The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| admidio -- admidio | SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization. | 2017-03-05 | 9.0 | CVE-2017-6492 MISC |
| apache -- camel | Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialization vulnerability. Camel allows to specify such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues. | 2017-03-07 | 7.5 | CVE-2016-9571 CONFIRM BID |
| apache -- camel | Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws. | 2017-03-07 | 7.5 | CVE-2017-3159 CONFIRM |
| asus -- rt-ac53_firmware | Buffer overflows in networkmap in ASUS ASUSWRT on RT-AC53 3.0.0.4.380.6038 devices allow remote attackers to execute arbitrary code on the router via a long host or port in crafted multicast messages. | 2017-03-09 | 10.0 | CVE-2017-6548 MISC |
| asus -- rt-ac53_firmware | Session hijack vulnerability in httpd in ASUS ASUSWRT on RT-AC53 3.0.0.4.380.6038 devices allows remote attackers to steal any active admin session by sending cgi_logout and asusrouter-Windows-IFTTT-1.0 in certain HTTP headers. | 2017-03-09 | 9.3 | CVE-2017-6549 MISC |
| d-link -- di-524_firmware | Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. | 2017-03-06 | 8.5 | CVE-2017-5633 MISC BID |
| debian -- debian_linux | Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. | 2017-03-07 | 7.5 | CVE-2016-8863 BID CONFIRM CONFIRM DEBIAN |
| espeak-ruby_project -- espeak-ruby | The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb. | 2017-03-03 | 7.5 | CVE-2016-10193 MLIST MLIST CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | 2017-03-07 | 7.5 | CVE-2016-7780 MISC FULLDISC CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter. | 2017-03-07 | 7.5 | CVE-2016-7781 MISC FULLDISC CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter. | 2017-03-07 | 7.5 | CVE-2016-7782 MISC FULLDISC |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | 2017-03-07 | 7.5 | CVE-2016-7783 MISC FULLDISC |
| exponentcms -- exponent_cms | SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | 2017-03-07 | 7.5 | CVE-2016-7784 MISC FULLDISC CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in ramework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 2017-03-07 | 7.5 | CVE-2016-7788 MISC FULLDISC CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | 2017-03-07 | 7.5 | CVE-2016-7789 MISC MISC FULLDISC |
| exponentcms -- exponent_cms | SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | 2017-03-07 | 7.5 | CVE-2016-9019 MISC MISC FULLDISC |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | 2017-03-07 | 7.5 | CVE-2016-9020 MISC FULLDISC CONFIRM |
| exponentcms -- exponent_cms | SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter. | 2017-03-07 | 7.5 | CVE-2016-9087 MISC FULLDISC CONFIRM |
| festivaltts4r_project -- festivaltts4r | The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb. | 2017-03-03 | 7.5 | CVE-2016-10194 MLIST MLIST MISC |
| flexense -- sysgauge | An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | 2017-03-05 | 7.5 | CVE-2017-6416 BID EXPLOIT-DB |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33139050. | 2017-03-07 | 9.3 | CVE-2017-0466 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33250932. | 2017-03-07 | 9.3 | CVE-2017-0467 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33351708. | 2017-03-07 | 9.3 | CVE-2017-0468 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33450635. | 2017-03-07 | 9.3 | CVE-2017-0469 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818500. | 2017-03-07 | 9.3 | CVE-2017-0470 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33816782. | 2017-03-07 | 9.3 | CVE-2017-0471 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33862021. | 2017-03-07 | 9.3 | CVE-2017-0472 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33982658. | 2017-03-07 | 9.3 | CVE-2017-0473 BID MISC |
| google -- android | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32589224. | 2017-03-07 | 9.3 | CVE-2017-0474 BID MISC |
| google -- android | An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31914369. | 2017-03-07 | 9.3 | CVE-2017-0475 BID MISC |
| google -- android | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32707507. | 2017-03-07 | 9.3 | CVE-2017-0479 MISC |
| google -- android | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32705429. | 2017-03-07 | 9.3 | CVE-2017-0480 MISC |
| google -- android | An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33434992. | 2017-03-07 | 9.3 | CVE-2017-0481 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33090864. | 2017-03-07 | 7.1 | CVE-2017-0482 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33137046. | 2017-03-07 | 7.1 | CVE-2017-0483 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33298089. | 2017-03-07 | 7.1 | CVE-2017-0484 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33387820. | 2017-03-07 | 7.1 | CVE-2017-0485 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33621215. | 2017-03-07 | 7.1 | CVE-2017-0486 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33751193. | 2017-03-07 | 7.1 | CVE-2017-0487 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097213. | 2017-03-07 | 7.1 | CVE-2017-0488 MISC |
| google -- android | A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. This issue is rated as Low due to the possibility of a temporary denial of service. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32095713. | 2017-03-07 | 7.1 | CVE-2017-0499 MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28429685. References: M-ALPS02710006. | 2017-03-07 | 9.3 | CVE-2017-0500 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. References: M-ALPS02708983. | 2017-03-07 | 9.3 | CVE-2017-0501 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430164. References: M-ALPS02710027. | 2017-03-07 | 9.3 | CVE-2017-0502 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28449045. References: M-ALPS02710075. | 2017-03-07 | 9.3 | CVE-2017-0503 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30074628. References: M-ALPS02829371. | 2017-03-07 | 9.3 | CVE-2017-0504 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31822282. References: M-ALPS02992041. | 2017-03-07 | 9.3 | CVE-2017-0505 BID MISC |
| google -- android | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32276718. References: M-ALPS03006904. | 2017-03-07 | 9.3 | CVE-2017-0506 BID MISC |
| google -- android | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32124445. References: B-RB#110688. | 2017-03-07 | 9.3 | CVE-2017-0509 MISC |
| google -- android | An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32372051. References: M-ALPS02973195. | 2017-03-07 | 7.6 | CVE-2017-0517 MISC |
| google -- android | An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process. Product: Android. Versions: N/A. Android ID: A-32916158. References: M-ALPS03032516. | 2017-03-07 | 9.3 | CVE-2017-0522 MISC |
| google -- android | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945. | 2017-03-07 | 7.6 | CVE-2017-0523 MISC CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999537. | 2017-03-07 | 7.5 | CVE-2016-9724 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542. | 2017-03-07 | 9.0 | CVE-2016-9726 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542. | 2017-03-07 | 8.5 | CVE-2016-9727 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 could allow a remote attacker to consume all resources on the server due to not properly restricting the size or amount of resources requested by an actor. IBM Reference #: 1999556. | 2017-03-07 | 7.8 | CVE-2016-9740 CONFIRM BID |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32342399. References: QC-CR#1088824. | 2017-03-07 | 7.6 | CVE-2016-8417 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31824853. References: QC-CR#1093687. | 2017-03-07 | 9.3 | CVE-2016-8479 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306. | 2017-03-07 | 9.3 | CVE-2017-0306 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33177895. References: N-CVE-2017-0307. | 2017-03-07 | 9.3 | CVE-2017-0307 CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33899363. References: N-CVE-2017-0333. | 2017-03-07 | 9.3 | CVE-2017-0333 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33043375. References: N-CVE-2017-0335. | 2017-03-07 | 9.3 | CVE-2017-0335 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. References: N-CVE-2017-0337. | 2017-03-07 | 9.3 | CVE-2017-0337 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. References: N-CVE-2017-0338. | 2017-03-07 | 9.3 | CVE-2017-0338 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33979145. References: QC-CR#1105085. | 2017-03-07 | 7.6 | CVE-2017-0453 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-32370952. References: QC-CR#1082755. | 2017-03-07 | 9.3 | CVE-2017-0455 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33106520. References: QC-CR#1099598. | 2017-03-07 | 7.6 | CVE-2017-0456 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31695439. References: QC-CR#1086123, QC-CR#1100695. | 2017-03-07 | 7.6 | CVE-2017-0457 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32588962. References: QC-CR#1089433. | 2017-03-07 | 7.6 | CVE-2017-0458 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252965. References: QC-CR#1098801. | 2017-03-07 | 7.6 | CVE-2017-0460 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33277611. References: QC-CR#1101792. | 2017-03-07 | 7.6 | CVE-2017-0463 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32940193. References: QC-CR#1102593. | 2017-03-07 | 7.6 | CVE-2017-0464 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31992382. | 2017-03-07 | 9.3 | CVE-2017-0507 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33940449. | 2017-03-07 | 9.3 | CVE-2017-0508 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32402555. | 2017-03-07 | 9.3 | CVE-2017-0510 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32341680. References: QC-CR#1096301. | 2017-03-07 | 7.6 | CVE-2017-0516 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32370896. References: QC-CR#1086530. | 2017-03-07 | 7.6 | CVE-2017-0518 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32372915. References: QC-CR#1086530. | 2017-03-07 | 7.6 | CVE-2017-0519 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. References: QC-CR#1082636. | 2017-03-07 | 7.6 | CVE-2017-0520 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32919951. References: QC-CR#1097709. | 2017-03-07 | 7.6 | CVE-2017-0521 MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33002026. | 2017-03-07 | 7.6 | CVE-2017-0524 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33139056. References: QC-CR#1097714. | 2017-03-07 | 7.6 | CVE-2017-0525 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33897738. | 2017-03-07 | 7.6 | CVE-2017-0526 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33899318. | 2017-03-07 | 7.6 | CVE-2017-0527 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919. | 2017-03-07 | 9.3 | CVE-2017-0528 MISC |
| linux -- linux_kernel | Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. | 2017-03-07 | 7.2 | CVE-2017-2636 MLIST CONFIRM |
| nefarious2_project -- nefarious2 | The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter. | 2017-03-07 | 7.5 | CVE-2016-7145 MLIST CONFIRM |
| netgear -- dgn2200_series_firmware | dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077. | 2017-03-05 | 9.0 | CVE-2017-6334 BID EXPLOIT-DB |
| openbsd -- openbsd | Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | 2017-03-07 | 7.2 | CVE-2016-6240 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | 2017-03-07 | 7.2 | CVE-2016-6241 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | 2017-03-07 | 7.8 | CVE-2016-6244 MLIST BID |
| openelec -- openelec | The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3 and 7.0.1 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely. | 2017-03-05 | 7.6 | CVE-2017-6445 BID MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. | 2017-03-03 | 7.5 | CVE-2017-5830 MLIST BID CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness. | 2017-03-03 | 7.8 | CVE-2017-6470 CONFIRM CONFIRM CONFIRM |
| zoneminder -- zoneminder | SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. | 2017-03-03 | 7.5 | CVE-2016-10204 MLIST MISC |
| zoneminder -- zoneminder | Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. | 2017-03-03 | 7.5 | CVE-2016-10205 MLIST MISC |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| agora-project -- agora-project | XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack. | 2017-03-09 | 4.3 | CVE-2017-6559 MISC |
| agora-project -- agora-project | XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack. | 2017-03-09 | 4.3 | CVE-2017-6560 MISC |
| agora-project -- agora-project | XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack. | 2017-03-09 | 4.3 | CVE-2017-6561 MISC |
| agora-project -- agora-project | XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack. | 2017-03-09 | 4.3 | CVE-2017-6562 MISC |
| asus -- rt-ac53_firmware | Cross-site scripting (XSS) vulnerability in httpd in ASUS ASUSWRT on RT-AC53 3.0.0.4.380.6038 devices allows remote attackers to inject arbitrary JavaScript by requesting filenames longer than 50 characters. | 2017-03-09 | 4.3 | CVE-2017-6547 MISC |
| atutor -- atutor | Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor 2.2.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (lang_code in themes/*/admin/system_preferences/language_edit.tmpl.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6483 BID CONFIRM |
| blackberry -- good_control_server | An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain diagnostic log files through either a valid logon or an unrelated compromise of the server. | 2017-03-03 | 5.0 | CVE-2016-3127 CONFIRM BID |
| burgundy-cms_project -- burgundy-cms | Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS in admin/components/menu/views/menuitems.php (id parameter). | 2017-03-07 | 4.3 | CVE-2017-6509 CONFIRM |
| ca -- service_desk_manager | Cross-site scripting (XSS) vulnerability in CA Service Desk Manager (formerly CA Service Desk) 12.9 and 14.1 allows remote attackers to inject arbitrary web script or HTML via the QBE.EQ.REF_NUM parameter. | 2017-03-07 | 4.3 | CVE-2016-9148 MISC FULLDISC CONFIRM BID SECTRACK |
| ca -- unified_infrastructure_management | Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors. | 2017-03-07 | 5.0 | CVE-2016-9164 MISC FULLDISC BID MISC CONFIRM |
| cloudera -- hue | Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE 3.9.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name or (2) Last name field in the HUE Users page. | 2017-03-07 | 4.3 | CVE-2016-4946 MISC BID |
| cloudera -- hue | Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete. | 2017-03-07 | 5.0 | CVE-2016-4947 MISC BID |
| cloudera -- manager | Multiple cross-site scripting (XSS) vulnerabilities in Cloudera Manager 5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Template Name field when renaming a template; (2) KDC Server host, (3) Kerberos Security Realm, (4) Kerberos Encryption Types, (5) Advanced Configuration Snippet (Safety Valve) for [libdefaults] section of krb5.conf, (6) Advanced Configuration Snippet (Safety Valve) for the Default Realm in krb5.conf, (7) Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf, or (8) Active Directory Account Prefix fields in the Kerberos wizard; or (9) classicWizard parameter to cmf/cloudera-director/redirect. | 2017-03-07 | 4.3 | CVE-2016-4948 MISC BID |
| cloudera -- manager | Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a (1) stderr.log or (2) stdout.log value in the filename parameter to /cmf/process/<process_id>/logs. | 2017-03-07 | 5.0 | CVE-2016-4949 MISC BID |
| cloudera -- manager | Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions. | 2017-03-07 | 5.0 | CVE-2016-4950 MISC BID |
| cpanel -- cgiemail | Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. | 2017-03-03 | 6.8 | CVE-2017-5613 MLIST BID MISC |
| cpanel -- cgiemail | Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter. | 2017-03-03 | 5.8 | CVE-2017-5614 MLIST BID MISC |
| cpanel -- cgiemail | cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location. | 2017-03-03 | 5.8 | CVE-2017-5615 MLIST BID MISC |
| cpanel -- cgiemail | Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. | 2017-03-03 | 4.3 | CVE-2017-5616 MLIST BID MISC |
| debian -- debian_linux | The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file. | 2017-03-07 | 4.3 | CVE-2013-5653 DEBIAN MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| debian -- debian_linux | The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 2017-03-07 | 4.3 | CVE-2016-5315 DEBIAN MLIST BID CONFIRM GENTOO |
| debian -- debian_linux | Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler. | 2017-03-07 | 5.0 | CVE-2016-6255 DEBIAN MLIST MLIST BID MISC CONFIRM MISC |
| django-epiceditor_project -- django-epiceditor | There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field. | 2017-03-09 | 4.3 | CVE-2017-6591 MISC |
| dlink -- dsl-2730u_firmware | Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. | 2017-03-06 | 6.8 | CVE-2017-6411 BID EXPLOIT-DB |
| dotclear -- dotclear | XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters. | 2017-03-05 | 4.3 | CVE-2017-6446 BID CONFIRM |
| epiceditor_project -- epiceditor | EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document. | 2017-03-09 | 4.3 | CVE-2017-6589 MISC |
| fenix_hosting -- fenix-open-source | FenixHosting/fenix-open-source before 2017-03-04 is vulnerable to a reflected XSS in forums/search.php (search-by-topic parameter). | 2017-03-05 | 4.3 | CVE-2017-6479 BID CONFIRM |
| finecms_project -- finecms | andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in index.php because of missing validation of the action parameter in application/classes/application.php. | 2017-03-07 | 4.3 | CVE-2017-6511 CONFIRM CONFIRM |
| flexerasoftware -- flexnet_publisher | Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 2017-03-03 | 5.8 | CVE-2017-5571 BID CONFIRM |
| freetype -- freetype | The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. | 2017-03-06 | 6.8 | CVE-2016-10244 CONFIRM CONFIRM |
| gnu -- wget | CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL. | 2017-03-07 | 4.3 | CVE-2017-6508 CONFIRM MISC |
| google -- android | Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. | 2017-03-07 | 6.9 | CVE-2016-10200 CONFIRM CONFIRM CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33388925. | 2017-03-07 | 6.8 | CVE-2017-0476 MISC |
| google -- android | A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-33621647. | 2017-03-07 | 6.8 | CVE-2017-0477 MISC |
| google -- android | A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716. | 2017-03-07 | 6.8 | CVE-2017-0478 MISC |
| google -- android | An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate because it could be used to generate inaccurate data. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33091107. | 2017-03-07 | 4.3 | CVE-2017-0489 MISC |
| google -- android | An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33178389. | 2017-03-07 | 4.3 | CVE-2017-0490 CONFIRM MISC |
| google -- android | An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32553261. | 2017-03-07 | 4.3 | CVE-2017-0491 CONFIRM MISC |
| google -- android | An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Versions: 7.1.1. Android ID: A-30150688. | 2017-03-07 | 4.3 | CVE-2017-0492 MISC |
| google -- android | An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32764144. | 2017-03-07 | 4.3 | CVE-2017-0494 MISC |
| google -- android | An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33552073. | 2017-03-07 | 4.3 | CVE-2017-0495 MISC |
| google -- android | A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-31554152. | 2017-03-07 | 4.3 | CVE-2017-0496 MISC |
| google -- android | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33300701. | 2017-03-07 | 5.4 | CVE-2017-0497 MISC |
| google -- android | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-28449427. References: M-ALPS02710042. | 2017-03-07 | 4.3 | CVE-2017-0529 MISC |
| groovel_project -- cmsgroovel | groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS in commons/browser.php (path parameter). | 2017-03-05 | 4.3 | CVE-2017-6480 BID CONFIRM CONFIRM |
| ibm -- business_process_manager | IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be considered executable and cause damage on the victim's machine. IBM Reference #: 1998655. | 2017-03-07 | 6.8 | CVE-2016-9693 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM Reference #: 1999533. | 2017-03-07 | 5.0 | CVE-2016-9720 CONFIRM BID |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534. | 2017-03-07 | 4.3 | CVE-2016-9723 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. IBM Reference #: 1999539. | 2017-03-07 | 5.0 | CVE-2016-9725 CONFIRM BID |
| ibm -- qradar_security_information_and_event_manager | IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543. | 2017-03-07 | 5.0 | CVE-2016-9728 CONFIRM |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM Reference #: 1999545. | 2017-03-07 | 6.4 | CVE-2016-9729 CONFIRM BID |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1999549. | 2017-03-07 | 4.3 | CVE-2016-9730 CONFIRM |
| ibm -- tivoli_monitoring | IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223. | 2017-03-08 | 4.9 | CVE-2016-5933 CONFIRM |
| ibm -- websphere_mq | IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663. | 2017-03-07 | 6.8 | CVE-2016-8971 CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS). | 2017-03-05 | 5.0 | CVE-2017-6497 BID CONFIRM CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS. | 2017-03-05 | 4.3 | CVE-2017-6498 BID CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS). | 2017-03-05 | 4.3 | CVE-2017-6499 BID CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read. | 2017-03-05 | 4.3 | CVE-2017-6500 BID CONFIRM CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference. | 2017-03-05 | 4.3 | CVE-2017-6501 BID CONFIRM CONFIRM |
| imagemagick -- imagemagick | An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS). | 2017-03-05 | 4.3 | CVE-2017-6502 CONFIRM |
| intel -- quickassist_technology_engine | The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. | 2017-03-07 | 5.0 | CVE-2017-5681 CONFIRM |
| inter-mediator_project -- inter-mediator | Multiple Cross-Site Scripting (XSS) issues were discovered in INTER-Mediator 5.5. The vulnerabilities exist due to insufficient filtration of user-supplied data (c and cred) passed to the "INTER-Mediator-master/Auth_Support/PasswordReset/resetpassword.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6484 CONFIRM |
| irssi -- irssi | The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick. | 2017-03-03 | 5.0 | CVE-2017-5193 MLIST BID CONFIRM |
| irssi -- irssi | Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message. | 2017-03-03 | 5.0 | CVE-2017-5194 MLIST BID CONFIRM |
| irssi -- irssi | Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code. | 2017-03-03 | 5.0 | CVE-2017-5195 MLIST BID CONFIRM |
| irssi -- irssi | Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8. | 2017-03-03 | 5.0 | CVE-2017-5196 MLIST BID CONFIRM |
| irssi -- irssi | Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]). | 2017-03-03 | 5.0 | CVE-2017-5356 MLIST MLIST BID MISC CONFIRM |
| lenovo -- thinkserver_firmware | Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77. | 2017-03-03 | 5.0 | CVE-2016-8236 CONFIRM |
| libimobiledevice -- libplist | The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file. | 2017-03-03 | 4.3 | CVE-2017-5834 MLIST MLIST BID CONFIRM |
| libimobiledevice -- libplist | libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. | 2017-03-03 | 5.0 | CVE-2017-5835 MLIST MLIST BID CONFIRM |
| libimobiledevice -- libplist | The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free. | 2017-03-03 | 5.0 | CVE-2017-5836 MLIST MLIST BID CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-33745862. References: QC-CR#1035099. | 2017-03-07 | 4.3 | CVE-2016-8483 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33245849. References: N-CVE-2017-0334. | 2017-03-07 | 4.3 | CVE-2017-0334 CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33042679. References: N-CVE-2017-0336. | 2017-03-07 | 4.3 | CVE-2017-0336 CONFIRM |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id. | 2017-03-09 | 6.5 | CVE-2017-6570 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id. | 2017-03-09 | 6.5 | CVE-2017-6571 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list. | 2017-03-09 | 6.5 | CVE-2017-6572 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id. | 2017-03-09 | 6.5 | CVE-2017-6573 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list. | 2017-03-09 | 6.5 | CVE-2017-6574 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id. | 2017-03-09 | 6.5 | CVE-2017-6575 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id. | 2017-03-09 | 6.5 | CVE-2017-6576 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id. | 2017-03-09 | 6.5 | CVE-2017-6577 MISC |
| mail-masta_project -- mail-masta | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email. | 2017-03-09 | 6.5 | CVE-2017-6578 MISC |
| mangoswebv4_project -- mangoswebv4 | paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php (step parameter). | 2017-03-05 | 4.3 | CVE-2017-6478 BID CONFIRM CONFIRM |
| mantisbt -- mantisbt | A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter. | 2017-03-09 | 4.3 | CVE-2017-6797 CONFIRM CONFIRM CONFIRM CONFIRM |
| mantisbt -- mantisbt | A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. | 2017-03-10 | 4.3 | CVE-2017-6799 CONFIRM CONFIRM CONFIRM |
| matrixssl -- matrixssl | MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack. | 2017-03-03 | 4.3 | CVE-2016-6882 MLIST MISC CONFIRM MISC |
| matrixssl -- matrixssl | MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. | 2017-03-03 | 4.3 | CVE-2016-6883 MLIST CONFIRM |
| matrixssl -- matrixssl | TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message. | 2017-03-03 | 4.3 | CVE-2016-6884 MLIST CONFIRM |
| openbsd -- openbsd | The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | 2017-03-07 | 4.9 | CVE-2016-6239 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | 2017-03-07 | 4.9 | CVE-2016-6242 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | 2017-03-07 | 4.9 | CVE-2016-6243 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | 2017-03-07 | 4.9 | CVE-2016-6245 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | 2017-03-07 | 4.9 | CVE-2016-6246 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | 2017-03-07 | 4.9 | CVE-2016-6247 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | 2017-03-07 | 4.9 | CVE-2016-6350 CONFIRM CONFIRM MLIST MLIST BID |
| openbsd -- openbsd | Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | 2017-03-07 | 4.9 | CVE-2016-6522 CONFIRM MLIST MLIST BID |
| owncloud -- owncloud | The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 sends different error messages depending on whether the username is valid, which allows remote attackers to enumerate user names via a large number of password reset attempts. | 2017-03-03 | 4.3 | CVE-2017-5865 BID CONFIRM |
| owncloud -- owncloud | The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 2017-03-03 | 4.0 | CVE-2017-5866 BID CONFIRM |
| owncloud -- owncloud | ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file. | 2017-03-03 | 4.0 | CVE-2017-5867 BID CONFIRM |
| php-calendar -- php-calendar | A Cross-Site Scripting (XSS) issue was discovered in php-calendar before 2017-03-03. The vulnerability exists due to insufficient filtration of user-supplied data (errorMsg) passed to the "php-calendar-master/error.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6485 CONFIRM |
| phpipam -- phpipam | Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam 1.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (instructions in app/admin/instructions/preview.php; subnetId in app/admin/powerDNS/refresh-ptr-records.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6481 BID CONFIRM |
| plone -- plone | Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile action to Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions. | 2017-03-07 | 4.0 | CVE-2016-7135 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| plone -- plone | z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request. | 2017-03-07 | 4.3 | CVE-2016-7136 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| plone -- plone | Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form. | 2017-03-07 | 5.8 | CVE-2016-7137 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| plone -- plone | Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2017-03-07 | 4.3 | CVE-2016-7138 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| plone -- plone | Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 2017-03-07 | 4.3 | CVE-2016-7139 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| plone -- plone | Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-03-07 | 4.3 | CVE-2016-7140 MISC FULLDISC MLIST MLIST BUGTRAQ BID CONFIRM |
| pysaml2_project -- pysaml2 | PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. | 2017-03-03 | 6.8 | CVE-2016-10127 MLIST BID MISC MISC MISC MISC |
| qbittorrent -- qbittorrent | WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS. | 2017-03-05 | 4.3 | CVE-2017-6503 CONFIRM CONFIRM |
| qbittorrent -- qbittorrent | WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking. | 2017-03-05 | 4.3 | CVE-2017-6504 CONFIRM CONFIRM |
| qt -- qxmlsimplereader | Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. | 2017-03-07 | 4.3 | CVE-2016-10040 MLIST MLIST BID CONFIRM |
| reasoncms_project -- reasoncms | A Cross-Site Scripting (XSS) issue was discovered in reasoncms before 4.7.1. The vulnerability exists due to insufficient filtration of user-supplied data (nyroModalSel) passed to the "reasoncms-master/www/nyroModal/demoSent.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6486 CONFIRM CONFIRM |
| revive-adserver -- revive_adserver | Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID. | 2017-03-03 | 5.5 | CVE-2017-5831 MLIST BID CONFIRM |
| revive-adserver -- revive_adserver | Cross-site scripting (XSS) vulnerability in the invocation code generation for interstitial zones in Revive Adserver before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 2017-03-03 | 4.3 | CVE-2017-5833 MLIST BID CONFIRM |
| sanadata -- sanacms | Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the txtFrom parameter. | 2017-03-07 | 4.3 | CVE-2017-6518 MISC |
| silverstripe -- silverstripe | There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element. | 2017-03-06 | 4.3 | CVE-2017-5197 BID CONFIRM |
| telaxus -- epesi | Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (state, element, id, tab, cid) passed to the "EPESI-master/modules/Utils/RecordBrowser/favorites.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6487 BID CONFIRM |
| telaxus -- epesi | Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (visible, tab, cid) passed to the EPESI-master/modules/Utils/RecordBrowser/Filters/save_filters.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6488 CONFIRM |
| telaxus -- epesi | Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (element, state, cat, id, cid) passed to the EPESI-master/modules/Utils/Watchdog/subscribe.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6489 CONFIRM |
| telaxus -- epesi | Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (cid, value, element, mode, tab, form_name, id) passed to the EPESI-master/modules/Utils/RecordBrowser/grid.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6490 CONFIRM |
| telaxus -- epesi | Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (tooltip_id, callback, args, cid) passed to the EPESI-master/modules/Utils/Tooltip/req.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-05 | 4.3 | CVE-2017-6491 CONFIRM |
| tenable -- nessus | Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows. | 2017-03-08 | 6.0 | CVE-2017-6543 CONFIRM |
| umbraco -- umbraco | The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter. | 2017-03-03 | 4.3 | CVE-2015-8813 CONFIRM MLIST MLIST MLIST MLIST CONFIRM |
| umbraco -- umbraco | Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file. | 2017-03-03 | 6.8 | CVE-2015-8814 CONFIRM MLIST CONFIRM |
| umbraco -- umbraco | Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before 7.4.0 allow remote attackers to inject arbitrary web script or HTML via the name parameter to (1) the media page, (2) the developer data edit page, or (3) the form page. | 2017-03-03 | 5.0 | CVE-2015-8815 CONFIRM MLIST |
| webkit -- webkit | The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis). | 2017-03-07 | 5.0 | CVE-2016-9643 MLIST MLIST BID |
| webpagetest_project -- webpagetest | A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data (benchmark) passed to the webpagetest-master/www/benchmarks/view.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6533 CONFIRM |
| webpagetest_project -- webpagetest | A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data (pssid) passed to the webpagetest-master/www/pss.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6534 CONFIRM |
| webpagetest_project -- webpagetest | Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, url) passed to the webpagetest-master/www/benchmarks/trendurl.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6535 CONFIRM |
| webpagetest_project -- webpagetest | Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (url, pssid) passed to the webpagetest-master/www/weblite.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6536 CONFIRM |
| webpagetest_project -- webpagetest | A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data (bgcolor) passed to the webpagetest-master/www/video/view.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6537 CONFIRM |
| webpagetest_project -- webpagetest | A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data (video) passed to the webpagetest-master/www/speedindex/index.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6538 CONFIRM |
| webpagetest_project -- webpagetest | Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagetest-master/www/benchmarks/delta.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6539 CONFIRM |
| webpagetest_project -- webpagetest | Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (configs) passed to the webpagetest-master/www/benchmarks/compare.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6540 CONFIRM |
| webpagetest_project -- webpagetest | Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagetest-master/www/benchmarks/viewtest.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-08 | 4.3 | CVE-2017-6541 CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size. | 2017-03-03 | 5.0 | CVE-2017-6467 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records. | 2017-03-03 | 5.0 | CVE-2017-6468 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure. | 2017-03-03 | 5.0 | CVE-2017-6469 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length. | 2017-03-03 | 5.0 | CVE-2017-6471 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value. | 2017-03-03 | 5.0 | CVE-2017-6472 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets. | 2017-03-03 | 5.0 | CVE-2017-6473 CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes. | 2017-03-03 | 5.0 | CVE-2017-6474 CONFIRM CONFIRM CONFIRM |
| wp_markdown_editor_project -- wp_markdown_editor | A Stored XSS Vulnerability exists in the WP Markdown Editor (aka wp-markdown-editor) plugin 2.0.3 for WordPress. An example attack vector is a crafted IMG element in Add New Post or Edit Post. | 2017-03-10 | 4.3 | CVE-2017-6804 MISC |
| wuhu_project -- wuhu | Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter). | 2017-03-08 | 4.3 | CVE-2017-6544 CONFIRM |
| zoneminder -- zoneminder | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php. | 2017-03-03 | 4.3 | CVE-2016-10201 MLIST MISC |
| zoneminder -- zoneminder | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to index.php. | 2017-03-03 | 4.3 | CVE-2016-10202 MLIST MISC |
| zoneminder -- zoneminder | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor. | 2017-03-03 | 4.3 | CVE-2016-10203 MLIST MISC |
| zoneminder -- zoneminder | Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php. | 2017-03-03 | 6.8 | CVE-2016-10206 MLIST MISC |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| cmsmadesimple -- cms_made_simple | Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description parameter (aka "Design Manager > Categories > Category Description"). | 2017-03-09 | 3.5 | CVE-2017-6555 MISC |
| cmsmadesimple -- cms_made_simple | Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field. | 2017-03-09 | 3.5 | CVE-2017-6556 MISC |
| google -- android | A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-30352311. | 2017-03-07 | 2.1 | CVE-2017-0498 MISC |
| google -- android | An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32370398. References: M-ALPS03069985. | 2017-03-07 | 2.6 | CVE-2017-0532 MISC |
| ibm -- cognos_business_intelligence | IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. IBM Reference #: 1999671. | 2017-03-08 | 2.1 | CVE-2016-9985 CONFIRM |
| ibm -- db2 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference #: 1999515. | 2017-03-08 | 3.5 | CVE-2017-1150 CONFIRM BID |
| ibm -- maximo_asset_management | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053. | 2017-03-07 | 1.9 | CVE-2017-1124 CONFIRM BID |
| ibm -- qradar_security_information_and_event_manager | IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534. | 2017-03-07 | 3.5 | CVE-2017-1133 CONFIRM |
| ibm -- urbancode_deploy | IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: C1000264. | 2017-03-08 | 3.5 | CVE-2016-9006 CONFIRM |
| ibm -- websphere_commerce | IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408. | 2017-03-08 | 1.9 | CVE-2016-5894 CONFIRM BID |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32709702. References: QC-CR#518731. | 2017-03-07 | 2.6 | CVE-2016-8413 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32510746. References: QC-CR#1088206. | 2017-03-07 | 2.6 | CVE-2016-8416 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32720522. References: QC-CR#1090007. | 2017-03-07 | 2.6 | CVE-2016-8477 MISC CONFIRM CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32511270. References: QC-CR#1088206. | 2017-03-07 | 2.6 | CVE-2016-8478 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32873615. References: QC-CR#1093693. | 2017-03-07 | 2.6 | CVE-2017-0452 MISC |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32644895. References: QC-CR#1091939. | 2017-03-07 | 2.6 | CVE-2017-0459 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32073794. References: QC-CR#1100132. | 2017-03-07 | 2.6 | CVE-2017-0461 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32877245. References: QC-CR#1087469. | 2017-03-07 | 2.6 | CVE-2017-0531 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32509422. References: QC-CR#1088206. | 2017-03-07 | 2.6 | CVE-2017-0533 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32508732. References: QC-CR#1088206. | 2017-03-07 | 2.6 | CVE-2017-0534 MISC CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the HTC sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33547247. | 2017-03-07 | 2.6 | CVE-2017-0535 MISC |
| linux -- linux_kernel | An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33555878. | 2017-03-07 | 2.6 | CVE-2017-0536 MISC |
| linux -- linux_kernel | An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-31614969. | 2017-03-07 | 2.6 | CVE-2017-0537 MISC |
| revive-adserver -- revive_adserver | Cross-site scripting (XSS) vulnerability in Revive Adserver before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the user's email address. | 2017-03-03 | 3.5 | CVE-2017-5832 MLIST BID CONFIRM |
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache_struts_2 -- apache_struts_2 |
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017. | 2017-03-10 | not yet calculated | CVE-2017-5638 MISC MISC CONFIRM EXPLOIT-DB CONFIRM CONFIRM MISC MISC MISC MISC MISC |
| azure_data_expert -- azure_data_expert |
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | 2017-03-10 | not yet calculated | CVE-2017-6506 MISC EXPLOIT-DB |
| cambium_networks -- cnpilot |
On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183. | 2017-03-10 | not yet calculated | CVE-2017-5859 CONFIRM |
| cloud_foundry -- cloud_foundry |
An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack. | 2017-03-09 | not yet calculated | CVE-2017-4960 CONFIRM |
| dahua -- dhi-hcvr7216a-s3 |
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information. | 2017-03-09 | not yet calculated | CVE-2017-6432 MISC MISC |
| dnatools -- dnalims |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter). | 2017-03-09 | not yet calculated | CVE-2017-6527 MISC |
| dnatools -- dnalims |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file). | 2017-03-09 | not yet calculated | CVE-2017-6528 MISC |
| dnatools -- dnalims |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter. | 2017-03-09 | not yet calculated | CVE-2017-6529 MISC |
| dnatools -- dnalims |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests). | 2017-03-09 | not yet calculated | CVE-2017-6526 MISC |
| evostream -- media_server |
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request. | 2017-03-10 | not yet calculated | CVE-2017-6427 EXPLOIT-DB |
| f-secure -- f-secure_software_updater |
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the SYSTEM account. Note that when Software Updater is configured to install updates automatically, it checks if the downloaded file is digitally signed by default, but does not check the author of the signature. When running in manual mode (default), no signature check is performed. | 2017-03-11 | not yet calculated | CVE-2017-6466 MISC |
| f5 -- f5_big-ip |
In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. | 2017-03-07 | not yet calculated | CVE-2016-9245 BID CONFIRM |
| ftpshell -- ftpshell_client |
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation. | 2017-03-09 | not yet calculated | CVE-2017-6465 MISC BID EXPLOIT-DB |
| gdk-pixbuf -- gdk-pixbuf |
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file. | 2017-03-09 | not yet calculated | CVE-2017-6314 MISC MLIST MLIST MISC |
| gdk-pixbuf -- gdk-pixbuf |
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. | 2017-03-09 | not yet calculated | CVE-2017-6313 MISC MLIST MLIST MISC |
| gdk-pixbuf -- gdk-pixbuf |
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. | 2017-03-09 | not yet calculated | CVE-2017-6312 MISC MLIST MLIST MISC |
| gdk-pixbuf -- gdk-pixbuf |
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. | 2017-03-09 | not yet calculated | CVE-2017-6311 MISC MLIST MLIST MISC |
| iball -- baton |
iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file. | 2017-03-09 | not yet calculated | CVE-2017-6558 MISC |
| ibm -- tivolie_storage_manager |
IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946. | 2017-03-07 | not yet calculated | CVE-2016-8940 CONFIRM |
| novell -- iprint_client |
Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter. | 2017-03-11 | not yet calculated | CVE-2010-4314 CONFIRM |
| paintballrefjosh -- mangos_webv4 |
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.vote.php (id parameter). | 2017-03-11 | not yet calculated | CVE-2017-6812 CONFIRM |
| paintballrefjosh -- mangos_webv4 |
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.fplinks.php (linkid parameter). | 2017-03-11 | not yet calculated | CVE-2017-6810 CONFIRM |
| paintballrefjosh -- mangos_webv4 |
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.donate.php (id parameter). | 2017-03-11 | not yet calculated | CVE-2017-6809 CONFIRM |
| paintballrefjosh -- mangos_webv4 |
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.faq.php (id parameter). | 2017-03-11 | not yet calculated | CVE-2017-6808 CONFIRM |
| paintballrefjosh -- mangos_webv4 |
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.shop.php (id parameter). | 2017-03-11 | not yet calculated | CVE-2017-6811 CONFIRM |
| partclone -- partclone |
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a 'Denial of Service attack' in the context of the user running the affected application. | 2017-03-10 | not yet calculated | CVE-2017-6596 MISC |
| pharos -- popup_printer |
An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | 2017-03-10 | not yet calculated | CVE-2017-2785 MISC |
| pharos -- popup_printer |
A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to an out of bounds read causing a crash and a denial of service. | 2017-03-10 | not yet calculated | CVE-2017-2786 MISC |
| pharos -- popup_printer |
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | 2017-03-10 | not yet calculated | CVE-2017-2787 MISC |
| pharos -- popup_printer |
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | 2017-03-10 | not yet calculated | CVE-2017-2788 MISC |
| puppet -- mcollective_puppet_agent |
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1. | 2017-03-03 | not yet calculated | CVE-2017-2290 BID CONFIRM |
| r_programming_language -- r_programming_language |
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability. | 2017-03-10 | not yet calculated | CVE-2016-8714 MISC |
| sagemcom -- livebox_3 |
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services. | 2017-03-09 | not yet calculated | CVE-2017-6552 MISC |
| schneider_electric_tableau -- wonderwear_intelligence |
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access. | 2017-03-08 | not yet calculated | CVE-2017-5178 CONFIRM BID MISC |
| softaculous -- softaculous_virtualizor |
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL. | 2017-03-11 | not yet calculated | CVE-2017-6513 CONFIRM |
| syspass -- syspass |
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPT_RIJNDAEL_256() function (the 256-bit block version of Rijndael, not AES) instead of MCRYPT_RIJNDAEL_128 (real AES) could help an attacker to create unknown havoc in the remote system. | 2017-03-06 | not yet calculated | CVE-2017-5999 BID MISC CONFIRM CONFIRM |
| trend_micro -- endpoint_sensor |
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. | 2017-03-10 | not yet calculated | CVE-2017-6798 CONFIRM |
| ubuntu -- network_manager_applet |
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer and the Wi-Fi must be turned on. An access point that lets you use a certificate to login is required as well, but it's easy to create one. Then, it's possible to open a nautilus window and browse directories. One also can open some applications such as Firefox, which is useful for downloading malicious binaries. | 2017-03-09 | not yet calculated | CVE-2017-6590 CONFIRM CONFIRM MISC |
| unisys -- clearpath_mcp |
The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump. | 2017-03-09 | not yet calculated | CVE-2017-5872 CONFIRM |
| virgl -- virtual_opengl_renderer |
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access. | 2017-03-09 | not yet calculated | CVE-2017-6355 MLIST BID CONFIRM MLIST |
| webkitgtk+ -- webkitgtk+ |
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies. | 2017-03-09 | not yet calculated | CVE-2015-2330 MLIST MLIST CONFIRM CONFIRM CONFIRM |
| wepresent -- wipg-1500 |
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account. This account is not documented, nor is the DEBUG feature or the use of telnetd on port tcp/5885. | 2017-03-05 | not yet calculated | CVE-2017-6351 BID MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js. | 2017-03-11 | not yet calculated | CVE-2017-6814 MISC MISC MISC MISC MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality. | 2017-03-11 | not yet calculated | CVE-2017-6816 MISC MISC MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation. | 2017-03-11 | not yet calculated | CVE-2017-6815 MISC MISC MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds. | 2017-03-11 | not yet calculated | CVE-2017-6817 MISC MISC MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This. | 2017-03-11 | not yet calculated | CVE-2017-6819 MISC MISC MISC MISC MISC |
| wordpress -- wordpress |
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names. | 2017-03-11 | not yet calculated | CVE-2017-6818 MISC MISC MISC |
| yrase -- ytnef |
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef. | 2017-03-10 | not yet calculated | CVE-2017-6802 CONFIRM CONFIRM |
| yrase -- ytnef |
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef. | 2017-03-10 | not yet calculated | CVE-2017-6801 CONFIRM |
| yrase -- ytnef |
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef. | 2017-03-10 | not yet calculated | CVE-2017-6800 CONFIRM CONFIRM |
- 출처 / 기사원문보기: [US-CERT: Bulletin(SB17-072)] 2017년 3월 6일까지 발표된 보안 취약점
'IT 와 Social 이야기' 카테고리의 다른 글
| [김남주] Generative adversarial networks - 겐스 (0) | 2017.03.14 |
|---|---|
| [KISA] 스마트공장 중요정보 유출방지 가이드 (0) | 2017.03.14 |
| [SPRi] 자동차 산업의 SW안전 이슈와 해결과제 - 자율 주행 자동차 사고 예방 (0) | 2017.03.14 |
| [KISDI] 제4차 산업혁명과 디지털 트랜스포메이션(Digital Transformation)의 이해 (0) | 2017.03.14 |
| [ITFIND] 산업별 지능형 융합 서비스 미래상 전망 (0) | 2017.03.14 |
