Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0489 | 1 Visohotlink | 1 Visohotlink | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2007-0495 | 1 Phpsherpa | 1 Phpsherpa | 2017-10-19 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | |||||
| CVE-2007-0496 | 1 Neon Labs | 1 Neon Labs Website | 2017-10-19 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the g_strRootDir parameter. | |||||
| CVE-2007-0498 | 1 Sky Gunning | 1 Myspeach | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in up.php in MySpeach 2.1 beta and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the my[root] parameter. | |||||
| CVE-2013-6355 | 2017-10-18 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6355. Reason: This candidate is a duplicate of CVE-2014-6355. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-6355 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-14757 | 1 Opentext | 1 Document Sciences Xpression | 2017-10-18 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-14758 | 1 Opentext | 1 Document Sciences Xpression | 2017-10-18 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-15193 | 1 Wireshark | 1 Wireshark | 2017-10-17 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. | |||||
| CVE-2017-15035 | 1 Emtec | 1 Pyrobatchftp | 2017-10-17 | 5.0 MEDIUM | 7.5 HIGH |
| EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). | |||||
| CVE-2017-1000091 | 1 Jenkins | 1 Github Branch Source | 2017-10-17 | 6.8 MEDIUM | 6.3 MEDIUM |
| GitHub Branch Source Plugin connects to a user-specified GitHub API URL (e.g. GitHub Enterprise) as part of form validation and completion (e.g. to verify Scan Credentials are correct). This functionality improperly checked permissions, allowing any user with Overall/Read access to Jenkins to connect to any web server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery. | |||||
| CVE-2017-1000092 | 1 Jenkins | 1 Git | 2017-10-17 | 2.6 LOW | 7.5 HIGH |
| Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server. | |||||
| CVE-2017-1000114 | 1 Jenkins | 1 Datadog | 2017-10-17 | 4.3 MEDIUM | 3.1 LOW |
| The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser extensions or cross-site scripting vulnerabilities. The Datadog Plugin now encrypts the API key transmitted to administrators viewing the global configuration form. | |||||
| CVE-2017-8018 | 2 Emc, Microsoft | 2 Appsync, Windows | 2017-10-17 | 5.0 MEDIUM | 7.5 HIGH |
| EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2014-2903 | 1 Wolfssl | 1 Wolfssl | 2017-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake. | |||||
| CVE-2015-6971 | 1 Lenovo | 1 System Update | 2017-10-17 | 7.2 HIGH | 7.8 HIGH |
| Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables. | |||||
| CVE-2015-3321 | 1 Lenovo | 1 Fingerprint Manager | 2017-10-17 | 7.2 HIGH | 6.7 MEDIUM |
| Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations. | |||||
| CVE-2017-1000093 | 1 Jenkins | 1 Poll Scm | 2017-10-17 | 6.8 MEDIUM | 8.8 HIGH |
| Poll SCM Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. This allowed attackers to initiate polling of projects with a known name. While Jenkins in general does not consider polling to be a protection-worthy action as it's similar to cache invalidation, the plugin specifically adds a permission to be able to use this functionality, and this issue undermines that permission. | |||||
| CVE-2017-1000094 | 1 Jenkins | 1 Docker Commons | 2017-10-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability. | |||||
| CVE-2017-11394 | 1 Trendmicro | 1 Officescan | 2017-10-14 | 10.0 HIGH | 9.8 CRITICAL |
| Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544. | |||||
| CVE-2017-13068 | 1 Qnap | 1 Qts Helpdesk | 2017-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. | |||||
| CVE-2015-2297 | 1 Libcsoap Project | 1 Libcsoap | 2017-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header. | |||||
| CVE-2017-15037 | 1 Freebsd | 1 Freebsd | 2017-10-13 | 6.8 MEDIUM | 8.1 HIGH |
| In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. | |||||
| CVE-2017-15084 | 1 Rapid7 | 1 Metasploit | 2017-10-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22. | |||||
| CVE-2016-1315 | 1 Cisco | 1 Email Security Appliance Firmeware | 2017-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID CSCux45338. | |||||
| CVE-2014-0047 | 1 Docker | 1 Docker | 2017-10-13 | 4.6 MEDIUM | 7.8 HIGH |
| Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | |||||
| CVE-2015-7980 | 1 Compass Rose Project | 1 Compass Rose | 2017-10-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Compass Rose module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "embedding a JavaScript library from an external source that was not reliable." | |||||
| CVE-2017-1000118 | 1 Akka | 1 Http Server | 2017-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| Akka HTTP versions <= 10.0.5 Illegal Media Range in Accept Header Causes StackOverflowError Leading to Denial of Service | |||||
| CVE-2017-14088 | 1 Trendmicro | 2 Officescan, Officescan Xg | 2017-10-13 | 6.9 MEDIUM | 7.0 HIGH |
| Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability. | |||||
| CVE-2017-15079 | 1 Wpmudev | 1 Smush Image Compression And Optimization | 2017-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal. | |||||
| CVE-2017-12792 | 1 Nexusphp Project | 1 Nexusphp | 2017-10-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php. | |||||
| CVE-2017-12106 | 1 Pl32 | 1 Photoline | 2017-10-13 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. A specially crafted .TGA file can cause an out of bounds write resulting in potential code execution. An attacker can send a specific .TGA file to trigger this vulnerability. | |||||
| CVE-2014-8492 | 1 Cozmoslabs | 1 Profile Builder | 2017-10-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile Builder plugin before 2.0.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) site_name, (2) message, or (3) site_url parameter. | |||||
| CVE-2017-1000120 | 1 Frappe | 1 Frappe | 2017-10-13 | 6.5 MEDIUM | 8.8 HIGH |
| [ERPNext][Frappe Version <= 7.1.27] SQL injection vulnerability in frappe.share.get_users allows remote authenticated users to execute arbitrary SQL commands via the fields parameter. | |||||
| CVE-2017-1126 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2017-10-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341. | |||||
| CVE-2017-9807 | 1 Openwebif Project | 1 Openwebif | 2017-10-13 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. The saveConfig function of "plugin/controllers/models/config.py" performs an eval() call on the contents of the "key" HTTP GET parameter. This allows an unauthenticated remote attacker to execute arbitrary Python code or OS commands via api/saveconfig. | |||||
| CVE-2014-8957 | 1 Openkm | 1 Openkm | 2017-10-12 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter. | |||||
| CVE-2014-9017 | 1 Openkm | 1 Openkm | 2017-10-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 (build 23338) allows remote authenticated users to inject arbitrary web script or HTML via the Subject field in a Task to frontend/index.jsp. | |||||
| CVE-2014-7240 | 1 Formget | 1 Easy Contact Form Solution | 2017-10-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a master_response action to wp-admin/admin-ajax.php. | |||||
| CVE-2014-8758 | 1 Tech-banker | 1 Gallery Bank | 2017-10-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in the gallery_album_sorting page to wp-admin/admin.php. | |||||
| CVE-2015-2142 | 1 Phpbugtracker Project | 1 Phpbugtracker | 2017-10-12 | 6.0 MEDIUM | 8.0 HIGH |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to (1) hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, (2) hijack the authentication of users for requests that cause an unspecified impact via the group_id parameter to group.php, (3) hijack the authentication of users for requests that delete statuses via the status_id parameter to status.php, (4) hijack the authentication of users for requests that delete severities via the severity_id parameter to severity.php, (5) hijack the authentication of users for requests that cause an unspecified impact via the priority_id parameter to priority.php, (6) hijack the authentication of users for requests that delete the operating system via the os_id parameter to os.php, (7) hijack the authentication of users for requests that delete databases via the database_id parameter to database.php, or (8) hijack the authentication of users for requests that delete sites via the site_id parameter to sites.php. | |||||
| CVE-2017-15008 | 1 Paessler | 1 Prtg Network Monitor | 2017-10-12 | 3.5 LOW | 4.8 MEDIUM |
| PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element. | |||||
| CVE-2017-15009 | 1 Paessler | 1 Prtg Network Monitor | 2017-10-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter. | |||||
| CVE-2017-0825 | 1 Google | 1 Android | 2017-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002. | |||||
| CVE-2017-15019 | 1 Lame Project | 1 Lame | 2017-10-12 | 6.8 MEDIUM | 7.8 HIGH |
| LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call. | |||||
| CVE-2017-0815 | 1 Google | 1 Android | 2017-10-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567. | |||||
| CVE-2017-0816 | 1 Google | 1 Android | 2017-10-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938. | |||||
| CVE-2017-0817 | 1 Google | 1 Android | 2017-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. | |||||
| CVE-2017-0823 | 1 Google | 1 Android | 2017-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655. | |||||
| CVE-2017-0808 | 1 Google | 1 Android | 2017-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183. | |||||
| CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2017-10-12 | 2.1 LOW | N/A |
| setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | |||||