Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13127 | 3 Apple, Google, Vip | 3 Iphone Os, Android, Vip | 2017-11-08 | 6.8 MEDIUM | 8.1 HIGH |
| The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack. | |||||
| CVE-2017-10933 | 1 Zte | 2 Zxdt22 Sf01, Zxdt22 Sf01 Firmware | 2017-11-08 | 5.0 MEDIUM | 7.5 HIGH |
| All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. | |||||
| CVE-2015-3400 | 1 Zfsonlinux | 1 Zfs | 2017-11-08 | 3.5 LOW | 4.3 MEDIUM |
| sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the zfs repository, provides world readable access to the shared zfs file system, which might allow remote authenticated users to obtain sensitive information by reading shared files. | |||||
| CVE-2016-6655 | 1 Cloudfoundry | 2 Cf-mysql-release, Cf-release | 2017-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry. | |||||
| CVE-2016-6392 | 1 Cisco | 2 Ios, Ios Xe | 2017-11-08 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767. | |||||
| CVE-2016-8218 | 1 Cloudfoundry | 2 Cf-release, Routing-release | 2017-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to the routing API, aka an "Unauthenticated JWT signing algorithm in routing" issue. | |||||
| CVE-2013-5680 | 1 Lee Howard | 1 Hylafax\+ | 2017-11-08 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command. | |||||
| CVE-2014-0379 | 1 Oracle | 2 Supply Chain Products Suite, Supply Chain Products Suite Sql-server | 2017-11-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect integrity via unknown vectors related to DM Others. | |||||
| CVE-2014-9095 | 1 Raritan | 1 Power Iq | 2017-11-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records. | |||||
| CVE-2015-1572 | 3 Canonical, Debian, E2fsprogs Project | 3 Ubuntu Linux, Debian Linux, E2fsprogs | 2017-11-08 | 4.6 MEDIUM | N/A |
| Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247. | |||||
| CVE-2015-2754 | 2 Debian, Gaia-gis | 2 Debian Linux, Freexl | 2017-11-08 | 6.8 MEDIUM | N/A |
| FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF." | |||||
| CVE-2015-3113 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-11-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. | |||||
| CVE-2015-4171 | 3 Canonical, Debian, Strongswan | 4 Ubuntu Linux, Debian Linux, Strongswan and 1 more | 2017-11-08 | 2.6 LOW | N/A |
| strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | |||||
| CVE-2015-4342 | 2 Cacti, Fedoraproject | 2 Cacti, Fedora | 2017-11-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id. | |||||
| CVE-2017-1000249 | 1 File Project | 1 File | 2017-11-08 | 2.1 LOW | 5.5 MEDIUM |
| An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017). | |||||
| CVE-2017-11721 | 1 Ioquake3 | 1 Ioquake3 | 2017-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet. | |||||
| CVE-2017-14032 | 1 Arm | 1 Mbed Tls | 2017-11-08 | 6.8 MEDIUM | 8.1 HIGH |
| ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. | |||||
| CVE-2017-6050 | 1 Ecava | 1 Integraxor | 2017-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries. | |||||
| CVE-2017-15648 | 1 Phpsugar | 1 Php Melody | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter. | |||||
| CVE-2015-5227 | 1 Inboundnow | 1 Wordpress Landing Pages | 2017-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter. | |||||
| CVE-2017-15612 | 1 Mistune Project | 1 Mistune | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions. | |||||
| CVE-2017-15644 | 1 Webmin | 1 Webmin | 2017-11-07 | 5.0 MEDIUM | 8.6 HIGH |
| SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000. | |||||
| CVE-2017-15645 | 1 Webmin | 1 Webmin | 2017-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF exists in Webmin 1.850. By sending a GET request to at/create_job.cgi containing dir=/&cmd= in the URI, an attacker to execute arbitrary commands. | |||||
| CVE-2017-2133 | 1 Panasonic | 2 Kx-hjb1000, Kx-hjb1000 Firmware | 2017-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2017-15291 | 1 Tp-link | 2 Tl-mr3220, Tl-mr3220 Firmware | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field. | |||||
| CVE-2010-3659 | 1 Typo3 | 1 Typo3 | 2017-11-07 | 3.5 LOW | 5.4 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms. | |||||
| CVE-2015-2780 | 1 Berta | 1 Berta Cms | 2017-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | |||||
| CVE-2014-3702 | 1 Redhat | 1 Edeploy | 2017-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter. | |||||
| CVE-2014-0029 | 1 Redhat | 1 Subscription Asset Manager | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in the SAM web application in Red Hat katello-headpin allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2017-15362 | 1 Osticket | 1 Osticket | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. This affects a different tickets.php file than CVE-2015-1176. | |||||
| CVE-2017-15303 | 1 Cpuid | 1 Cpu-z | 2017-11-07 | 4.3 MEDIUM | 7.8 HIGH |
| In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41). | |||||
| CVE-2017-15304 | 1 Airtame | 2 Hdmi Dongle, Hdmi Dongle Firmware | 2017-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| /bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header. This can be used to achieve persistent access to the admin panel even after an admin password change. | |||||
| CVE-2017-15647 | 1 Fiberhome | 1 Routerfiberhome Firmware | 2017-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. | |||||
| CVE-2015-4421 | 1 Huawei | 2 Mate 7, Mate 7 Firmware | 2017-11-07 | 7.6 HIGH | 7.5 HIGH |
| The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified input. | |||||
| CVE-2017-5636 | 1 Apache | 1 Nifi | 2017-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node. | |||||
| CVE-2014-3709 | 1 Keycloak | 1 Keycloak | 2017-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection. | |||||
| CVE-2017-15369 | 1 Artifex | 1 Mupdf | 2017-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document. | |||||
| CVE-2017-8024 | 1 Emc | 1 Isilon Onefs | 2017-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2014-3706 | 1 Redhat | 1 Enterprise Mrg | 2017-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates. | |||||
| CVE-2014-7813 | 1 Redhat | 1 Cloudforms 3.0 Management Engine | 2017-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols. | |||||
| CVE-2014-3164 | 1 Google | 1 Android | 2017-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. | |||||
| CVE-2015-6668 | 1 Wp-jobmanager | 1 Job Manager | 2017-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference. | |||||
| CVE-2015-5177 | 2 Debian, Openslp | 2 Debian Linux, Openslp | 2017-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package. | |||||
| CVE-2015-7601 | 1 Pcman\'s Ftp Server Project | 1 Pcman\'s Ftp Server | 2017-11-07 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows remote attackers to read arbitrary files via a ..// (dot dot double slash) in a RETR command. | |||||
| CVE-2017-12671 | 1 Imagemagick | 1 Imagemagick | 2017-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service. | |||||
| CVE-2017-9771 | 1 Websitebaker | 1 Websitebaker | 2017-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| install\save.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username, database_host, or database_password parameter. | |||||
| CVE-2017-15383 | 1 Nero | 1 Nero | 2017-11-06 | 7.2 HIGH | 7.8 HIGH |
| Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory. | |||||
| CVE-2017-15375 | 1 Wpjobboard | 1 Wpjobboard | 2017-11-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the `query` and `id` parameters of the `wpjb-email`, `wpjb-job`, `wpjb-application`, and `wpjb-membership` modules. Remote attackers are able to inject malicious script code to hijack admin session credentials via the backend, or to manipulate the backend on client-side performed requests. The attack vector is non-persistent and the request method to inject is GET. The attacker does not need a privileged user account to perform a successful exploitation. | |||||
| CVE-2015-5376 | 1 Gsi-office | 1 Winpat Portal | 2017-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field. | |||||
| CVE-2014-8517 | 2 Apple, Netbsd | 2 Mac Os X, Netbsd | 2017-11-06 | 7.5 HIGH | N/A |
| The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect. | |||||