5.1

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Folios).

2.1
2017-10-19 CVE-2017-12289 Cisco Information Exposure vulnerability in Cisco IOS

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file.

2.1
2017-10-19 CVE-2017-12286 Cisco Improper Input Validation vulnerability in Cisco Jabber and Webex Meeting Center

A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information.

2.1
2017-10-19 CVE-2017-12284 Cisco Information Exposure vulnerability in Cisco Jabber 11.8(.4)

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information.

2.1
2017-10-18 CVE-2011-5320 GNU Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Glibc

scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.

2.1
2017-10-18 CVE-2017-15589 XEN Information Exposure vulnerability in XEN 4.9.0

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.

2.1
2017-10-17 CVE-2017-15537 Linux Information Exposure vulnerability in Linux Kernel

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

2.1
2017-10-16 CVE-2017-15289 Qemu Out-Of-Bounds Write vulnerability in Qemu

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.

2.1
2017-10-20 CVE-2017-14937 PCU USE of A Broken OR Risky Cryptographic Algorithm vulnerability in PCU 2014

The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector).

1.9
2017-10-19 CVE-2017-10294 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).

1.7
2017-10-19 CVE-2017-10292 Oracle Improper Privilege Management vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1

Vulnerability in the RDBMS Security component of Oracle Database Server.

1.7
2017-10-19 CVE-2017-10268 Oracle Information Exposure vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).

1.5