Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9440 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9471 2 Canonical, Ytnef Project 2 Ubuntu Linux, Ytnef 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-9472 1 Ytnef Project 1 Ytnef 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-9473 2 Canonical, Ytnef Project 2 Ubuntu Linux, Ytnef 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-9474 1 Ytnef Project 1 Ytnef 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2018-1338 1 Apache 1 Tika 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.
CVE-2017-9501 1 Imagemagick 1 Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9545 1 Mpg123 1 Mpg123 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
CVE-2018-13025 1 Yxcms 1 Yxcms 2019-10-03 5.5 MEDIUM 4.9 MEDIUM
protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter.
CVE-2018-12893 2 Debian, Xen 2 Debian Linux, Xen 2019-10-03 2.1 LOW 6.5 MEDIUM
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.
CVE-2018-12891 2 Debian, Xen 2 Debian Linux, Xen 2019-10-03 4.9 MEDIUM 6.5 MEDIUM
An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.
CVE-2018-12884 1 Octopus 1 Octopus Deploy 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu.
CVE-2018-1286 1 Apache 1 Openmeetings 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.
CVE-2018-12838 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a stack overflow vulnerability. Successful exploitation could lead to information disclosure.
CVE-2017-9616 1 Wireshark 1 Wireshark 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
CVE-2017-9617 1 Wireshark 1 Wireshark 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
CVE-2017-9662 1 Fujielectric 1 Monitouch V-sft 2019-10-03 4.6 MEDIUM 5.3 MEDIUM
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges.
CVE-2017-9792 1 Apache 1 Impala 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables. This violates and works around the authorization requirement that creating a Kudu external table via Impala requires an "ALL" privilege at the server scope. This privilege requirement for "CREATE" commands is enforced to precisely avoid this scenario where a malicious user can change the underlying Kudu table mapping. The fix is to enforce the same privilege requirement for "ALTER" commands that would make existing non-external Kudu tables external.
CVE-2018-12576 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2019-10-03 4.3 MEDIUM 4.3 MEDIUM
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.
CVE-2017-9797 1 Apache 1 Geode 2019-10-03 5.8 MEDIUM 6.5 MEDIUM
When an Apache Geode cluster before v1.2.1 is operating in secure mode, an unauthenticated client can enter multi-user authentication mode and send metadata messages. These metadata operations could leak information about application data types. In addition, an attacker could perform a denial of service attack on the cluster.
CVE-2017-9843 1 Sap 1 Netweaver Abap 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841.
CVE-2017-9847 1 Libtorrent 1 Libtorrent 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2017-9954 1 Gnu 1 Binutils 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program.
CVE-2017-9955 1 Gnu 1 Binutils 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program.
CVE-2017-9959 1 Schneider-electric 1 U.motion Builder 2019-10-03 4.9 MEDIUM 5.5 MEDIUM
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition.
CVE-2017-9969 1 Schneider-electric 1 Igss Mobile 2019-10-03 2.1 LOW 6.7 MEDIUM
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.
CVE-2018-0010 1 Juniper 1 Junos Space 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.
CVE-2017-18277 1 Qualcomm 46 Mdm9206, Mdm9206 Firmware, Mdm9607 and 43 more 2019-10-03 4.9 MEDIUM 5.5 MEDIUM
When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835.
CVE-2017-18275 1 Qualcomm 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more 2019-10-03 4.9 MEDIUM 5.5 MEDIUM
A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845.
CVE-2017-18246 1 Libav 1 Libav 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
CVE-2017-18219 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
CVE-2017-18233 3 Canonical, Debian, Exempi Project 3 Ubuntu Linux, Debian Linux, Exempi 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
CVE-2017-18232 1 Linux 1 Linux Kernel 2019-10-03 2.1 LOW 5.5 MEDIUM
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2017-18208 1 Linux 1 Linux Kernel 2019-10-03 4.9 MEDIUM 5.5 MEDIUM
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
CVE-2017-18204 1 Linux 1 Linux Kernel 2019-10-03 2.1 LOW 5.5 MEDIUM
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
CVE-2017-18186 1 Qpdf Project 1 Qpdf 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
CVE-2017-18183 1 Qpdf Project 1 Qpdf 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.
CVE-2018-1999012 1 Ffmpeg 1 Ffmpeg 2019-10-03 7.1 HIGH 6.5 MEDIUM
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later.
CVE-2018-1999044 1 Jenkins 1 Jenkins 2019-10-03 4.0 MEDIUM 6.5 MEDIUM
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
CVE-2018-20002 3 F5, Gnu, Netapp 4 Traffix Signaling Delivery Controller, Binutils, Cluster Data Ontap and 1 more 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
CVE-2017-18029 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18028 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-0161 1 Cisco 15 Catalyst 2960l-16ps-ll, Catalyst 2960l-16ts-ll, Catalyst 2960l-24pq-ll and 12 more 2019-10-03 6.3 MEDIUM 6.3 MEDIUM
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The vulnerability is due to a condition that could occur when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device. A successful exploit could cause the affected device to restart due to a SYS-3-CPUHOG. This vulnerability affects the following Cisco devices if they are running a vulnerable release of Cisco IOS Software and are configured to use SNMP Version 2 (SNMPv2) or SNMP Version 3 (SNMPv3): Cisco Catalyst 2960-L Series Switches, Cisco Catalyst Digital Building Series Switches 8P, Cisco Catalyst Digital Building Series Switches 8U. Cisco Bug IDs: CSCvd89541.
CVE-2017-18027 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-20007 1 Yeelight 2 Smart Ai Speaker, Smart Ai Speaker Firmware 2019-10-03 7.2 HIGH 6.8 MEDIUM
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user information.
CVE-2017-18008 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
CVE-2018-20095 1 Axiosys 1 Bento4 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls.
CVE-2018-20096 1 Exiv2 1 Exiv2 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVE-2018-20098 1 Exiv2 1 Exiv2 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVE-2018-20099 1 Exiv2 1 Exiv2 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.