Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15311 | 1 Huawei | 8 Mate 10, Mate 10 Firmware, Mate 10 Pro and 5 more | 2018-01-09 | 5.8 MEDIUM | 8.8 HIGH |
| The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module. | |||||
| CVE-2017-6167 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2018-01-09 | 8.5 HIGH | 7.5 HIGH |
| In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected. | |||||
| CVE-2017-17907 | 1 Car Rental Script Project | 1 Car Rental Script | 2018-01-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. | |||||
| CVE-2017-17906 | 1 Car Rental Script Project | 1 Car Rental Script | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. | |||||
| CVE-2017-1698 | 1 Ibm | 1 Websphere Portal | 2018-01-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390. | |||||
| CVE-2017-17896 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2018-01-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Readymade Job Site Script has XSS via the keyword parameter to the /job URI. | |||||
| CVE-2017-17895 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. | |||||
| CVE-2017-17899 | 1 Dolibarr | 1 Dolibarr | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter. | |||||
| CVE-2017-17900 | 1 Dolibarr | 1 Dolibarr | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter. | |||||
| CVE-2017-17898 | 1 Dolibarr | 1 Dolibarr | 2018-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2017-15322 | 1 Huawei | 2 Baggio-l03a, Baggio-l03a Firmware | 2018-01-09 | 3.3 LOW | 6.5 MEDIUM |
| Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash. | |||||
| CVE-2017-17857 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations. | |||||
| CVE-2017-17894 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2018-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| Readymade Job Site Script has CSRF via the /job URI. | |||||
| CVE-2017-17855 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars. | |||||
| CVE-2017-17856 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement. | |||||
| CVE-2017-17853 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations. | |||||
| CVE-2017-17854 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic. | |||||
| CVE-2017-17852 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-01-09 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops. | |||||
| CVE-2017-17897 | 1 Dolibarr | 1 Dolibarr | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2017-6164 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-01-09 | 6.8 MEDIUM | 8.1 HIGH |
| In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system. | |||||
| CVE-2017-6129 | 1 F5 | 1 Big-ip Access Policy Manager | 2018-01-09 | 7.8 HIGH | 7.5 HIGH |
| In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows can cause a VPN/PPP connflow to be prematurely freed or cause TMM to stop responding with a "flow not in use" assertion. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. | |||||
| CVE-2017-17994 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. | |||||
| CVE-2017-17995 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. | |||||
| CVE-2017-17993 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. | |||||
| CVE-2017-17991 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. | |||||
| CVE-2017-17990 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. | |||||
| CVE-2017-17989 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 3.5 LOW | 5.4 MEDIUM |
| Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. | |||||
| CVE-2017-17992 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2018-01-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. | |||||
| CVE-2011-4858 | 1 Apache | 1 Tomcat | 2018-01-09 | 5.0 MEDIUM | N/A |
| Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | |||||
| CVE-2011-4885 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | |||||
| CVE-2012-0781 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153. | |||||
| CVE-2012-0788 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. | |||||
| CVE-2012-0789 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. | |||||
| CVE-2012-0830 | 1 Php | 1 Php | 2018-01-09 | 7.5 HIGH | N/A |
| The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885. | |||||
| CVE-2013-2141 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 2.1 LOW | N/A |
| The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. | |||||
| CVE-2013-2147 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise Server | 2018-01-09 | 2.1 LOW | N/A |
| The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. | |||||
| CVE-2013-2186 | 2 Redhat, Ubuntu | 5 Jboss Enterprise Brms Platform, Jboss Enterprise Portal Platform, Jboss Enterprise Web Server and 2 more | 2018-01-09 | 7.5 HIGH | N/A |
| The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance. | |||||
| CVE-2013-2206 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 5.4 MEDIUM | N/A |
| The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. | |||||
| CVE-2013-2221 | 1 Wernerd | 1 Zrtpcpp | 2018-01-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet. | |||||
| CVE-2013-2222 | 1 Wernerd | 1 Zrtpcpp | 2018-01-09 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ZRTP Hello packet to the (1) ZRtp::findBestSASType, (2) ZRtp::findBestAuthLen, (3) ZRtp::findBestCipher, (4) ZRtp::findBestHash, or (5) ZRtp::findBestPubKey functions. | |||||
| CVE-2013-2223 | 1 Wernerd | 1 Zrtpcpp | 2018-01-09 | 5.8 MEDIUM | N/A |
| GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function. | |||||
| CVE-2013-2889 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. | |||||
| CVE-2013-2893 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 4.7 MEDIUM | N/A |
| The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c. | |||||
| CVE-2013-2897 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 4.7 MEDIUM | N/A |
| Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device. | |||||
| CVE-2013-4164 | 1 Ruby-lang | 1 Ruby | 2018-01-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse. | |||||
| CVE-2013-4470 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 6.9 MEDIUM | N/A |
| The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. | |||||
| CVE-2013-5607 | 1 Mozilla | 4 Firefox, Firefox Esr, Netscape Portable Runtime and 1 more | 2018-01-09 | 7.5 HIGH | N/A |
| Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | |||||
| CVE-2013-6367 | 1 Linux | 1 Linux Kernel | 2018-01-09 | 5.7 MEDIUM | N/A |
| The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. | |||||
| CVE-2017-11552 | 1 Underbit | 1 Mad Libmad | 2018-01-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file. | |||||
| CVE-2017-12456 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | |||||