Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2273 | 1 Buffalo | 4 Wmr-433, Wmr-433 Firmware, Wmr-433w and 1 more | 2017-08-10 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2017-11593 | 1 Ooso | 1 Markdown Preview Plus | 2017-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus extension before 0.5.7 for Chrome allows remote attackers to inject arbitrary web script or HTML into some web applications via the upload and display of crafted text, markdown, or rst files that are designed to be viewed in the browser as plain text, but that will be converted to HTML without proper sanitization. | |||||
| CVE-2017-9457 | 1 Compulab | 2 Intense Pc, Intense Pc Firmware | 2017-08-10 | 7.2 HIGH | 6.7 MEDIUM |
| Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS. | |||||
| CVE-2017-10711 | 1 Simplerisk | 1 Simplerisk | 2017-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send Password Reset Email form) can insert XSS sequences via the user parameter. | |||||
| CVE-2017-8006 | 1 Emc | 1 Rsa Authentication Manager | 2017-08-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN. The malicious user could potentially reset the compromised PIN to affect victim's ability to obtain access to protected resources. | |||||
| CVE-2017-12131 | 1 Goldplugins | 1 Easy Testimonials | 2017-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens. | |||||
| CVE-2017-12068 | 1 Event List Project | 1 Event List | 2017-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action. | |||||
| CVE-2015-7887 | 1 Netapp | 1 Snapcenter Server | 2017-08-10 | 6.5 MEDIUM | 8.1 HIGH |
| NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups. | |||||
| CVE-2015-1332 | 2 Canonical, Oxide Project | 2 Ubuntu Linux, Oxide | 2017-08-10 | 6.8 MEDIUM | 8.8 HIGH |
| The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website. | |||||
| CVE-2017-6769 | 1 Cisco | 1 Secure Access Control System | 2017-08-10 | 3.5 LOW | 5.4 MEDIUM |
| A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. More Information: CSCve70587. Known Affected Releases: 5.8(0.8) 5.8(1.5). | |||||
| CVE-2015-4463 | 1 Efrontlearning | 1 Efront | 2017-08-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL. | |||||
| CVE-2015-2798 | 1 Web-dorado | 1 Contact Form Maker | 2017-08-10 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2015-4462 | 1 Efrontlearning | 1 Efront | 2017-08-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php. | |||||
| CVE-2015-6585 | 1 Hancom | 1 Hangul Word Processor | 2017-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag. | |||||
| CVE-2015-8013 | 1 Openpgpjs | 1 Openpgpjs | 2017-08-10 | 5.0 MEDIUM | 7.5 HIGH |
| s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote attackers to bypass authentication if message decryption is used as an authentication mechanism via a crafted symmetrically encrypted PGP message. | |||||
| CVE-2017-6612 | 1 Cisco | 1 Asr 5000 Series Software | 2017-08-10 | 5.0 MEDIUM | 8.6 HIGH |
| A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927. | |||||
| CVE-2017-11673 | 1 Acunetix | 1 Web Vulnerability Scanner | 2017-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess." | |||||
| CVE-2017-11674 | 1 Acunetix | 1 Web Vulnerability Scanner | 2017-08-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess." | |||||
| CVE-2015-3839 | 1 Google | 1 Android | 2017-08-09 | 2.1 LOW | 5.5 MEDIUM |
| The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | |||||
| CVE-2017-11629 | 1 Finecms | 1 Finecms | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the function parameter in a c=api&m=data2 request. | |||||
| CVE-2017-11718 | 1 Metinfo Project | 1 Metinfo | 2017-08-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. | |||||
| CVE-2017-11716 | 1 Metinfo Project | 1 Metinfo | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. | |||||
| CVE-2017-12419 | 3 Mantisbt, Mariadb, Mysql | 3 Mantisbt, Mariadb, Mysql | 2017-08-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server. | |||||
| CVE-2017-11715 | 1 Metinfo Project | 1 Metinfo | 2017-08-09 | 6.5 MEDIUM | 9.8 CRITICAL |
| job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .phtml file after certain actions involving admin/system/safe.php and job/cv.php. | |||||
| CVE-2017-11760 | 1 Projeqtor | 1 Projeqtor | 2017-08-09 | 6.5 MEDIUM | 8.8 HIGH |
| uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary PHP code by uploading a .php file composed of concatenated image data and script data, as demonstrated by uploading as an image within the description text area. | |||||
| CVE-2017-11742 | 2 Libexpat Project, Microsoft | 2 Libexpat, Windows | 2017-08-09 | 4.6 MEDIUM | 7.8 HIGH |
| The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking. | |||||
| CVE-2017-11748 | 1 Softonic | 1 Spider Player | 2017-08-09 | 6.8 MEDIUM | 7.8 HIGH |
| VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll, olepro32.dll, dsound.dll, or AUDIOSES.dll file. | |||||
| CVE-2015-3642 | 1 Citrix | 3 Netscaler Application Delivery Controller, Netscaler Firmware, Netscaler Gateway | 2017-08-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | |||||
| CVE-2017-12414 | 1 Pcfreetime | 1 Format Factory | 2017-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll. | |||||
| CVE-2017-12067 | 1 Potrace Project | 1 Potrace | 2017-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | |||||
| CVE-2017-9770 | 1 Razerzone | 1 Razer Synapse | 2017-08-09 | 2.1 LOW | 5.5 MEDIUM |
| A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length. | |||||
| CVE-2017-12645 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletId. | |||||
| CVE-2016-10404 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp. | |||||
| CVE-2017-12649 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display. | |||||
| CVE-2017-12646 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, password, or e-mail address. | |||||
| CVE-2017-12647 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title. | |||||
| CVE-2017-12648 | 1 Liferay | 1 Liferay Portal | 2017-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL. | |||||
| CVE-2017-9801 | 1 Apache | 1 Commons Email | 2017-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. | |||||
| CVE-2017-11725 | 1 Thycotic | 1 Secret Server | 2017-08-09 | 5.8 MEDIUM | 5.4 MEDIUM |
| The share function in Thycotic Secret Server before 10.2.000019 mishandles the Back Button, leading to unintended redirections. | |||||
| CVE-2016-4982 | 1 Teether | 1 Authd | 2017-08-09 | 1.9 LOW | 4.7 MEDIUM |
| authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | |||||
| CVE-2017-1331 | 1 Ibm | 1 Content Navigator | 2017-08-09 | 3.5 LOW | 5.4 MEDIUM |
| IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126233. | |||||
| CVE-2011-2730 | 1 Springsource | 1 Spring Framework | 2017-08-09 | 7.5 HIGH | N/A |
| VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection." | |||||
| CVE-2016-4431 | 1 Apache | 1 Struts | 2017-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method. | |||||
| CVE-2016-4433 | 1 Apache | 1 Struts | 2017-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request. | |||||
| CVE-2016-4436 | 1 Apache | 1 Struts | 2017-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up. | |||||
| CVE-2016-4465 | 1 Apache | 1 Struts | 2017-08-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field. | |||||
| CVE-2017-2281 | 1 Iodata | 2 Wn-ax1167gr, Wn-ax1167gr Firmware | 2017-08-08 | 8.3 HIGH | 8.8 HIGH |
| WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2017-2282 | 1 Iodata | 2 Wn-ax1167gr, Wn-ax1167gr Firmware | 2017-08-08 | 5.2 MEDIUM | 6.8 MEDIUM |
| Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2017-2280 | 1 Iodata | 2 Wn-ax1167gr, Wn-ax1167gr Firmware | 2017-08-08 | 8.3 HIGH | 8.8 HIGH |
| WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device. | |||||
| CVE-2017-11594 | 1 Loomio | 1 Loomio | 2017-08-08 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment. | |||||