Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11837 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2017-12-01 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-9701 | 1 Google | 1 Android | 2017-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory. | |||||
| CVE-2017-9719 | 1 Google | 1 Android | 2017-12-01 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame size is out of range. | |||||
| CVE-2017-11836 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2017-12-01 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-16540 | 1 Open-emr | 1 Openemr | 2017-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter. | |||||
| CVE-2017-11876 | 1 Microsoft | 2 Project Server, Sharepoint Enterprise Server | 2017-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim's identity to take actions on the web application on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim, aka "Microsoft Project Server Elevation of Privilege Vulnerability". | |||||
| CVE-2017-11092 | 1 Google | 1 Android | 2017-11-30 | 9.3 HIGH | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can potentially occur. | |||||
| CVE-2017-11091 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free condition can potentially occur due to a fence being installed too early. | |||||
| CVE-2017-11085 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msm_audio_effects_virtualizer_handler, file msm-audio-effects-q6-v2.c | |||||
| CVE-2017-11058 | 1 Google | 1 Android | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. | |||||
| CVE-2017-11032 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator_send_msg(). | |||||
| CVE-2017-11029 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow. | |||||
| CVE-2017-11027 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability. | |||||
| CVE-2017-11028 | 1 Google | 1 Android | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents of an arbitrary kernel address can be leaked to userspace by the function msm_isp_get_stream_common_data(). | |||||
| CVE-2017-11878 | 1 Microsoft | 6 Excel, Excel 2007, Excel 2010 and 3 more | 2017-11-30 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability". | |||||
| CVE-2017-11025 | 1 Google | 1 Android | 2017-11-30 | 4.4 MEDIUM | 7.0 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur. | |||||
| CVE-2017-11024 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After Free condition. | |||||
| CVE-2017-1000238 | 1 Invoiceplane | 1 Invoiceplane | 2017-11-30 | 6.5 MEDIUM | 8.8 HIGH |
| InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver. | |||||
| CVE-2017-11018 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel | |||||
| CVE-2017-11017 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or access uninitialized memory. | |||||
| CVE-2017-9721 | 1 Google | 1 Android | 2017-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image. | |||||
| CVE-2017-3893 | 1 Blackberry | 1 Qnx Software Development Platform | 2017-11-30 | 6.4 MEDIUM | 7.5 HIGH |
| In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks. | |||||
| CVE-2017-3892 | 1 Blackberry | 1 Qnx Software Development Platform | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs resources. | |||||
| CVE-2017-10267 | 1 Oracle | 1 Tuxedo | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2017-9758 | 1 Savitech-ic | 1 Savitech Driver | 2017-11-30 | 5.8 MEDIUM | 7.4 HIGH |
| Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion." | |||||
| CVE-2017-16762 | 1 Sanic Project | 1 Sanic | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring. | |||||
| CVE-2017-1000189 | 1 Ejs | 1 Ejs | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile() | |||||
| CVE-2017-1000129 | 1 S9y | 1 Serendipity | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure | |||||
| CVE-2017-14388 | 1 Pivotal Software | 1 Grootfs | 2017-11-29 | 6.8 MEDIUM | 7.8 HIGH |
| Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer. | |||||
| CVE-2017-9314 | 1 Dahuasecurity | 44 Nvr5208-4ks2, Nvr5208-4ks2 Firmware, Nvr5208-8p-4ks2 and 41 more | 2017-11-29 | 6.5 MEDIUM | 8.8 HIGH |
| Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message. | |||||
| CVE-2014-4000 | 1 Cacti | 1 Cacti | 2017-11-29 | 6.5 MEDIUM | 8.8 HIGH |
| Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()). | |||||
| CVE-2017-15865 | 2 Cumulusnetworks, Frrouting | 2 Cumulus Linux, Frrouting | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492). | |||||
| CVE-2016-6803 | 2 Apache, Microsoft | 2 Openoffice, Windows | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. | |||||
| CVE-2017-10875 | 1 Iodata | 2 Lan Disk Connect, Lan Disk Connect Firmware | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors. | |||||
| CVE-2017-10885 | 1 Sbisec | 1 Hyper Sbi | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-16806 | 1 Ulterius | 1 Ulterius Server | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal. | |||||
| CVE-2017-11177 | 1 Websense | 1 Triton Ap Email | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory. | |||||
| CVE-2017-16524 | 2 Hanwhasecurity, Samsung | 2 Web Viewer, Srn-1670d | 2017-11-29 | 6.5 MEDIUM | 8.8 HIGH |
| Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI. | |||||
| CVE-2017-13703 | 1 Moxa | 2 Eds-g512e, Eds-g512e Firmware | 2017-11-29 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. | |||||
| CVE-2016-4118 | 2 Adobe, Microsoft | 2 Connect, Windows | 2017-11-29 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2017-16641 | 1 Cacti | 1 Cacti | 2017-11-28 | 9.0 HIGH | 7.2 HIGH |
| lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php. | |||||
| CVE-2017-8810 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests. | |||||
| CVE-2017-8814 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk." | |||||
| CVE-2017-8815 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules. | |||||
| CVE-2017-13843 | 1 Apple | 1 Mac Os X | 2017-11-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13838 | 1 Apple | 1 Mac Os X | 2017-11-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-16563 | 1 Grandstream | 2 Ht802, Ht802 Firmware | 2017-11-27 | 6.0 MEDIUM | 8.0 HIGH |
| Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update. | |||||
| CVE-2017-16565 | 1 Grandstream | 2 Ht802, Ht802 Firmware | 2017-11-27 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests. | |||||
| CVE-2017-13834 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary. | |||||
| CVE-2017-7132 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document. | |||||