Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5719 1 Intel 1 Deep Learning Training Tool 2019-10-03 7.5 HIGH 9.8 CRITICAL
A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.
CVE-2017-5600 1 Netapp 1 Oncommand Insight 2019-10-03 7.5 HIGH 9.8 CRITICAL
The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account.
CVE-2017-5539 1 B2evolution 1 B2evolution 2019-10-03 9.0 HIGH 9.1 CRITICAL
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists.
CVE-2017-5219 1 Sagecrm 1 Sagecrm 2019-10-03 10.0 HIGH 9.8 CRITICAL
An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component file, which will be extracted to the inf directory outside of the webroot. By creating a zip file containing an empty .ecf file, to pass file-validation checks, any other file provided in zip file will be extracted onto the filesystem. In this case, a web shell with the filename '..\WWWRoot\CustomPages\aspshell.asp' was included within the zip file that, when extracted, traversed back out of the inf directory and into the SageCRM webroot. This permitted remote interaction with the underlying filesystem with the highest privilege level, SYSTEM.
CVE-2017-5135 1 Technicolor 2 Dpc3928sl, Dpc3928sl Firmware 2019-10-03 6.4 MEDIUM 9.1 CRITICAL
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability.
CVE-2017-4053 1 Mcafee 1 Advanced Threat Defense 2019-10-03 7.5 HIGH 9.8 CRITICAL
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.
CVE-2017-3623 1 Oracle 1 Solaris 2019-10-03 10.0 HIGH 10.0 CRITICAL
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Solaris. Note: CVE-2017-3623 is assigned for "Ebbisland". Solaris 10 systems which have had any Kernel patch installed after, or updated via patching tools since 2012-01-26 are not impacted. Also, any Solaris 10 system installed with Solaris 10 1/13 (Solaris 10 Update 11) are not vulnerable. Solaris 11 is not impacted by this issue. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
CVE-2017-3266 1 Oracle 1 Outside In Technology 2019-10-03 7.5 HIGH 9.8 CRITICAL
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in takeover of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).
CVE-2017-3234 1 Oracle 1 Automatic Service Request 2019-10-03 7.5 HIGH 9.8 CRITICAL
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via SFT to compromise Automatic Service Request (ASR). Successful attacks of this vulnerability can result in takeover of Automatic Service Request (ASR). CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVE-2017-3097 1 Adobe 1 Digital Editions 2019-10-03 10.0 HIGH 9.8 CRITICAL
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.
CVE-2017-2741 1 Hp 76 D3q15a, D3q15a Firmware, D3q15b and 73 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.
CVE-2017-2520 2 Apple, Debian 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.
CVE-2017-2519 2 Apple, Debian 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SQL statement.
CVE-2017-2518 2 Apple, Debian 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.
CVE-2017-2320 1 Juniper 1 Northstar Controller 2019-10-03 10.0 HIGH 10.0 CRITICAL
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management which NorthStar interacts with using read-only or read-write credentials.
CVE-2017-2234 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges.
CVE-2017-2402 1 Apple 1 Mac Os X 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass intended access restrictions by leveraging Active Directory certificate trust that should not have remained.
CVE-2017-18368 2 Billion, Zyxel 6 5200w-t, 5200w-t Firmware, P660hn-t1a V1 and 3 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.
CVE-2017-18264 2 Debian, Phpmyadmin 2 Debian Linux, Phpmyadmin 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This occurs because some implementations of the PHP substr function return false when given '' as the first argument.
CVE-2017-18239 1 Authentikat-jwt Project 1 Authentikat-jwt 2019-10-03 5.0 MEDIUM 9.8 CRITICAL
A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) version 0.4.5 and earlier allows the supplier of a JWT token to guess bit after bit of the signature by repeating validation requests.
CVE-2017-18130 1 Qualcomm 44 Mdm9206, Mdm9206 Firmware, Mdm9607 and 41 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur.
CVE-2017-18129 1 Qualcomm 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more 2019-10-03 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains.
CVE-2017-18045 1 Directadmin 1 Directadmin 2019-10-03 7.5 HIGH 9.8 CRITICAL
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows remote attackers to obtain access or cause a denial of service (segfault) via an unspecified request.
CVE-2017-18044 1 Commvault 1 Commvault 2019-10-03 10.0 HIGH 9.8 CRITICAL
A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate the input of an incoming string before passing it to CreateProcess. As a result, a specially crafted message can inject commands that will be executed on the target operating system. Exploitation of this vulnerability does not require authentication and can lead to SYSTEM level privilege on any system running the cvd daemon. This is a different vulnerability than CVE-2017-3195.
CVE-2017-17794 1 Blogotext Project 1 Blogotext 2019-10-03 7.5 HIGH 9.8 CRITICAL
validate_form_preferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to bypass intended access restrictions via vectors related to an e-mail address field.
CVE-2017-17736 1 Kentico 1 Kentico Cms 2019-10-03 7.5 HIGH 9.8 CRITICAL
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.
CVE-2017-17733 1 Maccms 1 Maccms 2019-10-03 7.5 HIGH 9.8 CRITICAL
Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request.
CVE-2017-17434 2 Debian, Samba 2 Debian Linux, Rsync 2019-10-03 7.5 HIGH 9.8 CRITICAL
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.
CVE-2017-17430 1 Sangoma 2 Netborder\/vega Session, Netborder\/vega Session Firmware 2019-10-03 7.5 HIGH 9.8 CRITICAL
Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows remote attackers to execute arbitrary commands via the web interface.
CVE-2017-17101 1 Apexis 2 Apm-h803-mpc, Apm-h803-mpc Firmware 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Apexis APM-H803-MPC software, as used with many different models of IP Camera. An unprotected CGI method inside the web application permits an unauthenticated user to bypass the login screen and access the webcam contents including: live video stream, configuration files with all the passwords, system information, and much more. With this vulnerability, anyone can access to a vulnerable webcam with 'super admin' privilege.
CVE-2017-1710 1 Ibm 8 Flashsystem V9000, Flashsystem V9000 Firmware, San Volume Controller and 5 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531.
CVE-2017-16924 1 Zohocorp 1 Manageengine Desktop Central 2019-10-03 5.0 MEDIUM 9.8 CRITICAL
Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10.0.137 allows attackers to download unencrypted XML files containing all data for configuration policies via a predictable /client-data/<client_id>/collections/##/usermgmt.xml URL, as demonstrated by passwords and Wi-Fi keys. This is fixed in build 100157.
CVE-2017-15999 1 Nq 1 Contacts Backup \& Restore 2019-10-03 5.0 MEDIUM 9.8 CRITICAL
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it for further attacks where only the hash value is required.
CVE-2017-15994 1 Samba 1 Rsync 2019-10-03 7.5 HIGH 9.8 CRITICAL
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.
CVE-2017-15877 1 Sistemagpweb 1 Gpweb 2019-10-03 5.0 MEDIUM 9.8 CRITICAL
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database.
CVE-2017-15896 1 Nodejs 1 Node.js 2019-10-03 6.4 MEDIUM 9.1 CRITICAL
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
CVE-2017-15702 1 Apache 1 Qpid Java 2019-10-03 7.5 HIGH 9.8 CRITICAL
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected.
CVE-2017-15597 1 Xen 1 Xen 2019-10-03 9.0 HIGH 9.1 CRITICAL
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
CVE-2017-15524 1 Kemptechnologies 1 Web Application Firewall 2019-10-03 6.4 MEDIUM 9.1 CRITICAL
The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request.
CVE-2017-15379 1 Softwarepublico 1 E-sic 2019-10-03 7.5 HIGH 9.8 CRITICAL
An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for the username and password.
CVE-2017-15226 1 Zyxel 2 Nbg6716, Nbg6716 Firmware 2019-10-03 7.5 HIGH 9.8 CRITICAL
Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.
CVE-2017-15032 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 7.5 HIGH 9.8 CRITICAL
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2017-14942 1 Intelbras 2 Wrn 150, Wrn 150 Firmware 2019-10-03 7.5 HIGH 9.8 CRITICAL
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
CVE-2017-14907 1 Google 1 Android 2019-10-03 10.0 HIGH 9.8 CRITICAL
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.
CVE-2017-14480 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
CVE-2017-14479 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
CVE-2017-14478 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
CVE-2017-14477 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
CVE-2017-14476 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
CVE-2017-14475 1 Mysql-mmm 1 Mysql Multi-master Replication Manager 2019-10-03 10.0 HIGH 9.8 CRITICAL
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.