Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12449 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | |||||
| CVE-2017-12450 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | |||||
| CVE-2017-12451 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | |||||
| CVE-2017-12452 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | |||||
| CVE-2017-12453 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | |||||
| CVE-2017-11379 | 1 Trendmicro | 1 Deep Discovery Director | 2017-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1. | |||||
| CVE-2017-11119 | 1 Nosefart Project | 1 Nosefart | 2017-08-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a in Nosefart 2.9-mls allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted nsf file. | |||||
| CVE-2017-11114 | 1 Twibright | 1 Links | 2017-08-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. | |||||
| CVE-2015-3198 | 1 Redhat | 1 Jboss Wildfly Application Server | 2017-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL. | |||||
| CVE-2017-10708 | 1 Apport Project | 1 Apport | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file. | |||||
| CVE-2016-10399 | 1 Sendio | 1 Sendio | 2017-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted URL. | |||||
| CVE-2015-5059 | 1 Mantisbt | 1 Mantisbt | 2017-08-07 | 3.5 LOW | 5.3 MEDIUM |
| The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php. | |||||
| CVE-2017-11666 | 1 Kopano | 1 Webapp | 2017-08-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file. | |||||
| CVE-2017-12459 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | |||||
| CVE-2017-12458 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | |||||
| CVE-2017-12457 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | |||||
| CVE-2017-12454 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | |||||
| CVE-2017-12455 | 1 Gnu | 1 Binutils | 2017-08-07 | 6.8 MEDIUM | 7.8 HIGH |
| The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | |||||
| CVE-2015-1174 | 1 Unit4 | 1 Teta Web | 2017-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id. | |||||
| CVE-2016-8975 | 1 Ibm | 1 Rhapsody Design Manager | 2017-08-06 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118912. | |||||
| CVE-2017-11385 | 1 Trendmicro | 1 Control Manager | 2017-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545. | |||||
| CVE-2017-11386 | 1 Trendmicro | 1 Control Manager | 2017-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549. | |||||
| CVE-2017-11387 | 1 Trendmicro | 1 Control Manager | 2017-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. Formerly ZDI-CAN-4512. | |||||
| CVE-2017-11388 | 1 Trendmicro | 1 Control Manager | 2017-08-06 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638. | |||||
| CVE-2017-11389 | 1 Trendmicro | 1 Control Manager | 2017-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684. | |||||
| CVE-2017-11393 | 1 Trendmicro | 1 Officescan | 2017-08-06 | 10.0 HIGH | 9.8 CRITICAL |
| Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543. | |||||
| CVE-2017-1199 | 1 Ibm | 1 Infosphere Master Data Management Server | 2017-08-06 | 3.5 LOW | 5.4 MEDIUM |
| IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123674. | |||||
| CVE-2017-1327 | 1 Ibm | 1 Inotes | 2017-08-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062. | |||||
| CVE-2017-11392 | 1 Trendmicro | 1 Interscan Messaging Security Virtual Appliance | 2017-08-05 | 6.5 MEDIUM | 8.8 HIGH |
| Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745. | |||||
| CVE-2017-11691 | 1 Cacti | 1 Cacti | 2017-08-04 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers. | |||||
| CVE-2017-11675 | 1 Zen-cart | 1 Zen Cart | 2017-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index. | |||||
| CVE-2017-11723 | 1 Xinha | 1 Xinha | 2017-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in plugins/ImageManager/backend.php in Xinha 0.96, as used in Jojo 4.4.0, allows remote attackers to delete any folder via directory traversal sequences in the deld parameter. | |||||
| CVE-2017-11756 | 1 Earcms | 1 Ear Music | 2017-08-04 | 6.0 MEDIUM | 7.0 HIGH |
| In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to upload the code. | |||||
| CVE-2017-1000025 | 1 Gnome | 1 Epiphany | 2017-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites. | |||||
| CVE-2017-2278 | 3 Apple, Google, Iid | 3 Iphone Os, Android, Rbb Speed Test | 2017-08-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-10801 | 1 Phpsocial | 1 Phpsocial | 2017-08-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI. | |||||
| CVE-2017-11184 | 1 Glpi-project | 1 Glpi | 2017-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter. | |||||
| CVE-2015-1847 | 1 Appserver | 1 Appserver | 2017-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. (dot dot) in a crafted URL. | |||||
| CVE-2017-11645 | 1 Netcomm | 2 4gt101w Bootloader, 4gt101w Software | 2017-08-04 | 7.5 HIGH | 9.8 CRITICAL |
| NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html. | |||||
| CVE-2017-11646 | 1 Netcomm | 2 4gt101w Bootloader, 4gt101w Software | 2017-08-04 | 6.8 MEDIUM | 8.8 HIGH |
| NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device. | |||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2017-08-04 | 4.4 MEDIUM | 7.0 HIGH |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | |||||
| CVE-2017-11647 | 1 Netcomm | 2 4gt101w Bootloader, 4gt101w Software | 2017-08-04 | 3.5 LOW | 5.4 MEDIUM |
| NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation. | |||||
| CVE-2012-5030 | 1 Cisco | 1 Ios | 2017-08-04 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects. | |||||
| CVE-2017-11727 | 1 Connectwise | 1 Manage | 2017-08-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS. | |||||
| CVE-2017-11726 | 1 Connectwise | 1 Manage | 2017-08-04 | 6.8 MEDIUM | 8.8 HIGH |
| services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. | |||||
| CVE-2017-11648 | 1 Techroutes | 2 Tr 1803-3g, Tr 1803-3g Firmware | 2017-08-04 | 6.8 MEDIUM | 8.8 HIGH |
| Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering. | |||||
| CVE-2017-11364 | 1 Joomla | 1 Joomla\! | 2017-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | |||||
| CVE-2017-12138 | 1 Xoops | 1 Xoops | 2017-08-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter. | |||||
| CVE-2017-12139 | 1 Xoops | 1 Xoops | 2017-08-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing MIME type validation in htdocs/class/uploader.php. | |||||
| CVE-2017-1500 | 1 Ibm | 2 Mobilefirst Platform Foundation, Worklight | 2017-08-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Reflected Cross Site Scripting (XSS) vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get an HTTP 403 Forbidden response and the value will be reflected in the body of the HTTP response. By setting it to arbitrary JavaScript code it is possible to modify the flow of the authorization function, potentially leading to credential disclosure within a trusted session. | |||||