The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

 

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
appsec-labs -- appsec_labs AppUse 4.0 allows shell command injection via a proxy field. 2017-07-25 7.2 CVE-2017-11566
MISC(link is external)
buffalo -- wapm-1166d_firmware WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors. 2017-07-21 10.0 CVE-2017-2126
CONFIRM(link is external)
JVN(link is external)
finecms -- finecms dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php. 2017-07-23 7.5 CVE-2017-11582
MISC(link is external)
finecms -- finecms dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an action=related request to libraries/Template.php. 2017-07-23 7.5 CVE-2017-11583
MISC(link is external)
finecms -- finecms dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php. 2017-07-23 7.5 CVE-2017-11584
MISC(link is external)
finecms -- finecms dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection. 2017-07-23 7.5 CVE-2017-11585
MISC(link is external)
fortinet -- fortiwlm A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges. 2017-07-22 7.5 CVE-2017-7336
BID(link is external)
CONFIRM(link is external)
geutebrueck -- gcore Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. 2017-07-21 7.5 CVE-2017-11517
EXPLOIT-DB(link is external)
greenpacket -- dx-350_firmware Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account. 2017-07-21 7.5 CVE-2017-9932
MISC(link is external)
greenpacket -- dx-350_firmware In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter. 2017-07-21 7.5 CVE-2017-9980
MISC(link is external)
imagemagick -- imagemagick Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. 2017-07-25 7.8 CVE-2016-7539
CONFIRM
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. 2017-07-21 7.1 CVE-2017-11505
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered. 2017-07-22 7.1 CVE-2017-11523
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. 2017-07-22 7.1 CVE-2017-11525
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file. 2017-07-22 7.1 CVE-2017-11526
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. 2017-07-22 7.1 CVE-2017-11527
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. 2017-07-22 7.1 CVE-2017-11530
CONFIRM
CONFIRM(link is external)
inmarsat -- amosconnect_8 Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager. 2017-07-22 10.0 CVE-2017-3222
BID(link is external)
CERT-VN
libinfinity_project -- libinfinity libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors. 2017-07-21 7.5 CVE-2015-3886
MLIST
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
rootkit_hunter_project -- rkhunter rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution. 2017-07-21 7.5 CVE-2017-7480
MLIST
sony -- wg-c10_firmware WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. 2017-07-21 9.0 CVE-2017-2275
MISC(link is external)
JVN(link is external)
sony -- wg-c10_firmware Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. 2017-07-21 9.0 CVE-2017-2276
MISC(link is external)
JVN(link is external)
tcpdump -- tcpdump tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. 2017-07-22 7.5 CVE-2017-11541
BID(link is external)
MISC(link is external)
tcpdump -- tcpdump tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. 2017-07-22 7.5 CVE-2017-11542
BID(link is external)
MISC(link is external)
tcpdump -- tcpdump tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. 2017-07-22 7.5 CVE-2017-11543
BID(link is external)
MISC(link is external)
tilde_cms_project -- tilde_cms An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of the backtick character, a SELECT query in class.SystemAction.php is vulnerable to SQL Injection. The vulnerability can be triggered via a POST request to /actionphp/action.input.php with the id parameter. 2017-07-24 7.5 CVE-2017-11324
MISC

 

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
ansible -- ansible Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive where the information may not be sanitized properly. 2017-07-21 5.0 CVE-2017-7473
MISC(link is external)
atmail -- atmail Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes. 2017-07-25 4.3 CVE-2017-11617
MISC(link is external)
MISC(link is external)
atutor -- atutor Directory Traversal exists in ATutor before 2.2.2 via the icon parameter to /mods/_core/courses/users/create_course.php. The attacker can read an arbitrary file by visiting get_course_icon.php?id= after the traversal attack. 2017-07-22 5.0 CVE-2016-10400
MISC(link is external)
MISC(link is external)
buffalotech -- wmr-433w_firmware Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2017-07-21 4.3 CVE-2017-2274
CONFIRM(link is external)
JVN(link is external)
canonical -- ubuntu_linux The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to obtain sensitive information, or access files with root permissions. 2017-07-21 4.9 CVE-2015-1323
BID(link is external)
UBUNTU(link is external)
cisco -- prime_collaboration_provisioning A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc90312. Known Affected Releases: 12.1. 2017-07-25 4.3 CVE-2017-6755
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
contao -- contao_cms Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal. 2017-07-21 6.5 CVE-2017-10993
CONFIRM
cygwin -- cygwin Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string. 2017-07-21 5.0 CVE-2017-7523
MISC(link is external)
ektron -- ektron_content_management_system Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx. 2017-07-25 4.3 CVE-2016-6133
BUGTRAQ(link is external)
eshop_project -- eshop The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting (XSS) attacks, or a path disclosure attack via crafted variables named after target PHP variables. 2017-07-21 4.3 CVE-2015-3421
BID(link is external)
MISC(link is external)
exiv2 -- exiv2 There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service. 2017-07-22 5.0 CVE-2017-11553
MISC(link is external)
exiv2 -- exiv2 There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. 2017-07-23 5.0 CVE-2017-11591
MISC(link is external)
exiv2 -- exiv2 There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input. 2017-07-23 5.0 CVE-2017-11592
MISC(link is external)
fedoraproject -- fedora The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. 2017-07-21 5.0 CVE-2015-5194
CONFIRM
FEDORA
FEDORA
SUSE
SUSE
SUSE
REDHAT(link is external)
REDHAT(link is external)
DEBIAN
MLIST(link is external)
BID(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
fedoraproject -- fedora ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. 2017-07-21 5.0 CVE-2015-5195
FEDORA
FEDORA
FEDORA
REDHAT(link is external)
REDHAT(link is external)
DEBIAN
MLIST(link is external)
BID(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
fedoraproject -- fedora The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. 2017-07-21 5.0 CVE-2015-5219
CONFIRM(link is external)
CONFIRM
FEDORA
FEDORA
FEDORA
SUSE
SUSE
REDHAT(link is external)
REDHAT(link is external)
DEBIAN
MLIST(link is external)
BID(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
fedoraproject -- fedora Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. 2017-07-25 4.3 CVE-2015-5221
SUSE
SUSE
SUSE
MLIST(link is external)
REDHAT(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
FEDORA
FEDORA
FEDORA
finecms -- finecms dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php via a payload in the username field that does not begin with a '<' character. 2017-07-23 4.3 CVE-2017-11581
MISC(link is external)
finecms -- finecms dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php. 2017-07-23 5.8 CVE-2017-11586
MISC(link is external)
fontforge -- fontforge FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11569
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11568
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11570
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11571
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11572
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11573
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11574
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c. 2017-07-23 6.8 CVE-2017-11575
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file. 2017-07-23 4.3 CVE-2017-11576
MISC(link is external)
fontforge_project -- fontforge FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file. 2017-07-23 6.8 CVE-2017-11577
MISC(link is external)
gnome -- libgxps There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack. 2017-07-23 4.3 CVE-2017-11590
MISC(link is external)
greenpacket -- dx-350_firmware Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP. 2017-07-21 6.8 CVE-2017-9930
MISC(link is external)
greenpacket -- dx-350_firmware Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi. 2017-07-21 4.3 CVE-2017-9931
MISC(link is external)
ibm -- rhapsody_design_manager IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. 2017-07-24 4.9 CVE-2017-1287
CONFIRM(link is external)
MISC(link is external)
ibm -- security_guardium IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742. 2017-07-21 5.0 CVE-2017-1267
CONFIRM(link is external)
BID(link is external)
MISC(link is external)
ibm -- tririga_application_platform Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864. 2017-07-21 6.5 CVE-2017-1371
CONFIRM(link is external)
MISC(link is external)
ibm -- tririga_application_platform Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. IBM X-Force ID: 126866. 2017-07-21 6.5 CVE-2017-1373
CONFIRM(link is external)
BID(link is external)
MISC(link is external)
ibm -- tririga_application_platform Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. IBM X-Force ID: 126867. 2017-07-21 4.0 CVE-2017-1374
CONFIRM(link is external)
MISC(link is external)
imagemagick -- imagemagick The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. 2017-07-22 4.3 CVE-2017-11522
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. 2017-07-22 4.3 CVE-2017-11524
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. 2017-07-22 4.3 CVE-2017-11528
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. 2017-07-22 4.3 CVE-2017-11529
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. 2017-07-22 4.3 CVE-2017-11532
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. 2017-07-22 4.3 CVE-2017-11533
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c. 2017-07-22 4.3 CVE-2017-11534
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c. 2017-07-22 4.3 CVE-2017-11535
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c. 2017-07-22 4.3 CVE-2017-11536
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. 2017-07-22 4.3 CVE-2017-11537
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c. 2017-07-22 4.3 CVE-2017-11538
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c. 2017-07-22 4.3 CVE-2017-11539
BID(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c. 2017-07-22 4.3 CVE-2017-11540
BID(link is external)
CONFIRM(link is external)
inmarsat -- amosconnect_8 Blind SQL injection in the AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords. 2017-07-22 5.0 CVE-2017-3221
BID(link is external)
CERT-VN
libexpat_project -- libexpat XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. 2017-07-25 5.0 CVE-2017-9233
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
libsass -- libsass There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service. 2017-07-22 5.0 CVE-2017-11554
MISC(link is external)
MISC(link is external)
libsass -- libsass There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service. 2017-07-22 5.0 CVE-2017-11555
MISC(link is external)
libsass -- libsass There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service. 2017-07-22 5.0 CVE-2017-11556
MISC(link is external)
libsass -- libsass There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack. 2017-07-24 4.3 CVE-2017-11605
BID(link is external)
MISC(link is external)
libsass -- libsass There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. 2017-07-24 4.3 CVE-2017-11608
MISC(link is external)
linux -- linux_kernel The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket. 2017-07-21 4.9 CVE-2017-7542
CONFIRM
BID(link is external)
CONFIRM(link is external)
microsec -- e-szigno Microsec e-Szigno before 3.2.7.12 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object. 2017-07-21 6.8 CVE-2015-3931
MISC(link is external)
MISC
BID(link is external)
MISC(link is external)
MISC(link is external)
MISC(link is external)
netlock -- mokka Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object. 2017-07-21 6.8 CVE-2015-3932
MISC(link is external)
MISC
BID(link is external)
MISC(link is external)
MISC(link is external)
phpmybackuppro -- phpmybackuppro phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to scheduled.php, and making requests to injected scripts, or by injecting PHP into a PHP configuration variable via a PHP variable variable. 2017-07-21 6.5 CVE-2015-3638
MLIST(link is external)
MLIST(link is external)
SECTRACK(link is external)
phpmybackuppro -- phpmybackuppro phpMyBackupPro 2.5 and earlier does not properly sanitize input strings, which allows remote authenticated users to execute arbitrary PHP code by storing a crafted string in a user configuration file. 2017-07-21 6.5 CVE-2015-3639
MLIST(link is external)
MLIST(link is external)
SECTRACK(link is external)
phpmybackuppro -- phpmybackuppro phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the path, filename, and dirs parameters to scheduled.php, and making requests to injected scripts. 2017-07-21 6.0 CVE-2015-3640
MLIST(link is external)
SECTRACK(link is external)
sap -- netweaver_portal Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535. 2017-07-25 4.3 CVE-2017-11460
BID(link is external)
MISC(link is external)
subsonic -- subsonic Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via the urlRedirectCustomUrl parameter to networkSettings.view. NOTE: These vulnerabilities can be exploited to conduct server-side request forgery (SSRF) attacks. 2017-07-25 6.8 CVE-2017-9413
MISC(link is external)
EXPLOIT-DB(link is external)
subsonic -- subsonic Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view. 2017-07-21 5.1 CVE-2017-9415
EXPLOIT-DB(link is external)
tcpdump -- tcpdump tcpdump 4.9.0 has a Segmentation Violation in the compressed_sl_print function in print-sl.c:229:3. 2017-07-22 5.0 CVE-2017-11544
BID(link is external)
MISC(link is external)
tcpdump -- tcpdump tcpdump 4.9.0 has a Segmentation Violation in the compressed_sl_print function in print-sl.c:253:34. 2017-07-22 5.0 CVE-2017-11545
BID(link is external)
MISC(link is external)
tilde_cms_project -- tilde_cms An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass the implemented restrictions on arbitrary file upload via a filename.+php manipulation. 2017-07-24 5.0 CVE-2017-11326
MISC
tilde_cms_project -- tilde_cms An issue was discovered in Tilde CMS 1.0.1. It is possible to retrieve sensitive data by using direct references. A low-privileged user can load PHP resources such as admin/content.php and admin/content.php?method=ftp_upload. 2017-07-24 4.0 CVE-2017-11327
MISC
tp-link -- archer_c9_(2.0)_firmware passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511. 2017-07-21 5.0 CVE-2017-11519
MISC(link is external)
MISC(link is external)
tukaani -- xz scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name. 2017-07-25 4.6 CVE-2015-4035
MLIST
MLIST(link is external)
CONFIRM(link is external)
CONFIRM
yiiframework -- yii An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception->errorInfo is mishandled. 2017-07-21 4.3 CVE-2017-11516
CONFIRM(link is external)
CONFIRM

 

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
ibm -- emptoris_strategic_supply_management IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118356. 2017-07-24 3.5 CVE-2016-6118
CONFIRM(link is external)
BID(link is external)
MISC(link is external)
ibm -- rational_software_architect_design_manager IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124580. 2017-07-24 3.5 CVE-2017-1245
CONFIRM(link is external)
MISC(link is external)
ibm -- rhapsody_design_manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118912. 2017-07-24 3.5 CVE-2016-8975
CONFIRM(link is external)
MISC(link is external)
ibm -- rhapsody_design_manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. 2017-07-24 3.5 CVE-2017-1249
CONFIRM(link is external)
MISC(link is external)
ibm -- tririga_application_platform IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126865. 2017-07-21 3.5 CVE-2017-1372
CONFIRM(link is external)
MISC(link is external)
ibm -- websphere_application_server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127151. 2017-07-24 3.5 CVE-2017-1380
CONFIRM(link is external)
BID(link is external)
SECTRACK(link is external)
MISC(link is external)
ibm -- websphere_application_server IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152. 2017-07-21 2.1 CVE-2017-1381
CONFIRM(link is external)
BID(link is external)
MISC(link is external)
ibm -- websphere_application_server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. A local attacker could exploit this to gain access to files with an unknown impact. IBM X-Force ID: 127153. 2017-07-24 3.6 CVE-2017-1382
CONFIRM(link is external)
BID(link is external)
SECTRACK(link is external)
MISC(link is external)
selinux_project -- selinux selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy. 2017-07-21 2.1 CVE-2015-3170
CONFIRM(link is external)
sos_project -- sos sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive. 2017-07-25 2.1 CVE-2015-3171
CONFIRM(link is external)
CONFIRM

 

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
acunetix -- acunetix Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess." 2017-07-27 not yet calculated CVE-2017-11673
MISC(link is external)
acunetix -- acunetix
 
Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess." 2017-07-27 not yet calculated CVE-2017-11674
MISC(link is external)
airlink101 -- skyipcam1620w_wireless_n_mpeg4_3gpp_network_camera snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter. 2017-07-24 not yet calculated CVE-2015-2280
MISC(link is external)
FULLDISC
BUGTRAQ(link is external)
BID(link is external)
MISC(link is external)
EXPLOIT-DB(link is external)
airlive -- multiple_products
 
cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter. 2017-07-24 not yet calculated CVE-2015-2279
MISC(link is external)
FULLDISC
BUGTRAQ(link is external)
BID(link is external)
MISC(link is external)
EXPLOIT-DB(link is external)
apache -- activemq_artemis
 
XML external entity (XXE) vulnerability in the XPath selector component in Artemis ActiveMQ before commit 48d9951d879e0c8cbb59d4b64ab59d53ef88310d allows remote attackers to have unspecified impact via unknown vectors. 2017-07-25 not yet calculated CVE-2015-3208
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
apache -- http_server
 
---------------------------------------------------------------------- WARNING - CVE-2016-0736 was assigned by redhat, not apache! Description from apache : In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. 2017-07-27 not yet calculated CVE-2016-0736
MISC
apache -- http_server
 
---------------------------------------------------------------------- WARNING - CVE-2016-2161 was assigned by redhat, not apache! Description from apache : In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. 2017-07-27 not yet calculated CVE-2016-2161
MISC
apache -- http_server
 
---------------------------------------------------------------------- WARNING - a refinement exists for CVE-2016-8743 : theall/20170425-084430 (delay queue)! Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. 2017-07-27 not yet calculated CVE-2016-8743
MISC
appserver -- appserver
 
Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. (dot dot) in a crafted URL. 2017-07-24 not yet calculated CVE-2015-1847
CONFIRM(link is external)
artifex -- artifex_ghostscript psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. 2017-07-28 not yet calculated CVE-2017-11714
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9611
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. 2017-07-26 not yet calculated CVE-2017-9620
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file. 2017-07-26 not yet calculated CVE-2017-9619
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9618
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9740
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9727
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9612
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9739
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9610
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript_ghostxps
 
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. 2017-07-26 not yet calculated CVE-2017-9726
CONFIRM(link is external)
CONFIRM(link is external)
artifex -- artifex_ghostscript
 
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.22 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c. 2017-07-26 not yet calculated CVE-2017-9835
CONFIRM(link is external)
CONFIRM(link is external)
audiocoder -- audiocoder Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file. 2017-07-27 not yet calculated CVE-2017-8870
EXPLOIT-DB(link is external)
avira -- avira_antivirus
 
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow. 2017-07-27 not yet calculated CVE-2016-10402
MISC
cacti -- cacti
 
Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers. 2017-07-27 not yet calculated CVE-2017-11691
CONFIRM(link is external)
CONFIRM(link is external)
candlepin -- candlepin
 
Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. 2017-07-25 not yet calculated CVE-2015-5187
CONFIRM(link is external)
cisco -- asr_5000_series_aggregation_services_routers
 
A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. More Information: CSCvb99022 CSCvc16964 CSCvc37351 CSCvc54843 CSCvc63444 CSCvc77815 CSCvc88658 CSCve08955 CSCve14141 CSCve33870. 2017-07-25 not yet calculated CVE-2017-6672
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)

cisco -- asr_5000_series_aggregation_services_routers


 
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927. 2017-07-25 not yet calculated CVE-2017-6612
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco -- cloud_web_security
 
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. 2017-07-25 not yet calculated CVE-2015-0674
CISCO(link is external)
cisco -- residential_gateway
 
On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is remote command execution via shell metacharacters in the pingAddr parameter to the waitPingqry.cgi URI. The command output is visible at /PingMsg.cmd. 2017-07-23 not yet calculated CVE-2017-11588
MISC
BID(link is external)
cisco -- residential_gateway
 
On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is no access control for info.html, wancfg.cmd, rtroutecfg.cmd, arpview.cmd, cpuview.cmd, memoryview.cmd, statswan.cmd, statsatm.cmd, scsrvcntr.cmd, scacccntr.cmd, logview.cmd, voicesipview.cmd, usbview.cmd, wlmacflt.cmd, wlwds.cmd, wlstationlist.cmd, HPNAShow.cmd, HPNAView.cmd, qoscls.cmd, qosqueue.cmd, portmap.cmd, scmacflt.cmd, scinflt.cmd, scoutflt.cmd, certlocal.cmd, or certca.cmd. 2017-07-23 not yet calculated CVE-2017-11589
MISC
cisco -- residential_gateway
 
On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is directory traversal in the filename parameter to the /download.conf URI. 2017-07-23 not yet calculated CVE-2017-11587
MISC
cisco -- web_security_appliance
 
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270. 2017-07-25 not yet calculated CVE-2017-6750
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco -- web_security_appliance
 
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485. 2017-07-25 not yet calculated CVE-2017-6751
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco -- web_security_appliance
 
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. Affected Products: Cisco AsyncOS Software 10.0 and later for WSA on both virtual and hardware appliances. More Information: CSCvd88862. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-235. 2017-07-25 not yet calculated CVE-2017-6746
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco -- web_security_appliance
 
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234. 2017-07-25 not yet calculated CVE-2017-6748
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco -- web_security_appliance
 
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204. 2017-07-25 not yet calculated CVE-2017-6749
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
cisco --webex A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. The following versions of the Cisco WebEx browser extensions are affected: Versions prior to 1.0.12 of the Cisco WebEx extension on Google Chrome, Versions prior to 1.0.12 of the Cisco WebEx extension on Mozilla Firefox. Cisco Bug IDs: CSCvf15012 CSCvf15020 CSCvf15030 CSCvf15033 CSCvf15036 CSCvf15037. 2017-07-25 not yet calculated CVE-2017-6753
BID(link is external)
SECTRACK(link is external)
SECTRACK(link is external)
SECTRACK(link is external)
CONFIRM