Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1000228 | 1 Ejs | 1 Ejs | 2017-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function | |||||
| CVE-2017-1000218 | 1 Lightftp Project | 1 Lightftp | 2017-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution. | |||||
| CVE-2017-1000172 | 1 Creolabs | 1 Gravity | 2017-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition. | |||||
| CVE-2017-1000210 | 1 Altran | 1 Picotcp | 2017-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack | |||||
| CVE-2017-1000237 | 1 I-librarian | 1 I Librarian | 2017-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password. | |||||
| CVE-2017-1000235 | 1 I-librarian | 1 I Librarian | 2017-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised. | |||||
| CVE-2017-16561 | 1 Ingenious School Management System Project | 1 Ingenious School Management System | 2017-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | |||||
| CVE-2017-10871 | 1 Nttdocomo | 2 Wi-fi Station L-02f, Wi-fi Station L-02f Firmware | 2017-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and earlier allows an attacker to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-0872 | 1 Kabona | 1 Webdatorcentral | 2017-11-29 | 5.0 MEDIUM | 9.8 CRITICAL |
| A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. WDC stores password credentials in plaintext. | |||||
| CVE-2008-7319 | 1 Net-ping-external Project | 1 Net-ping-external | 2017-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used. | |||||
| CVE-2015-3933 | 1 Metalgenix | 1 Genixcms | 2017-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php. | |||||
| CVE-2017-16634 | 1 Joomla | 1 Joomla\! | 2017-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. | |||||
| CVE-2017-8809 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability. | |||||
| CVE-2017-13846 | 1 Apple | 1 Mac Os X | 2017-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2017-13832 | 1 Apple | 1 Mac Os X | 2017-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support. | |||||
| CVE-2017-16848 | 1 Zohocorp | 1 Manageengine Applications Manager | 2017-11-27 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter. | |||||
| CVE-2017-13815 | 1 Apple | 1 Mac Os X | 2017-11-27 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2017-16521 | 1 Inedo | 1 Buildmaster | 2017-11-27 | 7.5 HIGH | 9.8 CRITICAL |
| In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. | |||||
| CVE-2017-15946 | 1 Selfget | 1 Tag Meta | 2017-11-25 | 7.5 HIGH | 9.8 CRITICAL |
| In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. | |||||
| CVE-2017-10699 | 1 Videolan | 1 Vlc Media Player | 2017-11-23 | 7.5 HIGH | 9.8 CRITICAL |
| avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution. | |||||
| CVE-2017-15535 | 1 Mongodb | 1 Mongodb | 2017-11-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory. | |||||
| CVE-2017-1000171 | 1 Mahara | 1 Mahara Mobile | 2017-11-22 | 5.0 MEDIUM | 9.8 CRITICAL |
| Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text. | |||||
| CVE-2015-9245 | 1 Progress | 1 Openedge | 2017-11-22 | 7.5 HIGH | 9.8 CRITICAL |
| Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931. | |||||
| CVE-2017-1000121 | 1 Webkitgtk | 1 Webkitgtk\+ | 2017-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products. | |||||
| CVE-2014-3741 | 1 Node-printer Project | 1 Node-printer | 2017-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command. | |||||
| CVE-2017-12796 | 1 Openmrs | 1 Openmrs | 2017-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request. | |||||
| CVE-2012-4449 | 1 Apache | 1 Hadoop | 2017-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack. | |||||
| CVE-2017-15988 | 1 Nicephpscripts | 1 Nice Php Faq Script | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. | |||||
| CVE-2017-15983 | 1 Geniusocean | 1 Mymagazine Magazine \& Blog Cms | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | |||||
| CVE-2017-15986 | 1 Cpa Lead Reward Script Project | 1 Cpa Lead Reward Script | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| CPA Lead Reward Script allows SQL Injection via the username parameter. | |||||
| CVE-2017-15985 | 1 Readymadeb2bscript | 1 Basic B2b Script | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. | |||||
| CVE-2017-15979 | 1 Odallated | 1 Shareet | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter. | |||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | |||||
| CVE-2017-15987 | 1 Fake Magazine Cover Script Project | 1 Fake Magazine Cover Script | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. | |||||
| CVE-2017-15991 | 1 Vastal | 1 Agent Zone | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982. | |||||
| CVE-2012-5358 | 1 Ektron | 1 Ektron Content Management System | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial of service, or possibly have unspecified other impact via crafted XSL data. | |||||
| CVE-2012-5357 | 1 Ektron | 1 Ektron Content Management System | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data. | |||||
| CVE-2017-14356 | 1 Hp | 2 Arcsight Enterprise Security Manager, Arcsight Enterprise Security Manager Express | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection. | |||||
| CVE-2015-3249 | 1 Apache | 1 Traffic Server | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function. | |||||
| CVE-2016-4366 | 1 Hp | 1 Systems Insight Manager | 2017-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors. | |||||
| CVE-2017-15980 | 1 Rowindex | 1 Us Zip Codes Database Script | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter. | |||||
| CVE-2014-3624 | 1 Apache | 1 Traffic Server | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT. | |||||
| CVE-2017-15976 | 1 Zeescripts | 1 Zeebuddy | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604. | |||||
| CVE-2017-15975 | 1 Vastal | 1 Dating Zone | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461. | |||||
| CVE-2017-15960 | 1 Yourarticlesdirectory | 1 Article Directory Script | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. | |||||
| CVE-2017-15964 | 1 Nicephpscripts | 1 Job Board Script | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. | |||||
| CVE-2017-15962 | 1 Istock Management System Project | 1 Istock Management System | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| iStock Management System 1.0 allows Arbitrary File Upload via user/profile. | |||||
| CVE-2017-15961 | 1 Iproject Management System Project | 1 Iproject Management System | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. | |||||
| CVE-2017-15958 | 1 Domainzaar | 1 D-park Pro | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php. | |||||
| CVE-2017-15989 | 1 Online Exam Test Application Project | 1 Online Exam Test Application | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. | |||||