Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15309 | 1 Huawei | 1 Ireader | 2018-01-05 | 5.8 MEDIUM | 7.1 HIGH |
| Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory. | |||||
| CVE-2017-15308 | 1 Huawei | 1 Ireader | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and run. | |||||
| CVE-2017-15316 | 1 Huawei | 4 Mate 9, Mate 9 Firmware, Mate 9 Pro and 1 more | 2018-01-05 | 9.3 HIGH | 7.8 HIGH |
| The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which triggers double free and causes a system crash or arbitrary code execution. | |||||
| CVE-2017-6132 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart. | |||||
| CVE-2017-6138 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. | |||||
| CVE-2017-15700 | 1 Apache | 1 Sling Authentication Service | 2018-01-05 | 4.3 MEDIUM | 8.8 HIGH |
| A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials. | |||||
| CVE-2016-9177 | 1 Sparkjava | 1 Spark | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2017-14694 | 1 Foxitsoftware | 1 Foxit Reader | 2018-01-05 | 4.6 MEDIUM | 7.8 HIGH |
| Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at tiptsf!CPenInputPanel::FinalRelease+0x000000000000002f.". | |||||
| CVE-2016-9576 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. | |||||
| CVE-2016-8602 | 1 Artifex | 1 Ghostscript | 2018-01-05 | 6.8 MEDIUM | 7.8 HIGH |
| The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | |||||
| CVE-2016-5546 | 1 Oracle | 3 Jdk, Jre, Jrockit | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts). | |||||
| CVE-2017-1289 | 1 Ibm | 1 Sdk | 2018-01-05 | 6.4 MEDIUM | 8.2 HIGH |
| IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150. | |||||
| CVE-2016-5828 | 3 Debian, Linux, Novell | 3 Debian Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call. | |||||
| CVE-2016-5829 | 3 Debian, Linux, Novell | 3 Debian Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. | |||||
| CVE-2016-6325 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. | |||||
| CVE-2016-7130 | 1 Php | 1 Php | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. | |||||
| CVE-2016-7125 | 1 Php | 1 Php | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | |||||
| CVE-2017-7477 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 6.9 MEDIUM | 7.0 HIGH |
| Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function. | |||||
| CVE-2017-5838 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. | |||||
| CVE-2017-5843 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf. | |||||
| CVE-2017-8291 | 1 Artifex | 1 Ghostscript | 2018-01-05 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | |||||
| CVE-2017-5012 | 1 Google | 1 Chrome | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2017-7484 | 1 Postgresql | 1 Postgresql | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. | |||||
| CVE-2017-5009 | 1 Google | 1 Chrome | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2017-7507 | 1 Gnu | 1 Gnutls | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | |||||
| CVE-2017-7502 | 1 Mozilla | 1 Network Security Services | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. | |||||
| CVE-2017-5495 | 1 Quagga | 1 Quagga | 2018-01-05 | 7.8 HIGH | 7.5 HIGH |
| All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10. | |||||
| CVE-2017-7486 | 1 Postgresql | 1 Postgresql | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. | |||||
| CVE-2017-2636 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. | |||||
| CVE-2017-5884 | 2 Fedoraproject, Gnome | 2 Fedora, Gtk-vnc | 2018-01-05 | 6.8 MEDIUM | 7.8 HIGH |
| gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. | |||||
| CVE-2017-3058 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2018-01-05 | 9.3 HIGH | 7.8 HIGH |
| Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3064 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2018-01-05 | 9.3 HIGH | 7.8 HIGH |
| Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-5845 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag. | |||||
| CVE-2017-7869 | 1 Gnu | 1 Gnutls | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | |||||
| CVE-2017-3000 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2995 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2994 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-5034 | 3 Google, Linux, Microsoft | 3 Chrome, Linux Kernel, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | |||||
| CVE-2017-5099 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page. | |||||
| CVE-2017-5097 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2017-7187 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function. | |||||
| CVE-2017-5055 | 3 Google, Linux, Microsoft | 3 Chrome, Linux Kernel, Windows | 2018-01-05 | 9.3 HIGH | 8.8 HIGH |
| A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2017-5032 | 2 Google, Microsoft | 2 Chrome, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2017-5092 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2017-7533 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 6.9 MEDIUM | 7.0 HIGH |
| Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. | |||||
| CVE-2017-5080 | 3 Google, Linux, Microsoft | 3 Chrome, Linux Kernel, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2017-5074 | 2 Google, Microsoft | 2 Chrome, Windows | 2018-01-05 | 5.4 MEDIUM | 8.0 HIGH |
| A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth. | |||||
| CVE-2017-3253 | 1 Oracle | 3 Jdk, Jre, Jrockit | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts). | |||||
| CVE-2017-5064 | 2 Google, Microsoft | 2 Chrome, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2017-5058 | 2 Google, Microsoft | 2 Chrome, Windows | 2018-01-05 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||