Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12443 | 1 Minidjvu Project | 1 Minidjvu | 2017-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-12444 | 1 Minidjvu Project | 1 Minidjvu | 2017-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-12445 | 1 Minidjvu Project | 1 Minidjvu | 2017-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||||
| CVE-2017-12680 | 1 Nexusphp Project | 1 Nexusphp | 2017-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php. | |||||
| CVE-2017-8265 | 1 Google | 1 Android | 2017-08-22 | 5.1 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. | |||||
| CVE-2017-8266 | 1 Google | 1 Android | 2017-08-22 | 5.1 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | |||||
| CVE-2017-6771 | 1 Cisco | 1 Ultra Services Framework | 2017-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to a specific URL of an affected device. An exploit could allow the attacker to view sensitive configuration information about the deployment. Cisco Bug IDs: CSCvd29358. Known Affected Releases: 21.0.v0.65839. | |||||
| CVE-2017-6777 | 1 Cisco | 1 Elastic Services Controller | 2017-08-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging into the ConfD server and executing certain commands. An exploit could allow an unprivileged user to view configuration parameters that can be maliciously used. Cisco Bug IDs: CSCvd76409. Known Affected Releases: 2.3, 2.3(2). | |||||
| CVE-2017-6772 | 1 Cisco | 1 Elastic Services Controller | 2017-08-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files. Cisco Bug IDs: CSCvd29408. Known Affected Releases: 2.3(2). | |||||
| CVE-2017-12956 | 1 Exiv2 | 1 Exiv2 | 2017-08-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | |||||
| CVE-2017-8272 | 1 Google | 1 Android | 2017-08-22 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. | |||||
| CVE-2017-8270 | 1 Google | 1 Android | 2017-08-22 | 5.1 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. | |||||
| CVE-2017-10822 | 1 Enecho.meti | 1 Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program | 2017-08-22 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10823 | 1 Enecho.meti | 1 Shin Kinkyuji Houkoku Data Nyuryoku Program | 2017-08-22 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-12947 | 1 Easymodal Project | 1 Easy Modal | 2017-08-22 | 6.5 MEDIUM | 7.2 HIGH |
| classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators. | |||||
| CVE-2017-12946 | 1 Easymodal Project | 1 Easy Modal | 2017-08-22 | 6.5 MEDIUM | 7.2 HIGH |
| classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators. | |||||
| CVE-2017-12948 | 1 Pressforward | 1 Pressforward | 2017-08-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF. | |||||
| CVE-2017-12955 | 1 Exiv2 | 1 Exiv2 | 2017-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact. | |||||
| CVE-2017-8267 | 1 Google | 1 Android | 2017-08-22 | 7.6 HIGH | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. | |||||
| CVE-2017-2289 | 1 Kddi | 2 Qua Station, Qua Station Firmware | 2017-08-22 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2228 | 1 Enecho.meti | 1 Teikihoukokusho Sakuseishien Tool | 2017-08-22 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-7364 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition. | |||||
| CVE-2016-5872 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated. | |||||
| CVE-2017-9684 | 1 Google | 1 Android | 2017-08-22 | 7.6 HIGH | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. | |||||
| CVE-2017-10923 | 1 Xen | 1 Xen | 2017-08-22 | 5.0 MEDIUM | 6.5 MEDIUM |
| Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. | |||||
| CVE-2017-11544 | 2017-08-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users should reference CVE-2017-11543 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-11545 | 2017-08-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users should reference CVE-2017-11543 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-6196 | 1 Artifex | 1 Afpl Ghostscript | 2017-08-22 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document. | |||||
| CVE-2017-9857 | 1 Sma | 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more | 2017-08-22 | 4.3 MEDIUM | 8.1 HIGH |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet injection, and replay attacks. Any setting change, authentication packet, scouting packet, etc. can be replayed, injected, or used for a man in the middle session. All functionalities available in Sunny Explorer can effectively be done from anywhere within the network as long as an attacker gets the packet setup correctly. This includes the authentication process for all (including hidden) access levels and the changing of settings in accordance with the gained access rights. Furthermore, because the SMAdata2+ communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-9858 | 1 Sma | 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more | 2017-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observing the response, active and inactive user accounts can be determined. This aids in further attacks (such as a brute force attack) as one now knows exactly which users exist and which do not. NOTE: the vendor's position is that this "is not a security gap per se." Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-9861 | 1 Sma | 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more | 2017-08-22 | 9.0 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, and man in the middle attacks. An attacker is able to successfully use SIP to communicate with the device from anywhere within the LAN. An attacker may use this to crash the device, stop it from communicating with the SMA servers, exploit known SIP vulnerabilities, or find sensitive information from the SIP communications. Furthermore, because the SIP communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. For example, passwords can be extracted. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-9862 | 1 Sma | 1 Sunny Explorer | 2017-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking. An attacker may use this for information disclosure, or to write a file to normally unavailable locations on the local system. NOTE: the vendor reports that "the information contained in the debug report is of marginal significance." Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-9863 | 1 Sma | 79 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 76 more | 2017-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user password). All Sunny Explorer settings available to the authenticated user are also available to the attacker. (In some cases, this also includes changing settings that the user has no access to.) This may result in complete compromise of the device. NOTE: the vendor reports that exploitation is unlikely because Sunny Explorer is used only rarely. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-9682 | 1 Google | 1 Android | 2017-08-22 | 2.6 LOW | 4.7 MEDIUM |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition. | |||||
| CVE-2017-9680 | 1 Google | 1 Android | 2017-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message. | |||||
| CVE-2017-9678 | 1 Google | 1 Android | 2017-08-22 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | |||||
| CVE-2017-9679 | 1 Google | 1 Android | 2017-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. | |||||
| CVE-2014-9977 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM. | |||||
| CVE-2014-9978 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service. | |||||
| CVE-2014-9979 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory. | |||||
| CVE-2014-9980 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory. | |||||
| CVE-2014-9974 | 1 Google | 1 Android | 2017-08-22 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster. | |||||
| CVE-2017-11662 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2017-11663 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2015-0575 | 1 Google | 1 Android | 2017-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration. | |||||
| CVE-2017-11661 | 1 Mindwerks | 1 Wildmidi | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | |||||
| CVE-2015-1820 | 1 Rest-client Project | 1 Rest-client | 2017-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect. | |||||
| CVE-2015-6941 | 1 Saltstack | 1 Salt 2015 | 2017-08-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs. | |||||
| CVE-2017-12963 | 1 Libsass | 1 Libsass | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24). | |||||
| CVE-2015-2674 | 1 Restkit | 1 Restkit | 2017-08-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument. | |||||