Weekly Vulnerabilities Reports > October 23 to 29, 2017

Overview

330 new vulnerabilities reported during this period, including 24 critical vulnerabilities and 97 high severity vulnerabilities. This weekly summary report vulnerabilities in 192 products from 114 vendors including Apple, Google, Redhat, Debian, and Microsoft. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Cross-site Scripting", "SQL Injection", and "Information Exposure".

  • 297 reported vulnerabilities are remotely exploitables.
  • 39 reported vulnerabilities have public exploit available.
  • 103 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 285 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 74 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

24 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-26 CVE-2017-15366 Ndocsoftware Information Exposure Through Log Files vulnerability in Ndocsoftware Ndoc 7.4

Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password.

10.0
2017-10-23 CVE-2017-12796 Openmrs Deserialization of Untrusted Data vulnerability in Openmrs

The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects.

10.0
2017-10-23 CVE-2017-7112 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

10.0
2017-10-23 CVE-2017-7110 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

10.0
2017-10-23 CVE-2017-7108 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

10.0
2017-10-23 CVE-2017-7105 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

10.0
2017-10-29 CVE-2017-15994 Samba Improper Validation of Integrity Check Value vulnerability in Samba Rsync

rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions.

9.8
2017-10-27 CVE-2014-3600 Apache XXE vulnerability in Apache Activemq

XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

9.8
2017-10-27 CVE-2014-3579 Apache XXE vulnerability in Apache Activemq Apollo

XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.

9.8
2017-10-27 CVE-2016-5003 Apache Deserialization of Untrusted Data vulnerability in Apache Ws-Xmlrpc 3.1.3

The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.

9.8
2017-10-26 CVE-2012-1622 Apache Unspecified vulnerability in Apache Ofbiz 10.04

Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.

9.8
2017-10-26 CVE-2017-15909 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dgs-1500 Firmware 2.10.002/2.50.008/2.51.005

D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access.

9.8
2017-10-23 CVE-2017-15379 Softwarepublico SQL Injection vulnerability in Softwarepublico E-Sic 1.0

An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for the username and password.

9.8
2017-10-27 CVE-2017-5053 Google
Redhat
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.

9.6
2017-10-27 CVE-2017-13090 GNU
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The retr.c:fd_read_body() function is called when processing OK responses.

9.3
2017-10-27 CVE-2017-13089 GNU
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects.

9.3
2017-10-26 CVE-2017-5996 Beyondtrust Untrusted Search Path vulnerability in Beyondtrust Remote Support

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.

9.3
2017-10-23 CVE-2017-7127 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-10-23 CVE-2017-7115 Apple Race Condition vulnerability in Apple Iphone OS and Tvos

An issue was discovered in certain Apple products.

9.3
2017-10-23 CVE-2017-7114 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2017-10-23 CVE-2017-7077 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2017-10-27 CVE-2017-15935 Artica Code Injection vulnerability in Artica Pandora FMS 7.0

Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function.

9.0
2017-10-26 CVE-2017-7341 Fortinet OS Command Injection vulnerability in Fortinet Fortiwlc

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests.

9.0
2017-10-23 CVE-2017-13772 TP Link Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Wr940N Firmware

Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.

9.0

97 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-27 CVE-2017-15930 Graphicsmagick
Debian
NULL Pointer Dereference vulnerability in multiple products

In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

8.8
2017-10-27 CVE-2017-5122 Google
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5121 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.

8.8
2017-10-27 CVE-2017-5116 Google
Redhat
Debian
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5115 Google Incorrect Type Conversion or Cast vulnerability in Google Chrome

Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5114 Google
Debian
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.

8.8
2017-10-27 CVE-2017-5113 Google
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5112 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome

Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5111 Google
Redhat
Debian
Use After Free vulnerability in multiple products

A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.

8.8
2017-10-27 CVE-2017-5108 Google
Redhat
Type Confusion vulnerability in multiple products

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.

8.8
2017-10-27 CVE-2017-5100 Google
Debian
Redhat
Use After Free vulnerability in multiple products

A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5099 Google
Debian
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5098 Google
Debian
Redhat
Use After Free vulnerability in multiple products

A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5097 Google
Debian
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5095 Google
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.

8.8
2017-10-27 CVE-2017-5092 Google
Debian
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5091 Google
Debian
Redhat
Use After Free vulnerability in multiple products

A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5088 Google
Redhat
Out-of-bounds Read vulnerability in multiple products

Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5087 Google
Redhat
Use After Free vulnerability in multiple products

A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.

8.8
2017-10-27 CVE-2017-5080 Google Use After Free vulnerability in Google Chrome

A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5078 Google
Redhat
Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121.
8.8
2017-10-27 CVE-2017-5077 Google
Redhat
Out-of-bounds Read vulnerability in multiple products

Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5073 Google
Redhat
Use After Free vulnerability in multiple products

Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5070 Google
Redhat
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5064 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome

Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5063 Google
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5062 Google
Redhat
Use After Free vulnerability in multiple products

A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.

8.8
2017-10-27 CVE-2017-5059 Google
Redhat
Type Confusion vulnerability in multiple products

Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5058 Google Use After Free vulnerability in Google Chrome

A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5057 Google
Redhat
Type Confusion vulnerability in multiple products

Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.

8.8
2017-10-27 CVE-2017-5056 Google
Redhat
Use After Free vulnerability in multiple products

A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5055 Google Use After Free vulnerability in Google Chrome

A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5054 Google
Redhat
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.

8.8
2017-10-27 CVE-2017-5052 Google
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.

8.8
2017-10-23 CVE-2017-15378 Softwarepublico SQL Injection vulnerability in Softwarepublico E-Sic 1.0

SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI).

8.8
2017-10-27 CVE-2017-5074 Google Use After Free vulnerability in Google Chrome

A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.

8.0
2017-10-29 CVE-2017-15996 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.

7.8
2017-10-28 CVE-2017-15951 Linux Improper Input Validation vulnerability in Linux Kernel

The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.

7.8
2017-10-27 CVE-2016-5002 Apache XXE vulnerability in Apache Xml-Rpc 3.1.3

XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.

7.8
2017-10-23 CVE-2017-15567 Idemia Unspecified vulnerability in Idemia MSO 1300 Firmware

The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors.

7.8
2017-10-23 CVE-2017-14328 Extremenetworks Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Extremenetworks Extremexos

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.

7.8
2017-10-23 CVE-2017-7086 Apple Resource Exhaustion vulnerability in Apple products

An issue was discovered in certain Apple products.

7.8
2017-10-29 CVE-2017-16228 Dulwich Project Unspecified vulnerability in Dulwich Project Dulwich

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.

7.5
2017-10-29 CVE-2017-15976 Zeescripts SQL Injection vulnerability in Zeescripts Zeebuddy 2X

ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.

7.5
2017-10-29 CVE-2017-15975 Vastal SQL Injection vulnerability in Vastal Dating Zone 0.9.9

Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.

7.5
2017-10-29 CVE-2017-15974 Datacomponents SQL Injection vulnerability in Datacomponents Tpanel 2009

tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.

7.5
2017-10-29 CVE-2017-15973 Sokial SQL Injection vulnerability in Sokial 1.0

Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php.

7.5
2017-10-29 CVE-2017-15972 Softdatepro SQL Injection vulnerability in Softdatepro Dating Software 1.3

SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971.

7.5
2017-10-29 CVE-2017-15971 Softdatepro SQL Injection vulnerability in Softdatepro Same Date PRO 1.0

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.

7.5
2017-10-29 CVE-2017-15970 Phpcityportal SQL Injection vulnerability in PHPcityportal 2.0

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter.

7.5
2017-10-29 CVE-2017-15969 Pilotgroup SQL Injection vulnerability in Pilotgroup Allsharevideo 1.0

PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.

7.5
2017-10-29 CVE-2017-15968 Contractorscripts SQL Injection vulnerability in Contractorscripts Mybuildersite 1.0

MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.

7.5
2017-10-29 CVE-2017-15967 Mailing Manager SQL Injection vulnerability in Mailing-Manager Mailing List Manager PRO 3.0

Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template.

7.5
2017-10-29 CVE-2017-15966 ZH Yandexmap Project SQL Injection vulnerability in ZH Yandexmap Project ZH Yandexmap 6.1.1.0

The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.

7.5
2017-10-29 CVE-2017-15965 Nswd SQL Injection vulnerability in Nswd NS Download Shop 2.2.6

The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.

7.5
2017-10-29 CVE-2017-15964 Nicephpscripts SQL Injection vulnerability in Nicephpscripts JOB Board Script

Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.

7.5
2017-10-29 CVE-2017-15963 Itechscripts SQL Injection vulnerability in Itechscripts Gigs Script 1.21

iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.

7.5
2017-10-29 CVE-2017-15962 Istock Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Istock Management System Project Istock Management System 1.0

iStock Management System 1.0 allows Arbitrary File Upload via user/profile.

7.5
2017-10-29 CVE-2017-15961 Iproject Management System Project SQL Injection vulnerability in Iproject Management System Project Iproject Management System 1.0

iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.

7.5
2017-10-29 CVE-2017-15960 Yourarticlesdirectory SQL Injection vulnerability in Yourarticlesdirectory Article Directory Script 3.0

Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.

7.5
2017-10-29 CVE-2017-15959 Adultscriptpro SQL Injection vulnerability in Adultscriptpro 2.2.4

Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.

7.5
2017-10-29 CVE-2017-15958 Domainzaar SQL Injection vulnerability in Domainzaar D-Park PRO 1.0

D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.

7.5
2017-10-28 CVE-2017-15946 Selfget SQL Injection vulnerability in Selfget TAG Meta 1.7.6

In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php.

7.5
2017-10-27 CVE-2017-15938 GNU Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash).

7.5
2017-10-27 CVE-2017-5068 Google
Redhat
Race Condition vulnerability in multiple products

Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.

7.5
2017-10-26 CVE-2014-2023 Tapatalk SQL Injection vulnerability in Tapatalk

Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.

7.5
2017-10-26 CVE-2017-15919 Accesspressthemes SQL Injection vulnerability in Accesspressthemes Ultimate-Form-Builder-Lite

The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.

7.5
2017-10-26 CVE-2017-15907 Phpcollab SQL Injection vulnerability in PHPcollab 2.5/2.5.1

SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php.

7.5
2017-10-24 CVE-2017-15871 Serialize TO JS Project Infinite Loop vulnerability in Serialize-To-Js Project Serialize-To-Js

The deserialize function in serialize-to-js through 1.1.1 allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" call or a simple infinite loop.

7.5
2017-10-24 CVE-2017-15222 Nftp Project Classic Buffer Overflow vulnerability in Nftp Project Nftp

Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.

7.5
2017-10-24 CVE-2017-14695 Saltstack Path Traversal vulnerability in Saltstack Salt

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.

7.5
2017-10-24 CVE-2015-5172 Cloudfoundry
Pivotal Software
Weak Password Recovery Mechanism for Forgotten Password vulnerability in multiple products

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.

7.5
2017-10-24 CVE-2015-5171 Cloudfoundry
Pivotal Software
Insufficient Session Expiration vulnerability in multiple products

The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions.

7.5
2017-10-24 CVE-2014-1203 Eyou Command Injection vulnerability in Eyou

The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php.

7.5
2017-10-24 CVE-2017-15081 Phpsugar SQL Injection vulnerability in PHPsugar PHP Melody 2.6.1

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.

7.5
2017-10-23 CVE-2014-3741 Node Printer Project Command Injection vulnerability in Node-Printer Project Node-Printer 0.0.1

The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command.

7.5
2017-10-23 CVE-2012-4570 Letodms Project SQL Injection vulnerability in Letodms Project Letodms

SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2017-10-23 CVE-2017-9946 Siemens Improper Authentication vulnerability in Siemens products

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5.

7.5
2017-10-23 CVE-2017-15580 Osticket Unrestricted Upload of File with Dangerous Type vulnerability in Osticket 1.10.1

osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats.

7.5
2017-10-23 CVE-2017-15381 Softwarepublico SQL Injection vulnerability in Softwarepublico E-Sic 1.0

SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script).

7.5
2017-10-23 CVE-2017-7130 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7129 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7128 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7126 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7125 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7124 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7123 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7122 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7121 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2017-10-23 CVE-2017-7103 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

7.5
2017-10-27 CVE-2017-15945 Mariadb
Mysql
Gentoo
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.

7.2
2017-10-27 CVE-2017-15924 Shadowsocks
Debian
OS Command Injection vulnerability in multiple products

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.

7.2
2017-10-23 CVE-2017-14331 Extremenetworks Unspecified vulnerability in Extremenetworks Extremexos

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.

7.2
2017-10-23 CVE-2017-14330 Extremenetworks Improper Privilege Management vulnerability in Extremenetworks Extremexos

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.

7.2
2017-10-23 CVE-2017-14329 Extremenetworks Improper Privilege Management vulnerability in Extremenetworks Extremexos

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.

7.2
2017-10-24 CVE-2017-12613 Apache
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

7.1
2017-10-23 CVE-2017-7088 Apple Permission Issues vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

7.1

175 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-27 CVE-2017-15932 Radare Out-of-bounds Read vulnerability in Radare Radare2 2.0.1

In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.

6.8
2017-10-27 CVE-2017-15931 Radare Out-of-bounds Read vulnerability in Radare Radare2 2.0.1

In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems.

6.8
2017-10-27 CVE-2017-6157 F5 Unspecified vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system.

6.8
2017-10-24 CVE-2017-15879 Keystonejs Improper Input Validation vulnerability in Keystonejs Keystone 4.0.0

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.

6.8
2017-10-24 CVE-2015-5173 Cloudfoundry
Pivotal Software
Information Exposure vulnerability in multiple products

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."

6.8
2017-10-24 CVE-2015-5170 Cloudfoundry
Pivotal Software
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks.

6.8
2017-10-23 CVE-2015-2878 Watchguard Cross-Site Request Forgery (CSRF) vulnerability in Watchguard Hawkeye G 3.0.1.4912

Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist.

6.8
2017-10-23 CVE-2013-7377 Codem Transcode Project Command Injection vulnerability in Codem-Transcode Project Codem-Transcode

The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe.

6.8
2017-10-23 CVE-2012-4568 Letodms Project Cross-Site Request Forgery (CSRF) vulnerability in Letodms Project Letodms

Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2017-10-23 CVE-2017-15808 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.

6.8
2017-10-23 CVE-2017-14332 Extremenetworks Unspecified vulnerability in Extremenetworks Extremexos

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.

6.8
2017-10-23 CVE-2017-7137 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7136 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7135 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7134 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7120 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7117 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7111 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7107 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7104 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7102 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7100 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7099 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7098 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7096 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7095 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7094 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7093 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7092 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7091 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7087 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7081 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2017-10-23 CVE-2017-7076 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2017-10-24 CVE-2013-3734 Redhat Credentials Management vulnerability in Redhat Jboss Application Server 1.2

The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or (2) attackers to obtain sensitive information by reading the HTML source code.

6.6
2017-10-29 CVE-2017-16000 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.

6.5
2017-10-29 CVE-2017-15957 Ingenious School Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Ingenious School Management System Project Ingenious School Management System 2.3.0

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.

6.5
2017-10-28 CVE-2017-15949 Angry Frog SQL Injection vulnerability in Angry-Frog Xavier 2.4

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.

6.5
2017-10-27 CVE-2017-15933 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.

6.5
2017-10-27 CVE-2017-5120 Google
Debian
Redhat
Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page.
6.5
2017-10-27 CVE-2017-5117 Google
Debian
Information Exposure vulnerability in multiple products

Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5110 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5106 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5
2017-10-27 CVE-2017-5105 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5
2017-10-27 CVE-2017-5104 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5101 Google
Debian
Redhat
Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.
6.5
2017-10-27 CVE-2017-5094 Debian
Google
Redhat
Type Confusion vulnerability in multiple products

Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5093 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5090 Google Improper Input Validation vulnerability in Google Chrome

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character, aka Apple rdar problem 32458012.

6.5
2017-10-27 CVE-2017-5089 Google
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name.

6.5
2017-10-27 CVE-2017-5086 Google
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5
2017-10-27 CVE-2017-5076 Google
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5
2017-10-27 CVE-2017-5072 Google Improper Input Validation vulnerability in Google Chrome

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page.

6.5
2017-10-27 CVE-2017-5067 Google
Redhat
Improper Input Validation vulnerability in multiple products

An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5066 Google
Redhat
Improper Verification of Cryptographic Signature vulnerability in multiple products

Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.

6.5
2017-10-27 CVE-2017-5060 Google
Redhat
Incorrect Authorization vulnerability in multiple products

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5
2017-10-26 CVE-2017-12160 Redhat Improper Authentication vulnerability in Redhat Keycloak

It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation.

6.5
2017-10-24 CVE-2017-15880 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork 5.10

SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group).

6.5
2017-10-23 CVE-2015-5533 Count PER DAY Project SQL Injection vulnerability in Count PER DAY Project Count PER DAY

SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php.

6.5
2017-10-23 CVE-2011-4334 Labwiki Project Unrestricted Upload of File with Dangerous Type vulnerability in Labwiki Project Labwiki

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.

6.5
2017-10-26 CVE-2017-1222 IBM Improper Authentication vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.

6.4
2017-10-27 CVE-2017-5071 Google
Redhat
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

6.3
2017-10-27 CVE-2017-5085 Google Cross-site Scripting vulnerability in Google Chrome 58.0.3029

Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark.

6.1
2017-10-27 CVE-2017-5069 Google
Redhat
Cross-site Scripting vulnerability in multiple products

Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.

6.1
2017-10-23 CVE-2017-15380 Softwarepublico Cross-site Scripting vulnerability in Softwarepublico E-Sic 1.0

XSS exists in the E-Sic 1.0 /cadastro/index.php URI (aka the requester's registration area) via the nome parameter.

6.1
2017-10-27 CVE-2017-15939 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.29

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.

5.5
2017-10-27 CVE-2017-5082 Google Information Exposure vulnerability in Google Chrome

Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page.

5.5
2017-10-27 CVE-2017-5107 Google
Redhat
Information Exposure Through Discrepancy vulnerability in multiple products

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page.

5.3
2017-10-27 CVE-2017-5061 Google
Redhat
Race Condition vulnerability in multiple products

A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

5.3
2017-10-26 CVE-2017-15906 Openbsd
Oracle
Debian
Netapp
Redhat
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

5.3
2017-10-23 CVE-2017-9947 Siemens Path Traversal vulnerability in Siemens products

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5.

5.3
2017-10-29 CVE-2017-16227 Quagga
Debian
Improper Input Validation vulnerability in multiple products

The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.

5.0
2017-10-29 CVE-2017-15999 NQ Cleartext Transmission of Sensitive Information vulnerability in NQ Contacts Backup & Restore 1.1

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data.

5.0
2017-10-29 CVE-2017-15998 NQ Use of a Broken or Risky Cryptographic Algorithm vulnerability in NQ Contacts Backup & Restore 1.1

In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data.

5.0
2017-10-29 CVE-2017-15956 Converto Video Downloader Converter Project Improper Input Validation vulnerability in Converto Video Downloader & Converter Project Converto Video Downloader & Converter 1.4.1

ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php.

5.0
2017-10-27 CVE-2017-15582 Writediary Use of Hard-coded Credentials vulnerability in Writediary Diary With Lock 4.72

In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.

5.0
2017-10-27 CVE-2017-15581 Writediary Missing Encryption of Sensitive Data vulnerability in Writediary Diary With Lock 4.72

In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ...

5.0
2017-10-27 CVE-2017-15928 OX Project Improper Input Validation vulnerability in OX Project OX 2.8.0

In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj.

5.0
2017-10-27 CVE-2017-0303 F5 Incomplete Cleanup vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation.

5.0
2017-10-26 CVE-2017-1230 IBM Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

5.0
2017-10-26 CVE-2017-1225 IBM Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores sensitive information in URL parameters.

5.0
2017-10-26 CVE-2017-1220 IBM Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) discloses sensitive information to unauthorized users.

5.0
2017-10-26 CVE-2017-3771 Lenovo Unspecified vulnerability in Lenovo products

System boot process is not adequately secured In Lenovo E95 and ThinkCentre M710s/M710t because systems were shipped from factory without completing BIOS/UEFI initialization process.

5.0
2017-10-26 CVE-2017-12159 Redhat
Keycloak
Insufficient Session Expiration vulnerability in multiple products

It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session.

5.0
2017-10-26 CVE-2017-15908 Systemd Project
Canonical
Infinite Loop vulnerability in multiple products

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.

5.0
2017-10-26 CVE-2017-15882 Londontrustmedia Resource Exhaustion vulnerability in Londontrustmedia Private Internet Access

The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file.

5.0
2017-10-24 CVE-2017-1583 IBM Information Exposure vulnerability in IBM Liberty 3.13

IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.

5.0
2017-10-24 CVE-2017-1523 IBM Missing Authentication for Critical Function vulnerability in IBM Infosphere Master Data Management 11.5

IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized user to download reports without authentication.

5.0
2017-10-24 CVE-2017-1375 IBM Inadequate Encryption Strength vulnerability in IBM Storwize Unified V7000 Software 1.5/1.6

IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2017-10-24 CVE-2017-1210 IBM Improper Input Validation vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could allow an unauthenticated attacker to inject data into log files made to look legitimate.

5.0
2017-10-24 CVE-2017-15223 Argosoft Infinite Loop vulnerability in Argosoft Mini Mail Server

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop.

5.0
2017-10-24 CVE-2017-14696 Saltstack Improper Input Validation vulnerability in Saltstack Salt

SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.

5.0
2017-10-24 CVE-2014-0691 Cisco Insufficient Entropy vulnerability in Cisco Webex Meetings Server 1.0

Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.

5.0
2017-10-23 CVE-2014-3744 Nodejs Path Traversal vulnerability in Nodejs Node.Js

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

5.0
2017-10-23 CVE-2010-2232 Apache Improper Access Control vulnerability in Apache Derby

In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.

5.0
2017-10-23 CVE-2017-15805 Cisco Path Traversal vulnerability in Cisco products

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files.

5.0
2017-10-23 CVE-2017-15377 Openinfosecfoundation Unspecified vulnerability in Openinfosecfoundation Suricata

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c.

5.0
2017-10-23 CVE-2017-7147 Apple Cleartext Transmission of Sensitive Information vulnerability in Apple Support

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7146 Apple Incorrect Permission Assignment for Critical Resource vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7145 Apple Permission Issues vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7142 Apple Information Exposure vulnerability in Apple Safari

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7141 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7140 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7133 Apple Cleartext Transmission of Sensitive Information vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7116 Apple Information Exposure vulnerability in Apple Iphone OS, Tvos and Watchos

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7090 Apple
Microsoft
Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7080 Apple Improper Certificate Validation vulnerability in Apple products

An issue was discovered in certain Apple products.

5.0
2017-10-23 CVE-2017-7078 Apple Cleartext Transmission of Sensitive Information vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

5.0
2017-10-29 CVE-2006-5331 Linux Data Processing Errors vulnerability in Linux Kernel

The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction.

4.9
2017-10-23 CVE-2017-14327 Extremenetworks Information Exposure vulnerability in Extremenetworks Extremexos

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.

4.9
2017-10-27 CVE-2017-5065 Google
Redhat
Improper Input Validation vulnerability in multiple products

Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page.

4.7
2017-10-25 CVE-2017-12705 Advantech Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webop

A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP.

4.6
2017-10-28 CVE-2017-15955 Debian
Bchunk Project
NULL Pointer Dereference vulnerability in multiple products

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.

4.3
2017-10-28 CVE-2017-15954 Debian
Bchunk Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.

4.3
2017-10-28 CVE-2017-15953 Debian
Bchunk Project
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

4.3
2017-10-27 CVE-2017-6163 F5 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service.

4.3
2017-10-27 CVE-2017-6162 F5 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic.

4.3
2017-10-27 CVE-2017-6160 F5 Unspecified vulnerability in F5 products

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic.

4.3
2017-10-27 CVE-2017-6159 F5 Unspecified vulnerability in F5 products

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server.

4.3
2017-10-27 CVE-2017-7733 Fortinet Cross-site Scripting vulnerability in Fortinet Fortios

A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.

4.3
2017-10-27 CVE-2017-5119 Google
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5118 Google
Debian
Redhat
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5109 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5103 Google
Debian
Redhat
Use of Uninitialized Resource vulnerability in multiple products

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5102 Google
Debian
Redhat
Use of Uninitialized Resource vulnerability in multiple products

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5096 Google Information Exposure vulnerability in Google Chrome

Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents.

4.3
2017-10-27 CVE-2017-5083 Google
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5079 Google
Redhat
Improper Input Validation vulnerability in multiple products

Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

4.3
2017-10-27 CVE-2017-5075 Google
Redhat
Information Exposure vulnerability in multiple products

Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page.

4.3
2017-10-26 CVE-2017-1521 IBM Cross-site Scripting vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting.

4.3
2017-10-26 CVE-2017-1232 IBM Cleartext Transmission of Sensitive Information vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

4.3
2017-10-26 CVE-2017-1228 IBM Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute.

4.3
2017-10-26 CVE-2012-4378 Mediawiki Cross-site Scripting vulnerability in Mediawiki

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php.

4.3
2017-10-26 CVE-2012-4377 Mediawiki Cross-site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image.

4.3
2017-10-26 CVE-2017-15922 GNU Out-of-bounds Read vulnerability in GNU Libextractor 1.4

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.

4.3
2017-10-26 CVE-2017-7732 Fortinet Cross-site Scripting vulnerability in Fortinet Fortimail

A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests.

4.3
2017-10-25 CVE-2017-15885 Axis Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.03

Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml.

4.3
2017-10-24 CVE-2017-15878 Keystonejs Cross-site Scripting vulnerability in Keystonejs Keystone

A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.

4.3
2017-10-24 CVE-2017-1212 IBM Unspecified vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file.

4.3
2017-10-24 CVE-2017-15874 Busybox Integer Underflow (Wrap or Wraparound) vulnerability in Busybox 1.27.2

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.

4.3
2017-10-24 CVE-2017-15873 Busybox
Debian
Canonical
Integer Overflow or Wraparound vulnerability in multiple products

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

4.3
2017-10-24 CVE-2017-15867 User Login History Project Cross-site Scripting vulnerability in User-Login-History Project User-Login-History

Multiple cross-site scripting (XSS) vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, (3) user_id, (4) username, (5) country_name, (6) browser, (7) operating_system, or (8) ip_address parameter to admin/partials/listing/listing.php.

4.3
2017-10-24 CVE-2017-15863 WP NO External Links Project Cross-site Scripting vulnerability in WP NO External Links Project WP NO External Links

Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin before 3.5.19 for WordPress via the date1 or date2 parameter to wp-admin/options-general.php.

4.3
2017-10-24 CVE-2016-10517 Redislabs 7PK - Security Features vulnerability in Redislabs Redis

networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).

4.3
2017-10-24 CVE-2017-15186 Ffmpeg Double Free vulnerability in Ffmpeg

Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file.

4.3
2017-10-23 CVE-2015-5532 Strangerstudios Cross-site Scripting vulnerability in Strangerstudios Paid Memberships PRO

Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to membershiplevels.php, (2) memberslist.php, or (3) orders.php in adminpages/ or the (4) edit parameter to adminpages/membershiplevels.php.

4.3
2017-10-23 CVE-2012-4569 Letodms Project Cross-site Scripting vulnerability in Letodms Project Letodms

Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2017-10-23 CVE-2012-4567 Letodms Project Cross-site Scripting vulnerability in Letodms Project Letodms

Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.ClassUI.php or (2) out/out.DocumentNotify.php.

4.3
2017-10-23 CVE-2011-4333 Scilico Cross-site Scripting vulnerability in Scilico Labwiki 1.0.1/1.1

Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php.

4.3
2017-10-23 CVE-2011-2683 Reseed Project 7PK - Security Features vulnerability in Reseed Project Reseed

reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack.

4.3
2017-10-23 CVE-2017-15812 Easy Appointments Project Cross-site Scripting vulnerability in Easy Appointments Project Easy Appointments

The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel.

4.3
2017-10-23 CVE-2017-15810 Popcash Cross-site Scripting vulnerability in Popcash Popcash.Net Code Integration Tool 1.0

The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress has XSS via the tab parameter to wp-admin/admin.php.

4.3
2017-10-23 CVE-2017-15809 Phpmyfaq Cross-site Scripting vulnerability in PHPmyfaq

In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.

4.3
2017-10-23 CVE-2016-10516 Palletsprojects Cross-site Scripting vulnerability in Palletsprojects Werkzeug

Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message.

4.3
2017-10-23 CVE-2017-15687 Logitech Cross-site Scripting vulnerability in Logitech Media Server

DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI.

4.3
2017-10-23 CVE-2017-7148 Apple Information Exposure vulnerability in Apple Iphone OS 10.3.3

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7144 Apple Permission Issues vulnerability in Apple Iphone OS and Safari

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7131 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7119 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7118 Apple Improper Input Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7109 Apple
Microsoft
Cross-site Scripting vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7106 Apple
Microsoft
Improper Input Validation vulnerability in Apple Icloud, Iphone OS and Safari

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7097 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7089 Apple
Microsoft
Cross-site Scripting vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7085 Apple Improper Input Validation vulnerability in Apple Iphone OS and Safari

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7084 Apple Unspecified vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7079 Apple Files or Directories Accessible to External Parties vulnerability in Apple Itunes

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7074 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2017-10-23 CVE-2017-7072 Apple Improper Input Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2017-10-27 CVE-2017-15937 Artica Information Exposure vulnerability in Artica Pandora FMS 7.0

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition.

4.0
2017-10-27 CVE-2017-14182 Fortinet Improper Input Validation vulnerability in Fortinet Fortios

A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API.

4.0
2017-10-26 CVE-2017-1226 IBM Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system.

4.0
2017-10-26 CVE-2017-15917 Paessler Improper Privilege Management vulnerability in Paessler Prtg Network Monitor 17.3.33.2830

In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server.

4.0
2017-10-25 CVE-2017-1295 IBM Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management

IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage.

4.0
2017-10-25 CVE-2017-1241 IBM Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management

An unspecified vulnerability in IBM Jazz Foundation based applications might allow the display of stack trace information to an attacker.

4.0
2017-10-23 CVE-2017-7083 Apple Improper Input Validation vulnerability in Apple products

An issue was discovered in certain Apple products.

4.0

34 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-10-28 CVE-2017-15948 Edgeofmyseat Cross-site Scripting vulnerability in Edgeofmyseat Perch 3.0.3

Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field.

3.5
2017-10-28 CVE-2017-15947 Aspsource Cross-site Scripting vulnerability in Aspsource Simple ASC Content Management System 1.2

Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp.

3.5
2017-10-27 CVE-2017-15936 Artica Cross-site Scripting vulnerability in Artica Pandora FMS 7.0

In Artica Pandora FMS version 7.0, an Attacker with write Permission can create an agent with an XSS Payload; when a user enters the agent definitions page, the script will get executed.

3.5
2017-10-27 CVE-2017-15934 Artica Cross-site Scripting vulnerability in Artica Pandora FMS 7.0

Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter.

3.5
2017-10-26 CVE-2017-15911 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire

The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allows arbitrary client-side JavaScript code execution on victims who click a crafted setup/setup-host-settings.jsp?domain= link, aka XSS.

3.5
2017-10-26 CVE-2017-12158 Redhat
Keycloak
Cross-site Scripting vulnerability in multiple products

It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations.

3.5
2017-10-26 CVE-2017-7335 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiwlc

A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests.

3.5
2017-10-25 CVE-2017-1363 IBM Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management

IBM Team Concert (RTC) is vulnerable to cross-site scripting.

3.5
2017-10-25 CVE-2017-1169 IBM Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management

IBM DOORS next Generation (DNG/RRC) is vulnerable to cross-site scripting.

3.5
2017-10-25 CVE-2017-1164 IBM Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management

IBM Jazz Foundation is vulnerable to cross-site scripting.

3.5
2017-10-24 CVE-2017-15881 Keystonejs Cross-site Scripting vulnerability in Keystonejs Keystone

Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878.

3.5
2017-10-24 CVE-2017-1209 IBM Cross-site Scripting vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to cross-site scripting.

3.5
2017-10-24 CVE-2016-3049 IBM Cross-site Scripting vulnerability in IBM Openpages GRC Platform 7.1/7.2/7.3

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection.

3.5
2017-10-24 CVE-2017-15872 Phpwcms Cross-site Scripting vulnerability in PHPwcms 1.8.9

phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and include/inc_tmpl/admin.newuser.tmpl.php via the username (aka new_login) field.

3.5
2017-10-23 CVE-2015-5379 Axigen Cross-site Scripting vulnerability in Axigen Mail Server

Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment.

3.5
2017-10-23 CVE-2017-15811 Pootlepress Cross-site Scripting vulnerability in Pootlepress Pootle Button 1.0.0/1.1.0/1.1.1

The Pootle Button plugin before 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php.

3.5
2017-10-27 CVE-2017-5084 Google Improper Privilege Management vulnerability in Google Chrome OS

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

3.3
2017-10-27 CVE-2017-5081 Google
Debian
Redhat
Improper Input Validation vulnerability in multiple products

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.

3.3
2017-10-26 CVE-2017-15096 Gluster NULL Pointer Dereference vulnerability in Gluster Glusterfs

A flaw was found in GlusterFS in versions prior to 3.10.

3.3
2017-10-27 CVE-2017-6161 F5 Resource Exhaustion vulnerability in F5 products

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd.

2.9
2017-10-27 CVE-2015-1835 Apache Improper Input Validation vulnerability in Apache Cordova

Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.

2.6
2017-10-23 CVE-2017-13683 Symantec Missing Release of Resource after Effective Lifetime vulnerability in Symantec Endpoint Encryption

In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released.

2.3
2017-10-23 CVE-2017-13682 Symantec Missing Release of Resource after Effective Lifetime vulnerability in Symantec Encryption Desktop 10.3.0/10.3.1/10.3.2

In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released.

2.3
2017-10-29 CVE-2017-15997 NQ Use of a Broken or Risky Cryptographic Algorithm vulnerability in NQ Contacts Backup & Restore 1.1

In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences.

2.1
2017-10-23 CVE-2015-6839 Grupo MSA Improper Input Validation vulnerability in Grupo MSA Vot.Ar 3.1

The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag.

2.1
2017-10-23 CVE-2011-2684 Rkkda Link Following vulnerability in Rkkda Foo2Zjs 20090908Dfsg5.1+Squeeze0/20110722Dfsg1/20110722Dfsg3Ubuntu1

foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary files via a symlink attack on /tmp/foo2zjs.

2.1
2017-10-23 CVE-2017-7150 Apple Weak Password Requirements vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2017-10-23 CVE-2017-7149 Apple Unspecified vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2017-10-23 CVE-2017-7143 Apple Cleartext Transmission of Sensitive Information vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2017-10-23 CVE-2017-7139 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2017-10-23 CVE-2017-7138 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2017-10-23 CVE-2017-7082 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2017-10-24 CVE-2017-1211 IBM Information Exposure vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled.

1.9
2017-10-24 CVE-2017-12618 Apache Out-of-bounds Read vulnerability in Apache Portable Runtime Utility

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access.

1.9