Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11074 | 1 Google | 1 Android | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API. | |||||
| CVE-2017-11093 | 1 Google | 1 Android | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed. | |||||
| CVE-2017-11116 | 1 Openexif Project | 1 Openexif | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file. | |||||
| CVE-2017-11150 | 1 Synology | 1 Office | 2019-10-03 | 6.5 MEDIUM | 7.8 HIGH |
| Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. | |||||
| CVE-2017-11178 | 1 Finecms Project | 1 Finecms | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked. | |||||
| CVE-2017-11229 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF). | |||||
| CVE-2017-11326 | 1 Tilde Cms Project | 1 Tilde Cms | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass the implemented restrictions on arbitrary file upload via a filename.+php manipulation. | |||||
| CVE-2017-11411 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350. | |||||
| CVE-2017-11347 | 1 Metinfo | 1 Metinfo | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php. | |||||
| CVE-2017-1137 | 1 Ibm | 1 Websphere Application Server | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549. | |||||
| CVE-2017-11406 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values. | |||||
| CVE-2017-11409 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type. | |||||
| CVE-2017-11410 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702. | |||||
| CVE-2017-1151 | 1 Ibm | 1 Websphere Application Server | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293. | |||||
| CVE-2017-11554 | 1 Libsass | 1 Libsass | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service. | |||||
| CVE-2017-11565 | 1 Debian | 1 Tor | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same forever), which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism. NOTE: this does not affect systems, such as default Debian stretch installations, on which Tor startup relies on a systemd unit file (instead of this tor.init script). | |||||
| CVE-2017-11569 | 1 Fontforge | 1 Fontforge | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file. | |||||
| CVE-2017-11591 | 2 Canonical, Exiv2 | 2 Ubuntu Linux, Exiv2 | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | |||||
| CVE-2017-11655 | 1 Sipcrack | 1 Sipcrack | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A memory leak was found in the way SIPcrack 0.2 handled processing of SIP traffic, because a lines array was mismanaged. A remote attacker could potentially use this flaw to crash long-running sipdump network sniffing sessions. | |||||
| CVE-2017-11769 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability". | |||||
| CVE-2017-11746 | 1 Inversepath | 1 Tenshi | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill `cat /pathname/tenshi.pid`" command. | |||||
| CVE-2017-11763 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-11763. | |||||
| CVE-2017-11779 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability". | |||||
| CVE-2017-1182 | 1 Ibm | 1 Tivoli Monitoring | 2019-10-03 | 5.4 MEDIUM | 7.5 HIGH |
| IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493. | |||||
| CVE-2017-11824 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 6.9 MEDIUM | 7.0 HIGH |
| The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability". | |||||
| CVE-2017-11936 | 1 Microsoft | 1 Sharepoint Enterprise Server | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | |||||
| CVE-2017-12064 | 1 Open-emr | 1 Openemr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name. | |||||
| CVE-2017-12093 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. A specially crafted stream of packets can cause a flood of the session resource pool resulting in legitimate connections to the PLC being disconnected. An attacker can send unauthenticated packets to trigger this vulnerability. | |||||
| CVE-2017-12154 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 3.6 LOW | 7.1 HIGH |
| The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register. | |||||
| CVE-2017-1227 | 1 Ibm | 1 Bigfix Platform | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906. | |||||
| CVE-2017-12418 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. | |||||
| CVE-2017-12440 | 1 Openstack | 1 Openstack | 2019-10-03 | 6.0 MEDIUM | 7.5 HIGH |
| Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. | |||||
| CVE-2017-12463 | 1 Ccn-lite | 1 Ccn-lite | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown. | |||||
| CVE-2017-12568 | 1 Brother | 2 Dcp-j132w, Dcp-j132w Firmware | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by sending a large amount of HTTP packets. | |||||
| CVE-2017-12600 | 1 Opencv | 1 Opencv | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. | |||||
| CVE-2017-12602 | 1 Opencv | 1 Opencv | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case. | |||||
| CVE-2017-12653 | 1 360totalsecurity | 1 360 Total Security | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| 360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory. | |||||
| CVE-2017-12944 | 1 Libtiff | 1 Libtiff | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | |||||
| CVE-2017-12959 | 1 Gnu | 1 Pspp | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | |||||
| CVE-2017-1309 | 1 Ibm | 1 Infosphere Master Data Management Server | 2019-10-03 | 2.1 LOW | 7.8 HIGH |
| IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463. | |||||
| CVE-2017-13130 | 1 Bmc | 1 Patrol | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring. | |||||
| CVE-2017-13153 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product: Android. Versions: 8.0. Android ID A-65280854. | |||||
| CVE-2017-13154 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. | |||||
| CVE-2017-13161 | 1 Google | 1 Android | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. | |||||
| CVE-2017-13162 | 1 Google | 1 Android | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. | |||||
| CVE-2017-13163 | 1 Google | 1 Android | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. | |||||
| CVE-2017-13189 | 1 Google | 1 Android | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072. | |||||
| CVE-2017-13190 | 1 Google | 1 Android | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873. | |||||
| CVE-2017-13191 | 1 Google | 1 Android | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403. | |||||
| CVE-2017-13192 | 1 Google | 1 Android | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380202. | |||||