Weekly Vulnerabilities Reports > November 20 to 26, 2017

Overview

227 new vulnerabilities reported during this period, including 33 critical vulnerabilities and 67 high severity vulnerabilities. This weekly summary report vulnerabilities in 393 products from 55 vendors including Huawei, Debian, Intel, Apache, and Libxls Project. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Information Exposure", "Command Injection", and "Cross-site Scripting".

  • 165 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 52 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 193 reported vulnerabilities are exploitable by an anonymous user.
  • Huawei has the most reported vulnerabilities, with 145 reported vulnerabilities.
  • Huawei has the most reported critical vulnerabilities, with 26 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

33 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-11-24 CVE-2017-16934 Dbltek OS Command Injection vulnerability in Dbltek web Server

The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp request, which supports a "<%%25call system.exec:" string in the passwd parameter.

10.0
2017-11-22 CVE-2017-8864 Cohuhd Protection Mechanism Failure vulnerability in Cohuhd 3960Hd Firmware

Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if (!passwordsAreEqual())" test.

10.0
2017-11-22 CVE-2017-8862 Cohuhd Unrestricted Upload of File with Dangerous Type vulnerability in Cohuhd 3960Hd Firmware

The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges.

10.0
2017-11-22 CVE-2017-16926 Ohcount Project OS Command Injection vulnerability in Ohcount Project Ohcount 3.0.0

Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.

10.0
2017-11-20 CVE-2017-11402 Belden Improper Input Validation vulnerability in Belden Tofino Xenon Security Appliance Firmware

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.

10.0
2017-11-22 CVE-2017-8212 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8211 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8210 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8209 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8208 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8207 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware

The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8205 Huawei Integer Overflow or Wraparound vulnerability in Huawei Honor 9 Firmware Stanfordal00C00B175

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8204 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 9 Firmware Stanfordal00C00B175

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8170 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Vie-L09 Firmware Viel09C02B131/Viel09C25B120/Viel09C40B181

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8169 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Vie-L09 Firmware Viel09C02B131/Viel09C25B120/Viel09C40B181

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8160 Huawei Use After Free vulnerability in Huawei products

The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) vulnerability.

9.3
2017-11-22 CVE-2017-8159 Huawei Incorrect Type Conversion or Cast vulnerability in Huawei products

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability.

9.3
2017-11-22 CVE-2017-8150 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation.

9.3
2017-11-22 CVE-2017-8142 Huawei Use After Free vulnerability in Huawei Mate 9 Firmware and Mate 9 PRO Firmware

The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability.

9.3
2017-11-22 CVE-2017-8141 Huawei Double Free vulnerability in Huawei P10 Plus Firmware

The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability.

9.3
2017-11-22 CVE-2017-8140 Huawei Double Free vulnerability in Huawei P9 Plus Firmware Eval09C636B388/Vieal10

The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability.

9.3
2017-11-22 CVE-2017-8137 Huawei Untrusted Search Path vulnerability in Huawei Hedex Lite

HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path.

9.3
2017-11-22 CVE-2017-2729 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5A Firmware and P8 Lite Firmware

The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2726 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P10 Firmware and P10 Plus Firmware

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2725 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P10 Firmware and P10 Plus Firmware

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2724 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P10 Firmware and P10 Plus Firmware

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2716 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate 9 Firmware

The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2698 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P8 Firmware

The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2697 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products

The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability.

9.3
2017-11-22 CVE-2017-2696 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Y6Ii Firmware

The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability.

9.3
2017-11-20 CVE-2016-6804 Apache
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Apache Openoffice

The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges.

9.3
2017-11-22 CVE-2017-8197 Huawei Command Injection vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv)

FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerability.

9.0
2017-11-21 CVE-2017-5712 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel products

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

9.0

67 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-11-22 CVE-2017-8135 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports.

8.3
2017-11-22 CVE-2017-8134 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports.

8.3
2017-11-22 CVE-2017-8132 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports.

8.3
2017-11-22 CVE-2017-8131 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports.

8.3
2017-11-22 CVE-2017-2719 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10Rc2

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port.

8.3
2017-11-22 CVE-2017-2718 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00/V100R006C10

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port.

8.3
2017-11-21 CVE-2017-16923 Tenda OS Command Injection vulnerability in Tenda Ac15 Firmware, Ac18 Firmware and AC9 Firmware

Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN.

8.3
2017-11-22 CVE-2017-8167 Huawei Improper Input Validation vulnerability in Huawei Usg9500 Firmware V500R001C50

Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device.

7.8
2017-11-20 CVE-2017-16902 Vonage Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vonage Vdv-23 Firmware 3.2.110.9.40

On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.

7.8
2017-11-22 CVE-2017-8193 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability.

7.7
2017-11-22 CVE-2017-2714 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Fusionsphere Openstack 100R006C00/100R006C10

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability.

7.7
2017-11-25 CVE-2017-16943 Exim
Debian
Use After Free vulnerability in multiple products

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

7.5
2017-11-23 CVE-2017-16931 Xmlsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xmlsoft Libxml2

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.

7.5
2017-11-23 CVE-2017-15088 MIT Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in MIT Kerberos 5

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions.

7.5
2017-11-22 CVE-2017-8129 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8128 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8126 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8124 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8123 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8122 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001

The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8120 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8119 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-8117 Huawei Improper Input Validation vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters.

7.5
2017-11-22 CVE-2017-2738 Huawei Improper Authentication vulnerability in Huawei Vcm5010 Firmware

VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability.

7.5
2017-11-22 CVE-2017-13071 Qnap Command Injection vulnerability in Qnap Video Station 5.1.3/5.2.0

QNAP has already patched this vulnerability.

7.5
2017-11-22 CVE-2017-8861 Cohuhd Improper Authentication vulnerability in Cohuhd 3960Hd Firmware

Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets.

7.5
2017-11-21 CVE-2015-3934 Fiyo SQL Injection vulnerability in Fiyo CMS 2.0.1.9.1

Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.

7.5
2017-11-21 CVE-2017-5719 Intel Unspecified vulnerability in Intel Deep Learning Training Tool

A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.

7.5
2017-11-21 CVE-2017-16920 Finecms Unspecified vulnerability in Finecms 5.2.0

v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via a member api swfupload action to index.php.

7.5
2017-11-21 CVE-2017-16613 Openstack
Debian
Improper Authentication vulnerability in multiple products

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1.

7.5
2017-11-21 CVE-2017-16840 Ffmpeg
Debian
Out-of-bounds Read vulnerability in multiple products

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.

7.5
2017-11-20 CVE-2017-16903 Lvyecms Project Path Traversal vulnerability in Lvyecms Project Lvyecms

LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php.

7.5
2017-11-20 CVE-2017-16896 TT RSS SQL Injection vulnerability in Tt-Rss Tiny RSS 17.4

A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.

7.5
2017-11-20 CVE-2017-11401 Belden Unspecified vulnerability in Belden Tofino Xenon Security Appliance Firmware

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.

7.5
2017-11-24 CVE-2017-16939 Linux Use After Free vulnerability in Linux Kernel

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

7.2
2017-11-23 CVE-2017-16927 Xrdp
Debian
Neutrinolabs
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.

7.2
2017-11-22 CVE-2017-8215 Huawei Unspecified vulnerability in Huawei products

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have a permission control vulnerability.

7.2
2017-11-22 CVE-2017-8214 Huawei Improper Authentication vulnerability in Huawei products

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability.

7.2
2017-11-22 CVE-2017-8206 Huawei Unspecified vulnerability in Huawei Honor 7 Lite Firmware

HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability.

7.2
2017-11-22 CVE-2017-8185 Huawei Exposure of Resource to Wrong Sphere vulnerability in Huawei Me906S-158 Firmware

ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability.

7.2
2017-11-22 CVE-2017-8166 Huawei Unspecified vulnerability in Huawei Honor V9 Firmware Dukeal20C00B191

Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability.

7.2
2017-11-22 CVE-2017-8156 Huawei Missing Authentication for Critical Function vulnerability in Huawei B2338-168 Firmware V100R001C00

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port.

7.2
2017-11-22 CVE-2017-8155 Huawei Missing Authentication for Critical Function vulnerability in Huawei B2338-168 Firmware V100R001C00

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on a certain port.

7.2
2017-11-22 CVE-2017-8151 Huawei Improper Authentication vulnerability in Huawei Honor 5S Firmware

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components.

7.2
2017-11-22 CVE-2017-2703 Huawei Security Bypass vulnerability in Huawei Smart Phones

Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass.

7.2
2017-11-22 CVE-2017-2702 Huawei Unspecified vulnerability in Huawei Mate 9 Firmware

Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass.

7.2
2017-11-22 CVE-2017-2691 Huawei Security Bypass vulnerability in Huawei Smart Phones

Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability.

7.2
2017-11-22 CVE-2017-12172 Postgresql Link Following vulnerability in Postgresql

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account.

7.2
2017-11-21 CVE-2017-5711 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel products

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

7.2
2017-11-21 CVE-2017-5710 Intel Unspecified vulnerability in Intel Trusted Execution Engine Firmware 3.0

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector.

7.2
2017-11-21 CVE-2017-5709 Intel Unspecified vulnerability in Intel Server Platform Services Firmware 4.0

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.

7.2
2017-11-21 CVE-2017-5708 Intel Unspecified vulnerability in Intel Manageability Engine Firmware

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.

7.2
2017-11-21 CVE-2017-5707 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Trusted Execution Engine Firmware 3.0

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code.

7.2
2017-11-21 CVE-2017-5706 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Server Platform Services Firmware 4.0

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

7.2
2017-11-21 CVE-2017-5705 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Manageability Engine Firmware

Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.

7.2
2017-11-20 CVE-2017-11400 Belden Improper Verification of Cryptographic Signature vulnerability in Belden Tofino Xenon Security Appliance Firmware

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00.

7.2
2017-11-22 CVE-2017-8216 Huawei Incorrect Authorization vulnerability in Huawei P10 Lite Firmware

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability.

7.1
2017-11-22 CVE-2017-8202 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has a buffer overflow vulnerability due to the lack of parameter validation.

7.1
2017-11-22 CVE-2017-8186 Huawei Improper Input Validation vulnerability in Huawei Mha-Al00A

The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation.

7.1
2017-11-22 CVE-2017-8175 Huawei Improper Input Validation vulnerability in Huawei Vicky-Al00A, Victoria-Al00A and Warsaw-Al00

The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation.

7.1
2017-11-22 CVE-2017-8172 Huawei Improper Validation of Array Index vulnerability in Huawei P10 Firmware and P10 Plus Firmware

Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service (DoS) vulnerability.

7.1
2017-11-22 CVE-2017-8149 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P10 Firmware and P10 Plus Firmware

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation.

7.1
2017-11-22 CVE-2017-8144 Huawei Improper Restriction of Power Consumption vulnerability in Huawei products

Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting.

7.1
2017-11-22 CVE-2017-8143 Huawei Improper Input Validation vulnerability in Huawei Honor 5C Firmware and P9 Lite Firmware

Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability.

7.1
2017-11-22 CVE-2017-2734 Huawei Resource Exhaustion vulnerability in Huawei P9 Plus Firmware

P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability.

7.1
2017-11-22 CVE-2017-2731 Huawei Improper Input Validation vulnerability in Huawei P9 Plus Firmware

The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability.

7.1
2017-11-22 CVE-2017-2711 Huawei Improper Input Validation vulnerability in Huawei P9 Plus Firmware

P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver.

7.1

108 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-11-24 CVE-2017-16933 Icinga Incorrect Permission Assignment for Critical Resource vulnerability in Icinga

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_USER account for creation of a link.

6.9
2017-11-22 CVE-2017-2728 Huawei Local Security Bypass vulnerability in Huawei Honor 6X Firmware Berlinl21C10B372/Berlinl21C185B363/Berlinl21C464B137

Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability.

6.9
2017-11-24 CVE-2017-16938 Optipng Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Optipng Project Optipng 0.7.6

A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file.

6.8
2017-11-22 CVE-2017-16879 GNU Out-of-bounds Write vulnerability in GNU Ncurses 6.0

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.

6.8
2017-11-22 CVE-2017-8203 Huawei Use After Free vulnerability in Huawei Nova 2 Firmware and Nova 2 Plus Firmware

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability.

6.8
2017-11-22 CVE-2017-8181 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation.

6.8
2017-11-22 CVE-2017-8180 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation.

6.8
2017-11-22 CVE-2017-8179 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation.

6.8
2017-11-22 CVE-2017-8163 Huawei Out-of-bounds Read vulnerability in Huawei products

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability.

6.8
2017-11-22 CVE-2017-8138 Huawei Cross-Site Request Forgery (CSRF) vulnerability in Huawei Hedex Lite

HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability.

6.8
2017-11-22 CVE-2017-2699 Huawei Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Honor 7 Firmware, Lyo-L21 Firmware and Mate S Firmware

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability.

6.8
2017-11-22 CVE-2017-2693 Huawei Path Traversal vulnerability in Huawei products

ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a path traversal vulnerability.

6.8
2017-11-22 CVE-2017-2692 Huawei Command Injection vulnerability in Huawei products

The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a privilege elevation vulnerability.

6.8
2017-11-20 CVE-2017-2919 Libxls Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libxls Project Libxls 1.3.4

An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4.

6.8
2017-11-20 CVE-2017-2897 Libxls Project Out-of-bounds Write vulnerability in Libxls Project Libxls 1.4.0

An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4.

6.8
2017-11-20 CVE-2017-2896 Libxls Project Out-of-bounds Write vulnerability in Libxls Project Libxls 1.4

An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4.

6.8
2017-11-20 CVE-2017-12111 Libxls Project Out-of-bounds Write vulnerability in Libxls Project Libxls 1.4

An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4.

6.8
2017-11-20 CVE-2017-12110 Libxls Project Integer Overflow or Wraparound vulnerability in Libxls Project Libxls 1.4

An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.

6.8
2017-11-20 CVE-2017-12608 Apache
Debian
Out-of-bounds Write vulnerability in multiple products

A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

6.8
2017-11-20 CVE-2017-12607 Apache
Debian
Out-of-bounds Write vulnerability in multiple products

A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

6.8
2017-11-20 CVE-2017-9806 Apache Out-of-bounds Write vulnerability in Apache Openoffice and Openoffice.Org

A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

6.8
2017-11-25 CVE-2017-16941 Octobercms Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October

** DISPUTED ** October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a .htaccess file.

6.5
2017-11-24 CVE-2016-10700 Cacti Permissions, Privileges, and Access Controls vulnerability in Cacti

auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered.

6.5
2017-11-22 CVE-2017-8198 Huawei SQL Injection vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv)

FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability.

6.5
2017-11-22 CVE-2017-8195 Huawei Improper Authentication vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability.

6.5
2017-11-22 CVE-2017-8194 Huawei Improper Authentication vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability.

6.5
2017-11-22 CVE-2017-8188 Huawei Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability.

6.5
2017-11-22 CVE-2017-8133 Huawei Command Injection vulnerability in Huawei Neteco V600R008C00/V600R008C10

Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability.

6.5
2017-11-22 CVE-2017-2737 Huawei Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Vcm5010 Firmware

VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability.

6.5
2017-11-22 CVE-2017-2736 Huawei Command Injection vulnerability in Huawei Vcm5010 Firmware

VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability.

6.5
2017-11-22 CVE-2017-2722 Huawei Improper Input Validation vulnerability in Huawei products

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device.

6.5
2017-11-21 CVE-2017-16664 Otrs
Debian
Code Injection vulnerability in multiple products

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20.

6.5
2017-11-21 CVE-2017-15044 Docuware Unspecified vulnerability in Docuware Fulltext Server

The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API.

6.5
2017-11-20 CVE-2017-16544 Busybox
Debian
Vmware
Redlion
Canonical
Code Injection vulnerability in multiple products

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal.

6.5
2017-11-22 CVE-2017-8182 Huawei Out-of-bounds Read vulnerability in Huawei MTK Platform Smart Phone Firmware

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability.

5.8
2017-11-22 CVE-2017-8153 Huawei Permission Issues vulnerability in Huawei Vmall

Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design.

5.8
2017-11-22 CVE-2017-2735 Huawei Exposed Dangerous Method or Function vulnerability in Huawei Y6 PRO Firmware 9.1.0.248(C636E5R3P1)

TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability.

5.8
2017-11-22 CVE-2017-2707 Huawei Download of Code Without Integrity Check vulnerability in Huawei Mate 9 Firmware

Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module.

5.8
2017-11-22 CVE-2017-2706 Huawei Path Traversal vulnerability in Huawei Mate 9 Firmware

Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module.

5.8
2017-11-21 CVE-2017-5729 Intel Unspecified vulnerability in Intel products

Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.

5.8
2017-11-20 CVE-2017-16899 Xfig Project
Debian
Improper Validation of Array Index vulnerability in multiple products

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.

5.8
2017-11-22 CVE-2017-15098 Postgresql
Debian
Information Exposure vulnerability in multiple products

Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.

5.5
2017-11-22 CVE-2017-8148 Huawei Race Condition vulnerability in Huawei P9 Firmware

Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability.

5.4
2017-11-20 CVE-2017-15527 Symantec Path Traversal vulnerability in Symantec Management Console

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.

5.2
2017-11-25 CVE-2017-16944 Exim
Debian
Infinite Loop vulnerability in multiple products

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function.

5.0
2017-11-24 CVE-2017-16935 Ametys Improper Input Validation vulnerability in Ametys

Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by obtaining account details via a users/search.json request, and then modifying the account via an editUser request.

5.0
2017-11-23 CVE-2017-16932 Xmlsoft Infinite Loop vulnerability in Xmlsoft Libxml2

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.

5.0
2017-11-23 CVE-2017-13701 Moxa Information Exposure vulnerability in Moxa Eds-G512E Firmware 5.1

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.

5.0
2017-11-23 CVE-2017-13699 Moxa Inadequate Encryption Strength vulnerability in Moxa Eds-G512E Firmware 5.1

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.

5.0
2017-11-23 CVE-2017-13698 Moxa Unspecified vulnerability in Moxa Eds-G512E Firmware 5.1

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.

5.0
2017-11-22 CVE-2017-8213 Huawei Improper Certificate Validation vulnerability in Huawei Smc2.0 Firmware

Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate.

5.0
2017-11-22 CVE-2017-8177 Huawei Improper Verification of Cryptographic Signature vulnerability in Huawei Hiwallet

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file.

5.0
2017-11-22 CVE-2017-8174 Huawei Inadequate Encryption Strength vulnerability in Huawei products

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability.

5.0
2017-11-22 CVE-2017-8147 Huawei Improper Input Validation vulnerability in Huawei products

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation.

5.0
2017-11-22 CVE-2017-8121 Huawei Information Exposure vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has an information leak vulnerability.

5.0
2017-11-22 CVE-2017-2720 Huawei Use of Hard-coded Credentials vulnerability in Huawei Fusionsphere Openstack V100R006C00

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability.

5.0
2017-11-22 CVE-2017-2712 Huawei Channel and Path Errors vulnerability in Huawei S3300 Firmware V100R006C05

S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check.

5.0
2017-11-22 CVE-2017-2704 Huawei Information Exposure vulnerability in Huawei products

Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and earlier versions,Skytone 8.1.2.300 and earlier versions,HwCloudDrive(EMUI6.0) 8.0.0.307 and earlier versions,HwPhoneFinder(EMUI6.0) 9.3.0.310 and earlier versions,HwPhoneFinder(EMUI5.1) 9.2.2.303 and earlier versions,HiCinema 8.0.2.300 and earlier versions,HuaweiWear 21.0.0.360 and earlier versions,HiHealthApp 3.0.3.300 and earlier versions have an information exposure vulnerability.

5.0
2017-11-22 CVE-2017-2700 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei Ac6005 Firmware and Ac6605 Firmware

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability.

5.0
2017-11-22 CVE-2017-8863 Cohuhd Information Exposure vulnerability in Cohuhd 3960Hd Firmware

Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser.

5.0
2017-11-22 CVE-2017-8860 Cohuhd Information Exposure vulnerability in Cohuhd 3960Hd Firmware

Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTTP/1.1" request.

5.0
2017-11-21 CVE-2017-7550 Redhat Information Exposure Through Log Files vulnerability in Redhat Ansible and Enterprise Linux Server

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module.

5.0
2017-11-20 CVE-2017-16894 Laravel Information Exposure vulnerability in Laravel

In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI.

5.0
2017-11-22 CVE-2017-8171 Huawei Exposure of Resource to Wrong Sphere vulnerability in Huawei P10 Plus Firmware

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability.

4.9
2017-11-22 CVE-2017-8161 Huawei Exposure of Resource to Wrong Sphere vulnerability in Huawei Eva-L09

EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than EVA-L09C440B140 versions,Earlier than EVA-L09C464B361 versions,Earlier than EVA-L09C675B320CUSTC675D004 versions have Factory Reset Protection (FRP) bypass security vulnerability.

4.9
2017-11-22 CVE-2017-8158 Huawei Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Fusioncompute V100R005C00/V100R005C10

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine.

4.9
2017-11-22 CVE-2017-8152 Huawei Improperly Implemented Security Check for Standard vulnerability in Huawei Honor 5S Firmware

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design.

4.9
2017-11-22 CVE-2017-2708 Huawei Missing Authentication for Critical Function vulnerability in Huawei Nice Firmware

The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability.

4.9
2017-11-22 CVE-2017-2690 Huawei Resource Exhaustion vulnerability in Huawei products

SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.

4.9
2017-11-22 CVE-2017-12193 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

4.9
2017-11-22 CVE-2017-12190 Linux Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page.

4.9
2017-11-22 CVE-2017-2713 Huawei Improper Input Validation vulnerability in Huawei P9 Firmware

HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability.

4.8
2017-11-26 CVE-2017-16948 Tgsoft NULL Pointer Dereference vulnerability in Tgsoft Vir.It Explorer 8.5.42

TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \\.\Viragtlt.

4.6
2017-11-22 CVE-2017-7501 RPM Link Following vulnerability in RPM

It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM.

4.6
2017-11-22 CVE-2017-8196 Huawei Incorrect Authorization vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv)

FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability.

4.6
2017-11-22 CVE-2017-8192 Huawei Incorrect Authorization vulnerability in Huawei Fusionsphere Openstack V100R006C00

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability.

4.6
2017-11-22 CVE-2017-8190 Huawei Improper Verification of Cryptographic Signature vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability.

4.6
2017-11-22 CVE-2017-2727 Huawei Unspecified vulnerability in Huawei P9 Firmware

Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability.

4.6
2017-11-25 CVE-2017-16942 Libsndfile Project Divide By Zero vulnerability in Libsndfile Project Libsndfile 1.0.25

In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.

4.3
2017-11-22 CVE-2017-8191 Huawei Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability.

4.3
2017-11-22 CVE-2017-8184 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability.

4.3
2017-11-22 CVE-2017-8183 Huawei Information Exposure vulnerability in Huawei MTK Platform Smart Phone Firmware

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability.

4.3
2017-11-22 CVE-2017-8157 Huawei Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability.

4.3
2017-11-22 CVE-2017-8146 Huawei Improper Input Validation vulnerability in Huawei P10 Firmware and P10 Plus Firmware

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability.

4.3
2017-11-22 CVE-2017-8145 Huawei Improper Input Validation vulnerability in Huawei P10 Firmware and P10 Plus Firmware

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability.

4.3
2017-11-22 CVE-2017-8139 Huawei Cross-site Scripting vulnerability in Huawei Hedex Lite

HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability.

4.3
2017-11-22 CVE-2017-8136 Huawei Information Exposure vulnerability in Huawei Hedex Lite

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability.

4.3
2017-11-22 CVE-2017-8127 Huawei Cross-site Scripting vulnerability in Huawei UMA V200R001

The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation.

4.3
2017-11-22 CVE-2017-8125 Huawei Cross-site Scripting vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation.

4.3
2017-11-22 CVE-2017-2733 Huawei Information Exposure vulnerability in Huawei Honor 6X Firmware

Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration.

4.3
2017-11-22 CVE-2017-2732 Huawei Information Exposure vulnerability in Huawei Hilink

Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability.

4.3
2017-11-22 CVE-2017-2709 Huawei Improper Input Validation vulnerability in Huawei Higame and Skytone

HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability.

4.3
2017-11-22 CVE-2017-2701 Huawei Insufficient Verification of Data Authenticity vulnerability in Huawei Mate 9 Firmware Mhaal00Ac00B125

Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability.

4.3
2017-11-22 CVE-2017-2695 Huawei Path Traversal vulnerability in Huawei Tit-Al00 Firmware C583B211

TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application.

4.3
2017-11-22 CVE-2017-2694 Huawei Permission Issues vulnerability in Huawei Vmall

The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call.

4.3
2017-11-22 CVE-2017-15528 Norton Improper Certificate Validation vulnerability in Norton Install Norton Security

Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target.

4.3
2017-11-22 CVE-2017-6166 F5 Double Free vulnerability in F5 products

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets.

4.3
2017-11-20 CVE-2017-3157 Apache
Debian
Redhat
Information Exposure vulnerability in multiple products

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem.

4.3
2017-11-20 CVE-2017-16904 Lvyecms Project Cross-site Scripting vulnerability in Lvyecms Project Lvyecms

The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator.

4.3
2017-11-20 CVE-2017-16898 Libming Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming

The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264.

4.3
2017-11-25 CVE-2017-16946 Misp Information Exposure Through Log Files vulnerability in Misp 2.4.82

The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a hashed password by reading the audit log.

4.0
2017-11-22 CVE-2017-8201 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei products

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an a memory leak vulnerability in H323 protocol.

4.0
2017-11-22 CVE-2017-8200 Huawei Out-of-bounds Read vulnerability in Huawei products

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol.

4.0
2017-11-22 CVE-2017-8199 Huawei Out-of-bounds Read vulnerability in Huawei products

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol.

4.0
2017-11-22 CVE-2017-8162 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have a DoS vulnerability.

4.0
2017-11-22 CVE-2017-8130 Huawei Information Exposure vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has an information leak vulnerability.

4.0
2017-11-22 CVE-2017-15099 Postgresql
Debian
Information Exposure vulnerability in multiple products

INSERT ...

4.0
2017-11-20 CVE-2017-15110 Moodle Information Exposure vulnerability in Moodle

In Moodle 3.x, students can find out email addresses of other students in the same course.

4.0

19 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-11-22 CVE-2017-8189 Huawei Path Traversal vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)

FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability.

3.6
2017-11-22 CVE-2017-8178 Huawei Cross-site Scripting vulnerability in Huawei Vicky-Al00 Firmware

Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability.

3.5
2017-11-22 CVE-2017-7736 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiweb

A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.

3.5
2017-11-21 CVE-2017-16919 Mapos Project Cross-site Scripting vulnerability in Mapos Project Mapos 2.6.4/3.1.11/3.1.5

MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter.

3.5
2017-11-20 CVE-2017-16908 Horde Cross-site Scripting vulnerability in Horde Groupware 5.2.19

In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource.

3.5
2017-11-20 CVE-2017-16907 Horde Cross-site Scripting vulnerability in Horde Groupware 5.2.19/5.2.21

In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.

3.5
2017-11-20 CVE-2017-16906 Horde Cross-site Scripting vulnerability in Horde Groupware

In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.

3.5
2017-11-24 CVE-2017-16936 Tenda Path Traversal vulnerability in Tenda Ac15 Firmware, Ac18 Firmware and AC9 Firmware

Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring.

3.3
2017-11-22 CVE-2017-8168 Huawei Missing Encryption of Sensitive Data vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv)/V100R006C10

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability.

3.3
2017-11-22 CVE-2017-2717 Huawei Integer Overflow or Wraparound vulnerability in Huawei Honor 8 PRO Firmware

honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L09C432B120 and earlier versions,Duke-L09C636B120 and earlier versions has an integer overflow vulnerability.

3.3
2017-11-22 CVE-2017-2739 Huawei Download of Code Without Integrity Check vulnerability in Huawei Vmall 1.5.2.0

The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP.

2.9
2017-11-22 CVE-2017-2730 Huawei
Apple
Information Exposure vulnerability in Huawei Hilink and Tech Support

HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability.

2.9
2017-11-22 CVE-2017-8173 Huawei Unspecified vulnerability in Huawei products

Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earlier than Warsaw-AL00C00B200 versions have a Factory Reset Protection (FRP) bypass security vulnerability.

2.1
2017-11-22 CVE-2017-8118 Huawei Information Exposure vulnerability in Huawei UMA V200R001/V300R001

The UMA product with software V200R001 and V300R001 has an information leak vulnerability.

2.1
2017-11-22 CVE-2017-2723 Huawei Cleartext Storage of Sensitive Information vulnerability in Huawei Files

The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords.

2.1
2017-11-22 CVE-2017-2721 Huawei Improper Authentication vulnerability in Huawei products

Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability.

2.1
2017-11-22 CVE-2017-2715 Huawei Information Exposure vulnerability in Huawei Files 7.1.1.309

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database.

2.1
2017-11-22 CVE-2017-2710 Huawei Local Security Bypass vulnerability in Huawei Smart Phones

BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability.

2.1
2017-11-22 CVE-2017-2705 Huawei Security Bypass vulnerability in Huawei Smart Phones

Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability.

2.1