Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13046 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). | |||||
| CVE-2018-19222 | 1 Laobancms | 1 Laobancms | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists. | |||||
| CVE-2017-13047 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). | |||||
| CVE-2017-13048 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | |||||
| CVE-2017-13049 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). | |||||
| CVE-2018-13870 | 1 Hdfgroup | 1 Hdf5 | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. | |||||
| CVE-2018-13873 | 1 Hdfgroup | 1 Hdf5 | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. | |||||
| CVE-2017-13050 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). | |||||
| CVE-2017-17974 | 1 Basystems | 4 Bas920, Bas920 Firmware, Isc2000 and 1 more | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative access by subsequently using the credential information for the Supervisor/Administrator account. | |||||
| CVE-2018-14078 | 1 Wi2be | 1 Smart Hp Wmt | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack). | |||||
| CVE-2017-13051 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | |||||
| CVE-2018-18922 | 1 Abisoftgt | 1 Ticketly | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request. | |||||
| CVE-2017-13052 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). | |||||
| CVE-2018-14081 | 1 D-link | 4 Dir-809, Dir-809 A1 Firmware, Dir-809 A2 Firmware and 1 more | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext. | |||||
| CVE-2018-18766 | 1 Provisio | 1 Sitekiosk | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability exists in the Call Dispatcher in Provisio SiteKiosk before 9.7.4905. | |||||
| CVE-2017-13053 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). | |||||
| CVE-2017-13054 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). | |||||
| CVE-2017-13055 | 1 Tcpdump | 1 Tcpdump | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). | |||||
| CVE-2017-17877 | 1 Valvesoftware | 2 Steam Link, Steam Link Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878. | |||||
| CVE-2018-18754 | 1 Zyxel | 2 Vmg3312-b10b, Vmg3312-b10b Firmware | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+ password hash in the etc/default.cfg file. | |||||
| CVE-2018-18563 | 1 Roche | 10 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Coaguchek Pro Ii and 7 more | 2019-10-03 | 8.3 HIGH | 9.6 CRITICAL |
| An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). Improper access control to a service command allows attackers in the adjacent network to execute arbitrary code on the system through a crafted Poct1-A message. | |||||
| CVE-2018-18555 | 1 Vyos | 1 Vyos | 2019-10-03 | 9.0 HIGH | 9.9 CRITICAL |
| A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account. | |||||
| CVE-2017-13067 | 1 Qnap | 1 Qts | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a transcoding service on port 9251. A remote user does not require any privileges to successfully execute an attack. | |||||
| CVE-2017-17773 | 1 Qualcomm | 58 Mdm9206, Mdm9206 Firmware, Mdm9607 and 55 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow. | |||||
| CVE-2017-14097 | 1 Trendmicro | 1 Smart Protection Server | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt contents of a database with information that could be used to access a vulnerable system. | |||||
| CVE-2018-17969 | 1 Samsung | 2 Scx-6545x, Scx-6545x Firmware | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests. | |||||
| CVE-2018-17191 | 1 Apache | 1 Netbeans | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE). Using the nashorn script engine the environment of the javascript execution for the Proxy Auto-Configuration leaks privileged objects, that can be used to circumvent the execution limits. If a different script engine was used, no execution limits were in place. Both vectors allow remote code execution. | |||||
| CVE-2017-17761 | 1 Ichano | 2 Athome Ip Camera, Athome Ip Camera Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Ichano AtHome IP Camera devices. The device runs the "noodles" binary - a service on port 1300 that allows a remote (LAN) unauthenticated user to run arbitrary commands. This binary requires the "system" XML element for specifying the command. For example, a <system>id</system> command results in a <system_ack>ok</system_ack> response. | |||||
| CVE-2018-14558 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. | |||||
| CVE-2017-16763 | 1 Confire Project | 1 Confire | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability. | |||||
| CVE-2017-16638 | 1 Vde Project | 1 Vde | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script. | |||||
| CVE-2017-14471 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Associated Fault Codes: 0023, 002e, and 0037 Fault Type: Recoverable Description: The STI, EII, and HSC function files contain bits signifying whether or not a fault has occurred. Additionally there is a bit signaling the module to auto start. When these bits are set for any of the three modules and the device is moved into a run state, a fault is triggered. | |||||
| CVE-2017-14472 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: Any Description: Requests a specific set of bytes from an undocumented data file and returns the ASCII version of the master password. | |||||
| CVE-2018-14565 | 1 Thunlp | 1 Thulac | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. | |||||
| CVE-2017-14473 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: Any Description: Reads the encoded ladder logic from its data file and print it out in HEX. | |||||
| CVE-2018-16705 | 1 Furuno | 4 Felcom 250, Felcom 250 Firmware, Felcom 500 and 1 more | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system's usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext. | |||||
| CVE-2018-16669 | 1 Circontrol | 1 Open Charge Point Protocol | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the ocpp and circarlife panels. | |||||
| CVE-2017-14474 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14475 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14476 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14477 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2018-14706 | 1 Drobo | 2 5n2, 5n2 Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request. | |||||
| CVE-2017-14478 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14479 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14480 | 1 Mysql-mmm | 1 Mysql Multi-master Replication Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability. | |||||
| CVE-2017-14803 | 1 Netiq | 1 Access Manager | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system. | |||||
| CVE-2017-14907 | 1 Google | 1 Android | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key. | |||||
| CVE-2018-16223 | 1 Qbeecam | 1 Qbeecam | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. | |||||
| CVE-2018-16184 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2017-12377 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device. | |||||
