Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17847 | 2 Debian, Enigmail | 2 Debian Linux, Enigmail | 2018-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachment that is a signed e-mail message in message/rfc822 format. | |||||
| CVE-2017-2816 | 1 Libofx Project | 1 Libofx | 2018-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability. | |||||
| CVE-2018-6538 | 2018-02-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2017-15717 | 1 Apache | 2 Sling Xss Protection Api, Sling Xss Protection Api Compat | 2018-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0. | |||||
| CVE-2017-17662 | 1 Yawcam | 1 Yawcam | 2018-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the second pattern) of either \ or ..\ -- for example a '.\./', '....\/' or '...\./' sequence. For files with no extension, a single dot needs to be appended to ensure the HTTP server does not alter the request, e.g., a "GET /.\./.\./.\./.\./.\./.\./.\./windows/system32/drivers/etc/hosts." request. | |||||
| CVE-2018-5371 | 1 D-link | 4 Dsl-2540u, Dsl-2540u Firmware, Dsl-2640u and 1 more | 2018-02-02 | 9.0 HIGH | 8.8 HIGH |
| diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request. | |||||
| CVE-2017-2158 | 1 Lhaplus Project | 1 Lhaplus | 2018-02-02 | 4.3 MEDIUM | 3.3 LOW |
| Improper verification when expanding ZIP64 archives in Lhaplus versions 1.73 and earlier may lead to unintended contents to be extracted from a specially crafted ZIP64 archive. | |||||
| CVE-2018-5301 | 1 Magento | 1 Magento | 2018-02-02 | 5.8 MEDIUM | 6.5 MEDIUM |
| Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433. | |||||
| CVE-2014-10069 | 1 Hitrontech | 2 Cve-30360, Cve-30360 Firmware | 2018-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the um_auth_account_password field. | |||||
| CVE-2017-13214 | 1 Google | 1 Android | 2018-02-02 | 7.8 HIGH | 7.5 HIGH |
| In the hardware HEVC decoder, some media files could cause a page fault. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38495900. | |||||
| CVE-2014-5509 | 1 Clipboard Project | 1 Clipboard | 2018-02-02 | 3.6 LOW | 5.5 MEDIUM |
| clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$. | |||||
| CVE-2017-13180 | 1 Google | 1 Android | 2018-02-02 | 7.2 HIGH | 7.8 HIGH |
| In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-66969349. | |||||
| CVE-2017-13181 | 1 Google | 1 Android | 2018-02-02 | 7.2 HIGH | 7.8 HIGH |
| In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67864232. | |||||
| CVE-2017-13182 | 1 Google | 1 Android | 2018-02-02 | 7.2 HIGH | 7.8 HIGH |
| In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-67737022. | |||||
| CVE-2017-13183 | 1 Google | 1 Android | 2018-02-02 | 6.2 MEDIUM | 7.0 HIGH |
| In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.1. Android ID: A-38118127. | |||||
| CVE-2016-10707 | 1 Jquery | 1 Jquery | 2018-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit. | |||||
| CVE-2017-12097 | 1 Delayed Job Web Project | 1 Delayed Job Web | 2018-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| An exploitable cross site scripting (XSS) vulnerability exists in the filter functionality of the delayed_job_web rails gem version 1.4. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish an authenticated user to trigger this vulnerability. | |||||
| CVE-2017-12098 | 1 Rails Admin Project | 1 Rails Admin | 2018-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish an authenticated user to trigger this vulnerability. | |||||
| CVE-2017-17946 | 1 Novosoft | 1 Handy Password | 2018-02-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action. | |||||
| CVE-2017-13184 | 1 Google | 1 Android | 2018-02-02 | 7.2 HIGH | 7.8 HIGH |
| In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-65483324. | |||||
| CVE-2017-13206 | 1 Google | 1 Android | 2018-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android media framework (aacdec). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65025048. | |||||
| CVE-2018-5687 | 1 Newsbee Project | 1 Newsbee | 2018-02-02 | 3.5 LOW | 4.8 MEDIUM |
| NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php. | |||||
| CVE-2018-5715 | 1 Sugarcrm | 1 Sugarcrm | 2018-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable). | |||||
| CVE-2018-5258 | 1 Banconeon | 1 Neon | 2018-02-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2018-5684 | 1 Libav | 1 Libav | 2018-02-02 | 6.8 MEDIUM | 8.8 HIGH |
| In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file. | |||||
| CVE-2017-11072 | 1 Google | 1 Android | 2018-02-02 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs. | |||||
| CVE-2017-9796 | 1 Apache | 1 Geode | 2018-02-02 | 3.5 LOW | 5.3 MEDIUM |
| When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions. | |||||
| CVE-2018-5071 | 1 Cobham | 2 Sea Tel 116, Sea Tel 116 Firmware | 2018-02-02 | 3.5 LOW | 5.4 MEDIUM |
| Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross Protocol Injection with SNMP. | |||||
| CVE-2017-5699 | 1 Intel | 2 Minnowboard 3, Minnowboard 3 Firmware | 2018-02-02 | 2.1 LOW | 5.5 MEDIUM |
| Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs. | |||||
| CVE-2018-5195 | 1 Hancom | 1 Thinkfree Office Neo | 2018-02-02 | 7.5 HIGH | 9.8 CRITICAL |
| Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document. | |||||
| CVE-2017-16865 | 1 Atlassian | 1 Jira | 2018-02-02 | 3.5 LOW | 5.3 MEDIUM |
| The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF). When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information. | |||||
| CVE-2018-5728 | 1 Cobham | 2 Seatel 121, Seatel 121 Firmware | 2018-02-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. | |||||
| CVE-2017-13179 | 1 Google | 1 Android | 2018-02-02 | 10.0 HIGH | 9.8 CRITICAL |
| In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing ps_create_op->s_ivd_create_op_t.pv_handle. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-66969193. | |||||
| CVE-2017-16887 | 1 Fiberhome | 2 Lm53q1, Lm53q1 Firmware | 2018-02-02 | 5.0 MEDIUM | 9.8 CRITICAL |
| The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password. | |||||
| CVE-2017-16886 | 1 Fiberhome | 2 Lm53q1, Lm53q1 Firmware | 2018-02-02 | 6.8 MEDIUM | 8.8 HIGH |
| The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal. | |||||
| CVE-2015-1290 | 3 Google, Opensuse, Qt | 3 Chrome, Leap, Qt | 2018-02-02 | 9.3 HIGH | 8.8 HIGH |
| The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. | |||||
| CVE-2016-5063 | 1 Bmc | 1 Server Automation | 2018-02-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors. | |||||
| CVE-2017-1192 | 1 Ibm | 1 Sterling B2b Integrator | 2018-02-02 | 6.4 MEDIUM | 8.2 HIGH |
| IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663. | |||||
| CVE-2017-16716 | 1 Advantech | 1 Webaccess | 2018-02-02 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands. | |||||
| CVE-2017-13197 | 1 Google | 1 Android | 2018-02-01 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64784973. | |||||
| CVE-2017-13198 | 1 Google | 1 Android | 2018-02-01 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399117. | |||||
| CVE-2017-7327 | 1 Yandex | 1 Yandex Browser | 2018-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll. | |||||
| CVE-2017-7326 | 1 Yandex | 1 Yandex Browser | 2018-02-01 | 5.1 MEDIUM | 7.5 HIGH |
| Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page | |||||
| CVE-2015-3888 | 1 Jolla | 1 Sailfish Os | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL. | |||||
| CVE-2018-0785 | 1 Microsoft | 1 Asp.net Core | 2018-02-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability". | |||||
| CVE-2017-1478 | 1 Ibm | 2 Security Access Manager, Security Access Manager 9.0 Firmware | 2018-02-01 | 2.1 LOW | 3.3 LOW |
| IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613. | |||||
| CVE-2017-13178 | 1 Google | 1 Android | 2018-02-01 | 10.0 HIGH | 9.8 CRITICAL |
| In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-66969281. | |||||
| CVE-2017-13177 | 1 Google | 1 Android | 2018-02-01 | 10.0 HIGH | 9.8 CRITICAL |
| In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68320413. | |||||
| CVE-2017-0869 | 1 Google | 1 Android | 2018-02-01 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References: N-CVE-2017-0869. | |||||
| CVE-2017-0846 | 1 Google | 1 Android | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810. | |||||