Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7550 1 Linux 1 Linux Kernel 2017-11-04 4.9 MEDIUM 5.5 MEDIUM
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.
CVE-2016-9273 1 Libtiff 1 Libtiff 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
CVE-2016-2316 2 Digium, Fedoraproject 3 Asterisk, Certified Asterisk, Fedora 2017-11-04 7.1 HIGH 5.9 MEDIUM
chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values.
CVE-2015-8552 4 Canonical, Debian, Novell and 1 more 5 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Debuginfo and 2 more 2017-11-04 1.7 LOW 4.4 MEDIUM
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."
CVE-2015-8272 1 Rtmpdump Project 1 Rtmpdump 2017-11-04 4.3 MEDIUM 6.5 MEDIUM
RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).
CVE-2016-6634 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-2232 1 Digium 2 Asterisk, Certified Asterisk 2017-11-04 4.0 MEDIUM 6.5 MEDIUM
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a zero length error correcting redundancy packet for a UDPTL FAX packet that is lost.
CVE-2016-8882 1 Jasper Project 1 Jasper 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2016-1564 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php.
CVE-2014-0146 1 Qemu 1 Qemu 2017-11-04 1.9 LOW 5.5 MEDIUM
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.
CVE-2016-8674 1 Artifex 1 Mupdf 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.
CVE-2016-9822 1 Libav 1 Libav 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2016-9821 1 Libav 1 Libav 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2016-7168 1 Wordpress 1 Wordpress 2017-11-04 3.5 LOW 4.8 MEDIUM
Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.
CVE-2014-0142 1 Qemu 1 Qemu 2017-11-04 2.1 LOW 5.5 MEDIUM
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.
CVE-2016-10024 2 Citrix, Xen 2 Xenserver, Xen 2017-11-04 4.9 MEDIUM 6.0 MEDIUM
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
CVE-2016-6911 1 Libgd 1 Libgd 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
CVE-2017-5980 1 Zziplib Project 1 Zziplib 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
CVE-2017-6837 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
CVE-2017-5951 1 Artifex 1 Ghostscript 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
CVE-2017-6838 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-5488 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.
CVE-2017-8295 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 5.9 MEDIUM
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.
CVE-2017-8310 1 Videolan 1 Vlc Media Player 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.
CVE-2017-8313 1 Videolan 1 Vlc Media Player 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.
CVE-2017-9605 1 Linux 1 Linux Kernel 2017-11-04 4.9 MEDIUM 5.5 MEDIUM
The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DMA buffer to be used as a backup buffer, the backup_handle variable does not get written to and is then later returned to user space, allowing local users to obtain sensitive information from uninitialized kernel memory via a crafted ioctl call.
CVE-2017-5896 1 Artifex 1 Mupdf 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
CVE-2017-7346 1 Linux 1 Linux Kernel 2017-11-04 4.9 MEDIUM 5.5 MEDIUM
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.
CVE-2017-6835 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
CVE-2017-6833 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
CVE-2017-6830 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-5490 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php.
CVE-2017-5979 1 Zziplib Project 1 Zziplib 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
CVE-2017-5978 1 Zziplib Project 1 Zziplib 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file.
CVE-2017-5508 1 Imagemagick 1 Imagemagick 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-6839 1 Audiofile 1 Audiofile 2017-11-04 4.3 MEDIUM 5.5 MEDIUM
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVE-2017-14313 1 Shibboleth Project 1 Shibboleth 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg().
CVE-2017-6353 1 Linux 1 Linux Kernel 2017-11-04 4.9 MEDIUM 5.5 MEDIUM
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.
CVE-2017-7234 1 Djangoproject 1 Django 2017-11-04 5.8 MEDIUM 6.1 MEDIUM
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
CVE-2017-15596 1 Xen 1 Xen 2017-11-04 4.9 MEDIUM 6.0 MEDIUM
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
CVE-2017-7606 1 Imagemagick 1 Imagemagick 2017-11-04 4.3 MEDIUM 6.5 MEDIUM
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2015-5714 1 Wordpress 1 Wordpress 2017-11-04 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
CVE-2015-5715 1 Wordpress 1 Wordpress 2017-11-04 4.0 MEDIUM 4.3 MEDIUM
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors.
CVE-2017-8016 1 Emc 1 Archer Grc Platform 2017-11-03 3.5 LOW 5.4 MEDIUM
RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application.
CVE-2017-8017 1 Emc 1 Smarts Network Configuration Manager 2017-11-03 4.3 MEDIUM 6.1 MEDIUM
EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system.
CVE-2017-10862 1 Really 1 Jwt-scala 2017-11-03 5.0 MEDIUM 5.3 MEDIUM
jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token.
CVE-2015-6358 1 Cisco 48 Pvc2300, Pvc2300 Firmware, Rtp300 and 45 more 2017-11-03 4.3 MEDIUM 5.9 MEDIUM
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
CVE-2017-12849 1 Silverstripe 1 Silverstripe 2017-11-03 5.0 MEDIUM 5.3 MEDIUM
Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks.
CVE-2016-6815 1 Apache 1 Ranger 2017-11-03 4.0 MEDIUM 6.5 MEDIUM
In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role.
CVE-2017-14971 1 Infocuscorp 1 Infocus Mondopad 2017-11-02 4.3 MEDIUM 5.5 MEDIUM
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel spreadsheet, and the attacker-controller server receives the victim's NetNTLMv2 hash.