Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 17685 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17821 1 Apple 1 Safari 2018-01-10 7.5 HIGH 9.8 CRITICAL
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
CVE-2017-17931 1 Resume Clone Script Project 1 Resume Clone Script 2018-01-10 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.
CVE-2017-17928 1 Ordermanagementscript 1 Professional Service Script 2018-01-10 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.
CVE-2015-7224 1 Puppet 1 Puppetlabs-mysql 2018-01-09 7.5 HIGH 9.8 CRITICAL
puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.
CVE-2017-17873 1 Vanguard Project 1 Marketplace Digital Products Php 2018-01-09 7.5 HIGH 9.8 CRITICAL
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.
CVE-2017-17892 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2018-01-09 7.5 HIGH 9.8 CRITICAL
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
CVE-2017-17906 1 Car Rental Script Project 1 Car Rental Script 2018-01-09 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
CVE-2017-17895 1 Basic Job Site Script Project 1 Basic Job Site Script 2018-01-09 7.5 HIGH 9.8 CRITICAL
Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.
CVE-2017-17899 1 Dolibarr 1 Dolibarr 2018-01-09 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter.
CVE-2017-17900 1 Dolibarr 1 Dolibarr 2018-01-09 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter.
CVE-2017-17897 1 Dolibarr 1 Dolibarr 2018-01-09 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2017-17992 1 Iwcnetwork 1 Biometric Shift Employee Management System 2018-01-09 5.0 MEDIUM 9.8 CRITICAL
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
CVE-2017-17645 1 Phpautoclassifiedscript 1 Bus Booking Script 2018-01-05 7.5 HIGH 9.8 CRITICAL
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
CVE-2017-5482 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2016-6983 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2018-01-05 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
CVE-2016-7020 5 Adobe, Apple, Google and 2 more 7 Flash Player, Mac Os X, Chrome Os and 4 more 2018-01-05 10.0 HIGH 9.8 CRITICAL
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
CVE-2016-7922 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
CVE-2016-7923 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2016-7924 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
CVE-2016-7925 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
CVE-2016-7926 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
CVE-2016-7927 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
CVE-2016-7928 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
CVE-2016-7929 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
CVE-2016-7930 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
CVE-2016-7931 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
CVE-2016-7932 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2016-7933 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
CVE-2016-7934 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-7935 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2016-7936 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
CVE-2016-7937 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2016-7938 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
CVE-2016-7939 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-7940 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
CVE-2016-7973 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
CVE-2016-7974 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2016-7975 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
CVE-2016-7978 1 Artifex 1 Ghostscript 2018-01-05 7.5 HIGH 9.8 CRITICAL
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
CVE-2016-7979 1 Artifex 1 Ghostscript 2018-01-05 7.5 HIGH 9.8 CRITICAL
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
CVE-2016-7992 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7993 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-8638 1 Ipsilon Project 1 Ipsilon 2018-01-05 6.4 MEDIUM 9.1 CRITICAL
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability."
CVE-2017-10979 1 Freeradius 1 Freeradius 2018-01-05 7.5 HIGH 9.8 CRITICAL
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
CVE-2017-5486 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5485 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5484 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5483 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5342 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341 1 Tcpdump 1 Tcpdump 2018-01-05 7.5 HIGH 9.8 CRITICAL
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().