본문 바로가기
IT 와 Social 이야기

[US-CERT: Bulletin(SB17-086)] 2017년 3월 20일까지 발표된 보안 취약점

by manga0713 2017. 3. 28.

 

 

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
canonical -- ubuntu_linux The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." 2017-03-20 7.5 CVE-2014-9841
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. 2017-03-20 7.5 CVE-2014-9843
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. 2017-03-20 7.5 CVE-2014-9846
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. 2017-03-20 7.5 CVE-2014-9847
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
cerberus -- cerberus_ftp_server Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command. 2017-03-17 7.5 CVE-2017-6880
EXPLOIT-DB(link is external)
chef_manage_project -- chef_manage The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5. 2017-03-17 7.5 CVE-2017-7174
CONFIRM(link is external)
erlang -- erlang/otp An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to. 2017-03-18 7.5 CVE-2016-10253
MISC(link is external)
gnu -- binutils ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. 2017-03-21 7.5 CVE-2014-9939
MISC(link is external)
CONFIRM
CONFIRM
gnu -- screen GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. 2017-03-20 7.2 CVE-2017-5618
CONFIRM
CONFIRM
CONFIRM
MLIST(link is external)
BID(link is external)
MLIST
ibm -- power_hardware_management_console IBM Power Hardware Management Console (HMC) 3.3.2 and 4.1 could allow a local user to escalate their privileges to gain root access. IBM Reference #: 1998459. 2017-03-20 7.2 CVE-2017-1134
CONFIRM(link is external)
BID(link is external)
ibm -- websphere_mq IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672. 2017-03-20 7.8 CVE-2017-1145
CONFIRM(link is external)
BID(link is external)
imagemagick -- imagemagick distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. 2017-03-17 7.5 CVE-2014-9852
SUSE
SUSE
SUSE
MLIST(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file. 2017-03-23 7.1 CVE-2016-10047
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. 2017-03-23 7.1 CVE-2016-10058
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
juniper -- junos_space Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication. 2017-03-20 7.5 CVE-2016-4926
BID(link is external)
CONFIRM(link is external)
juniper -- junos_space Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. 2017-03-20 9.0 CVE-2016-4929
BID(link is external)
CONFIRM(link is external)
kinsey -- infor-lawson Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData. 2017-03-20 7.5 CVE-2017-6550
MISC(link is external)
FULLDISC
BID(link is external)
EXPLOIT-DB(link is external)
linux -- linux_kernel The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function. 2017-03-20 7.2 CVE-2017-7187
BID(link is external)
MISC(link is external)
MISC
netiq -- access_governance_suite A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. 2017-03-23 9.0 CVE-2016-1597
CONFIRM(link is external)
netiq -- access_manager iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. 2017-03-23 7.5 CVE-2016-5757
CONFIRM(link is external)
oneplus -- oxygenos An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' in contradiction to the threat model of Android where the bootloader MUST NOT allow any security-sensitive operation to be run unless the bootloader is unlocked. 2017-03-19 7.2 CVE-2017-5623
BID(link is external)
MISC(link is external)
openinfosecfoundation -- suricata The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request. 2017-03-20 7.5 CVE-2015-8954
CONFIRM
CONFIRM
CONFIRM
pluck-cms -- pluck Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature. 2017-03-17 7.5 CVE-2014-8708
MISC(link is external)
MISC(link is external)
qdpm -- qdpm Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/. 2017-03-17 7.5 CVE-2015-3884
MISC(link is external)
MISC(link is external)
wondercms -- wondercms Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme. 2017-03-17 7.5 CVE-2014-8704
MISC(link is external)
wondercms -- wondercms PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attackers to execute arbitrary PHP code via a URL in the hook parameter. 2017-03-17 7.5 CVE-2014-8705
MISC(link is external)
MISC(link is external)
xrdp -- xrdp xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. 2017-03-17 7.5 CVE-2017-6967
MISC(link is external)
MISC(link is external)
MISC(link is external)
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
apache -- tomcat The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. 2017-03-20 6.8 CVE-2016-6816
BID(link is external)
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
apng2gif_project -- apng2gif An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable. 2017-03-17 5.0 CVE-2017-6960
MISC
apng2gif_project -- apng2gif An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amount of memory to allocate. 2017-03-17 4.3 CVE-2017-6961
MISC
apng2gif_project -- apng2gif An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12. 2017-03-17 5.0 CVE-2017-6962
MISC
artifex -- ghostscript The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document. 2017-03-21 4.3 CVE-2017-7207
CONFIRM(link is external)
BID(link is external)
CONFIRM(link is external)
audiofile -- audiofile The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6829
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6830
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6831
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6832
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6833
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6834
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6835
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6836
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients. 2017-03-20 4.3 CVE-2017-6837
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6838
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
audiofile -- audiofile Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. 2017-03-20 4.3 CVE-2017-6839
MLIST(link is external)
MISC
MISC(link is external)
MISC(link is external)
buddypress -- buddypress_plugin An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions. 2017-03-17 4.0 CVE-2017-6954
CONFIRM(link is external)
CONFIRM
ca -- unified_infrastructure_management The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors. 2017-03-20 5.0 CVE-2016-9165
BID(link is external)
MISC(link is external)
CONFIRM(link is external)
canonical -- ubuntu_linux Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. 2017-03-20 5.0 CVE-2014-9842
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. 2017-03-20 4.3 CVE-2014-9844
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. 2017-03-20 4.3 CVE-2014-9845
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). 2017-03-20 5.0 CVE-2014-9848
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
canonical -- ubuntu_linux The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). 2017-03-20 5.0 CVE-2014-9849
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
canonical -- ubuntu_linux Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). 2017-03-20 5.0 CVE-2014-9850
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
canonical -- ubuntu_linux ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). 2017-03-20 5.0 CVE-2014-9851
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
cisco -- adaptive_security_appliance_software A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8). 2017-03-17 5.0 CVE-2017-3867
BID(link is external)
CONFIRM(link is external)
cisco -- nx-os An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1) 7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1) 6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.337) 7.3(1)N1(1) 7.3(0)ZN(0.210) 7.3(0)ZN(0.177) 7.3(0)ZD(0.194) 7.3(0)TSH(0.99) 7.3(0)SC(0.14) 7.3(0)RSP(0.7) 7.3(0)N1(1) 7.3(0)N1(0.193) 7.3(0)IZN(0.13) 7.3(0)IB(0.102) 7.3(0)GLF(0.44) 7.3(0)D1(0.178) 7.1(0)D1(0.14) 7.0(3)ITI2(1.6) 7.0(3)ISH1(2.13) 7.0(3)IFD6(0.78) 7.0(3)IFD6(0) 7.0(3)IDE6(0.12) 7.0(3)IDE6(0) 7.0(3)I2(1) 7.0(3)I2(0.315) 7.0(1)ZD(0.3) 7.0(0)ZD(0.84) 6.2(1.149)S0 6.2(0.285) 6.1(5.32)S0 6.1(4.97)S0 6.1(2.30)S0. 2017-03-17 5.0 CVE-2017-3875
BID(link is external)
CONFIRM(link is external)
cisco -- nx-os A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCux46778. Known Affected Releases: 7.0(3)I3(0.170). Known Fixed Releases: 7.0(3)I3(1) 7.0(3)I3(0.257) 7.0(3)I3(0.255) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1). 2017-03-17 5.0 CVE-2017-3878
BID(link is external)
CONFIRM(link is external)
cisco -- nx-os A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCuy25824. Known Affected Releases: 7.0(3)I3(1) 8.3(0)CV(0.342) 8.3(0)CV(0.345). Known Fixed Releases: 8.3(0)CV(0.362) 8.0(1) 7.0(3)IED5(0.19) 7.0(3)IED5(0) 7.0(3)I4(1) 7.0(3)I4(0.8) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1) 7.0(3)F1(0.230). 2017-03-17 5.0 CVE-2017-3879
BID(link is external)
CONFIRM(link is external)
cisco -- prime_infrastructure An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials. More Information: CSCuy36192. Known Affected Releases: 3.1(1) 3.1(1). 2017-03-17 5.5 CVE-2017-3869
BID(link is external)
CONFIRM(link is external)
cisco -- prime_optical A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device. More Information: CSCvc65257. Known Affected Releases: 10.6(0.1). 2017-03-17 4.0 CVE-2017-3871
BID(link is external)
CONFIRM(link is external)
cisco -- prime_service_catalog A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information: CSCvc79842 CSCvc79846 CSCvc79855 CSCvc79873 CSCvc79882 CSCvc79891. Known Affected Releases: 11.1.2. 2017-03-17 4.3 CVE-2017-3866
BID(link is external)
CONFIRM(link is external)
cisco -- telepresence_server_software An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerability affects Cisco TelePresence Server MSE 8710 Processors that are running a software release prior to Cisco TelePresence Software Release 4.3 and are running in locally managed mode. The vulnerable API was deprecated in Cisco TelePresence Software Release 4.3. More Information: CSCvc37616. 2017-03-17 5.0 CVE-2017-3815
BID(link is external)
CONFIRM(link is external)
cisco -- unified_communications_manager A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device. More Information: CSCvc21620. Known Affected Releases: 10.5(2.14076.1). Known Fixed Releases: 12.0(0.98000.641) 12.0(0.98000.500) 12.0(0.98000.219). 2017-03-17 4.3 CVE-2017-3872
BID(link is external)
CONFIRM(link is external)
cisco -- unified_communications_manager A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web interface of the affected software. More Information: CSCvb70021. Known Affected Releases: 11.5(1.11007.2). 2017-03-17 4.3 CVE-2017-3877
BID(link is external)
CONFIRM(link is external)
cisco -- unified_computing_system_director A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc44344. Known Affected Releases: 6.0(0.0). 2017-03-17 4.3 CVE-2017-3868
BID(link is external)
CONFIRM(link is external)
cisco -- web_security_appliance A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010. 2017-03-17 5.0 CVE-2017-3870
BID(link is external)
CONFIRM(link is external)
cisco -- webex_meetings_server An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.2054. 2017-03-17 4.0 CVE-2017-3811
BID(link is external)
CONFIRM(link is external)
cisco -- webex_meetings_server An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge. 2017-03-17 6.4 CVE-2017-3880
BID(link is external)
CONFIRM(link is external)
cloudflare-scrape_project -- cloudflare-scrape An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. This is fixed in 1.8.0. 2017-03-23 6.8 CVE-2017-7235
CONFIRM(link is external)
CONFIRM(link is external)
d-link -- dir-600m_firmware CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact. 2017-03-22 6.8 CVE-2017-5874
CONFIRM(link is external)
BID(link is external)
debian -- debian_linux The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. 2017-03-23 4.3 CVE-2016-9556
SUSE
DEBIAN
MLIST(link is external)
MLIST(link is external)
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
deluge -- deluge CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin. 2017-03-18 6.8 CVE-2017-7178
CONFIRM
MISC
MISC
MISC
BID(link is external)
CONFIRM
fedoraproject -- fedora Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow. 2017-03-17 4.3 CVE-2015-4645
FEDORA
FEDORA
BID(link is external)
CONFIRM(link is external)
MISC(link is external)
GENTOO
ffmpeg -- ffmpeg Libavcodec in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code. 2017-03-20 6.8 CVE-2012-5361
BID(link is external)
XF(link is external)
MS(link is external)
CONFIRM
gamepanelx -- gamepanelx-v3 A Cross-Site Scripting (XSS) was discovered in GamePanelX-V3 3.0.12. The vulnerability exists due to insufficient filtration of user-supplied data (a) passed to the "GamePanelX-V3-master/ajax/ajax.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-21 4.3 CVE-2017-7205
BID(link is external)
CONFIRM(link is external)
get-simple -- getsimple_cms GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3) data/other/authorization.xml, or (4) data/other/appid.xml. 2017-03-17 5.0 CVE-2014-8722
MISC(link is external)
MISC(link is external)
get-simple -- getsimple_cms GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message. 2017-03-17 5.0 CVE-2014-8723
MISC(link is external)
MISC(link is external)
git_project -- git contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution. 2017-03-19 6.8 CVE-2014-9938
CONFIRM(link is external)
MISC(link is external)
gnu -- binutils readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. 2017-03-17 4.3 CVE-2017-6965
CONFIRM
gnu -- binutils readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. 2017-03-17 4.3 CVE-2017-6966
CONFIRM
gnu -- binutils readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well. 2017-03-17 6.4 CVE-2017-6969
CONFIRM
gnu -- binutils The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. 2017-03-21 4.3 CVE-2017-7209
BID(link is external)
CONFIRM
gnu -- binutils objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. 2017-03-21 4.3 CVE-2017-7210
BID(link is external)
CONFIRM
gnu -- binutils GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. 2017-03-22 5.0 CVE-2017-7223
CONFIRM
gnu -- binutils The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. 2017-03-22 4.3 CVE-2017-7224
CONFIRM
gnu -- binutils The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. 2017-03-22 5.0 CVE-2017-7225
CONFIRM
gnu -- binutils The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. 2017-03-22 6.4 CVE-2017-7226
CONFIRM
gnu -- binutils GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l. 2017-03-22 5.0 CVE-2017-7227
CONFIRM
gnu -- glibc Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. 2017-03-20 6.8 CVE-2015-8983
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM
MLIST
gnu -- glibc The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read. 2017-03-20 4.3 CVE-2015-8984
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM
MLIST
gnu -- glibc The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. 2017-03-20 4.3 CVE-2015-8985
MLIST(link is external)
BID(link is external)
CONFIRM
google -- android The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140. 2017-03-20 6.9 CVE-2016-5857
SECTRACK(link is external)
MISC(link is external)
huawei -- document_security_management The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button. 2017-03-20 4.0 CVE-2016-2406
CONFIRM(link is external)
ibm -- algo_one IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference #: 1999754. 2017-03-20 4.0 CVE-2017-1155
CONFIRM(link is external)
BID(link is external)
ibm -- rational_rhapsody_design_manager IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an authenticated user to upload infected malicious files to the server. IBM Reference #: 1999960. 2017-03-20 4.0 CVE-2016-8973
CONFIRM(link is external)
BID(link is external)
ibm -- websphere_application_server IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293. 2017-03-20 6.8 CVE-2017-1151
CONFIRM(link is external)
BID(link is external)
imagemagick -- imagemagick Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. 2017-03-22 6.8 CVE-2014-9832
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. 2017-03-22 6.8 CVE-2014-9833
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. 2017-03-22 6.8 CVE-2014-9834
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. 2017-03-22 6.8 CVE-2014-9835
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. 2017-03-22 4.3 CVE-2014-9836
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). 2017-03-22 4.3 CVE-2014-9838
MLIST(link is external)
imagemagick -- imagemagick magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). 2017-03-22 5.0 CVE-2014-9839
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. 2017-03-22 4.3 CVE-2014-9840
MLIST(link is external)
MLIST(link is external)
imagemagick -- imagemagick Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. 2017-03-17 4.3 CVE-2014-9853
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." 2017-03-17 5.0 CVE-2014-9854
CONFIRM
SUSE
SUSE
SUSE
SUSE
MLIST(link is external)
UBUNTU(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile. 2017-03-23 4.3 CVE-2014-9915
MLIST(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file. 2017-03-23 4.3 CVE-2016-10046
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. 2017-03-23 6.8 CVE-2016-10049
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
MISC
imagemagick -- imagemagick Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10052
SUSE
SUSE
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. 2017-03-23 4.3 CVE-2016-10053
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10054
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10055
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10056
MLIST(link is external)
BID(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10057
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file. 2017-03-23 6.8 CVE-2016-10059
SUSE
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imdbphp_project -- imdbphp A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data (name) passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-21 4.3 CVE-2017-7204
BID(link is external)
CONFIRM(link is external)
jasper_project -- jasper The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. 2017-03-23 4.3 CVE-2016-8885
MLIST(link is external)
MLIST(link is external)
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
FEDORA
FEDORA
juniper -- junos_space Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. 2017-03-20 6.8 CVE-2016-4927
BID(link is external)
CONFIRM(link is external)
juniper -- junos_space Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. 2017-03-20 6.8 CVE-2016-4928
BID(link is external)
CONFIRM(link is external)
juniper -- junos_space Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions. 2017-03-20 4.3 CVE-2016-4930
BID(link is external)
CONFIRM(link is external)
juniper -- junos_space XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. 2017-03-20 4.0 CVE-2016-4931
BID(link is external)
CONFIRM(link is external)
libav -- libav The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. 2017-03-21 5.8 CVE-2017-7206
BID(link is external)
CONFIRM
libav -- libav The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. 2017-03-21 5.8 CVE-2017-7208
BID(link is external)
CONFIRM
libtiff -- libtiff LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. 2017-03-17 4.3 CVE-2015-7313
MLIST
BID(link is external)
CONFIRM(link is external)
GENTOO
mantisbt -- mantisbt A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. This requires privileged access to MantisBT configuration management pages (i.e., administrator access rights) or altering the system configuration file (config_inc.php). 2017-03-22 4.3 CVE-2017-7222
CONFIRM(link is external)
CONFIRM
mantisbt -- mantisbt_source_integration_plugin An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter. 2017-03-17 4.3 CVE-2017-6958
CONFIRM(link is external)
meteocontrol -- weblog A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function. 2017-03-21 6.8 CVE-2016-4504
MISC
misp -- misp Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4.69 allows remote attackers to inject arbitrary web script or HTML. 2017-03-21 4.3 CVE-2017-7215
MISC(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
mobatek -- mobaxterm Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET command. 2017-03-20 5.0 CVE-2017-6805
MISC
MISC(link is external)
FULLDISC
BID(link is external)
EXPLOIT-DB(link is external)
netiq -- access_manager The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users. 2017-03-23 6.5 CVE-2016-5750
CONFIRM(link is external)
netiq -- access_manager An unfiltered finalizer target URL in the SAML processing feature in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 could be used to trigger XSS and leak authentication credentials. 2017-03-23 4.3 CVE-2016-5751
CONFIRM(link is external)
netiq -- access_manager The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester. 2017-03-23 5.0 CVE-2016-5752
CONFIRM(link is external)
netiq -- access_manager Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2. 2017-03-23 5.0 CVE-2016-5754
CONFIRM(link is external)
netiq -- access_manager NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the "high encryption" setting. 2017-03-23 4.3 CVE-2016-5755
CONFIRM(link is external)
netiq -- access_manager Multiple components of the web tools in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 were vulnerable to Reflected Cross Site Scripting attacks which could be used to hijack user sessions: nps/servlet/frameservice, nps/servlet/webacc, roma/admin/cntl, roma/jsp/admin/appliance/devicedetail_edit.jsp, roma/jsp/admin/managementip/mgmt_ip_details_frameset.jsp, roma/jsp/admin/managementip/mgmt_ip_details_middleframe.jsp, roma/jsp/volsc/monitoring/appliance.jsp, and roma/jsp/volsc/monitoring/graph.jsp. 2017-03-23 4.3 CVE-2016-5756
CONFIRM(link is external)
netiq -- access_manager A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be circumvented by repeated uploads causing a high load. 2017-03-23 6.8 CVE-2016-5758
BID(link is external)
CONFIRM(link is external)
novell -- groupwise A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise before 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote attacker to execute JavaScript in the context of a valid user's browser session by getting the user to click on a specially crafted link. This could lead to session compromise or other browser-based attacks. 2017-03-23 4.3 CVE-2016-9169
CONFIRM(link is external)
novell -- leap saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. 2017-03-20 5.0 CVE-2017-6318
MLIST
MLIST
SUSE
BID(link is external)
CONFIRM
MLIST
opendaylight -- l2switch hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." 2017-03-20 5.0 CVE-2015-1610
MISC
BID(link is external)
CONFIRM
openinfosecfoundation -- suricata Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. 2017-03-18 5.0 CVE-2017-7177
BID(link is external)
CONFIRM(link is external)
CONFIRM
openstack -- nova An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens. 2017-03-21 5.0 CVE-2017-7214
BID(link is external)
CONFIRM(link is external)
opensuse_project -- leap Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. 2017-03-23 5.0 CVE-2016-10048
SUSE
SUSE
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
opensuse_project -- leap Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. 2017-03-23 6.8 CVE-2016-10050
SUSE
SUSE
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
opensuse_project -- leap Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. 2017-03-23 6.8 CVE-2016-10051
SUSE
SUSE
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM
palo_alto_networks -- terminal_services_agent Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors. 2017-03-20 5.0 CVE-2017-6356
CONFIRM(link is external)
BID(link is external)
pcre -- pcre libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. 2017-03-19 5.0 CVE-2017-7186
BID(link is external)
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
pluck-cms -- pluck Pluck CMS 4.7.2 allows remote attackers to obtain sensitive information by (1) changing "PHPSESSIS" to an array; (2) adding non-aplhanumeric chars to "PHPSESSID"; (3) changing the image parameter to array; or (4) changing the image parameter to a string, which reveals the installation path in an error message. 2017-03-17 5.0 CVE-2014-8706
MISC(link is external)
MISC(link is external)
pluck-cms -- pluck Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 allows remote authenticated users to inject arbitrary web script or HTML via the "edit HTML source" option. 2017-03-17 4.0 CVE-2014-8707
MISC(link is external)
MISC(link is external)
qdpm -- qdpm Information disclosure issue in qdPM 8.3 allows remote attackers to obtain sensitive information via a direct request to (1) core/config/databases.yml, (2) core/log/qdPM_prod.log, or (3) core/apps/qdPM/config/settings.yml. 2017-03-17 5.0 CVE-2015-3881
MISC(link is external)
MISC(link is external)
qdpm -- qdpm qdPM 8.3 allows remote attackers to obtain sensitive information via invalid ID value to index.php/users/info/id/[ID], which reveals the installation path in an error message. 2017-03-17 5.0 CVE-2015-3882
MISC(link is external)
MISC(link is external)
qdpm -- qdpm Multiple cross-site scripting (XSS) vulnerabilities in qdPM 8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) search[keywords] parameter to index.php/users page; the (2) "Name of application" on index.php/configuration; (3) a new project name on index.php/projects; (4) the task name on index.php/tasks; (5) ticket name on index.php/tickets; (6) discussion name on index.php/discussions; (7) report name on index.php/projectReports; or (8) event name on index.php/scheduler/personal. 2017-03-17 4.3 CVE-2015-3883
MISC(link is external)
MISC(link is external)
qemu -- qemu Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping. 2017-03-20 5.0 CVE-2017-6058
CONFIRM
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
MLIST
sitecore -- experience_platform Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2. 2017-03-19 4.3 CVE-2016-8855
MISC(link is external)
EXPLOIT-DB(link is external)
slims -- slims7_cendana Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana before 2017-03-16. The vulnerabilities exist due to insufficient filtration of user-supplied data (id) passed to the 'slims7_cendana-master/template/default/detail_template.php' and 'slims7_cendana-master/template/default-rtl/detail_template.php' URLs. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-21 4.3 CVE-2017-7202
BID(link is external)
CONFIRM(link is external)
solarwinds -- ftp_voyager Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) FTP Voyager 16.2.0 allow remote attackers to hijack the authentication of users for requests that (1) change the admin password, (2) terminate the scheduler, or (3) possibly execute arbitrary commands via crafted requests to Admin/XML/Result.xml. 2017-03-20 6.8 CVE-2017-6803
MISC
MISC(link is external)
BID(link is external)
EXPLOIT-DB(link is external)
teleogistic -- invite_anyone_plugin An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immutable, which facilitates a social engineering attack. 2017-03-17 5.0 CVE-2017-6955
BID(link is external)
CONFIRM(link is external)
CONFIRM
typo3 -- typo3 TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields. 2017-03-17 5.0 CVE-2017-6370
MISC(link is external)
usbpcap_project -- usbpcap The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference. 2017-03-20 4.6 CVE-2017-6178
MISC(link is external)
BID(link is external)
EXPLOIT-DB(link is external)
virglrenderer_project -- virglrenderer Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. 2017-03-20 4.9 CVE-2016-10214
MLIST(link is external)
BID(link is external)
CONFIRM
MLIST
wondercms -- wondercms Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password. 2017-03-17 5.0 CVE-2014-8701
MISC(link is external)
MISC(link is external)
wondercms -- wondercms Wonder CMS 2014 allows remote attackers to obtain sensitive information by logging into the application with an array for the password, which reveals the installation path in an error message. 2017-03-17 5.0 CVE-2014-8702
MISC(link is external)
MISC(link is external)
wondercms -- wondercms Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows remote attackers to inject arbitrary web script or HTML. 2017-03-17 4.3 CVE-2014-8703
MISC(link is external)
MISC(link is external)
zoneminder -- zoneminder A Cross-Site Scripting (XSS) was discovered in ZoneMinder 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data (postLoginQuery) passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-21 4.3 CVE-2017-7203
BID(link is external)
CONFIRM(link is external)
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
cisco -- unified_communications_manager A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. More Information: CSCvb70033. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.507) 11.0(1.23900.5) 11.0(1.23900.3) 10.5(2.15900.2). 2017-03-17 3.5 CVE-2017-3874
BID(link is external)
CONFIRM(link is external)
ibm -- content_navigator IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999736. 2017-03-20 3.5 CVE-2017-1146
CONFIRM(link is external)
BID(link is external)
ibm -- rational_collaborative_lifecycle_management An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965. 2017-03-20 2.1 CVE-2016-2981
CONFIRM(link is external)
MISC(link is external)
ibm -- rational_rhapsody_design_manager IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999960. 2017-03-20 3.5 CVE-2016-9694
CONFIRM(link is external)
BID(link is external)
ibm -- rational_rhapsody_design_manager IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Reference #: 1999960. 2017-03-20 3.5 CVE-2016-9696
CONFIRM(link is external)
BID(link is external)
ibm -- rational_rhapsody_design_manager An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference #: 1999960. 2017-03-20 2.1 CVE-2016-9697
CONFIRM(link is external)
BID(link is external)
netiq -- access_manager External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local files to logged-in users. 2017-03-23 2.1 CVE-2016-5748
CONFIRM(link is external)
netiq -- access_manager NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack. 2017-03-23 2.1 CVE-2016-5749
CONFIRM(link is external)
opensuse_project -- leap The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. 2017-03-20 3.5 CVE-2017-5930
SUSE
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
qemu -- qemu The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer. 2017-03-20 2.1 CVE-2017-5987
CONFIRM
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
MLIST
virglrenderer_project -- virglrenderer The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index. 2017-03-20 2.1 CVE-2017-5956
MLIST(link is external)
BID(link is external)
CONFIRM
MLIST
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
alcatel-lucent -- motive_home_device_manager
 
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2) policyActionClass or (3) policyActionName parameter to PolicyAction/findPolicyActions.do; the deviceID parameter to (4) SingleDeviceMgmt/getDevice.do or (5) device/editDevice.do; the operation parameter to (6) ajax.do or (7) xmlHttp.do; or the (8) policyAction, (9) policyClass, or (10) policyName parameter to policy/findPolicies.do. 2017-03-23 not yet calculated CVE-2015-8687
FULLDISC
alienvault -- alienvault
 
Unspecified vulnerability in AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 has unknown impact and attack vectors, aka AlienVault ID ENG-104945. This is different from CVE-2017-6970 and CVE-2017-6971, and less directly relevant. (Additional details are expected to be released in a new public reference.) 2017-03-22 not yet calculated CVE-2017-6972
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
alienvault -- alienvault
 
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. 2017-03-22 not yet calculated CVE-2017-6971
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
alienvault -- alienvault
 
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863. 2017-03-22 not yet calculated CVE-2017-6970
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
amd -- amd_ryzen_processor
 
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. 2017-03-24 not yet calculated CVE-2017-7262
MISC
MISC
MISC(link is external)
MISC(link is external)
apache -- apache_poi
 
Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack. 2017-03-24 not yet calculated CVE-2017-5644
CONFIRM
apngdis -- apngdis
 
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. 2017-03-23 not yet calculated CVE-2017-6191
BID(link is external)
EXPLOIT-DB(link is external)
MISC(link is external)
apparmor -- apparmor
 
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic. 2017-03-24 not yet calculated CVE-2017-6507
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
artifex_software -- mujs
 
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. 2017-03-24 not yet calculated CVE-2016-10132
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
CONFIRM(link is external)
FEDORA
artifex_software -- mujs
 
Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions. 2017-03-24 not yet calculated CVE-2016-10133
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
CONFIRM(link is external)
FEDORA
avast -- security_products
 
Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. 2017-03-21 not yet calculated CVE-2017-5567
MISC(link is external)
MISC(link is external)
BID(link is external)
avg -- security_products
 
Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. 2017-03-21 not yet calculated CVE-2017-5566
MISC(link is external)
MISC(link is external)
BID(link is external)
avira -- security_products
 
Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. 2017-03-21 not yet calculated CVE-2017-6417
MISC(link is external)
MISC(link is external)
BID(link is external)
bitdefender -- security_products
 
Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. 2017-03-21 not yet calculated CVE-2017-6186
MISC(link is external)
MISC(link is external)
BID(link is external)
cisco -- ios_ios_xe_software A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893. 2017-03-17 not yet calculated CVE-2017-3881
BID(link is external)
CONFIRM(link is external)
cisco -- ios_ios_xe_software
 
A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: (1) the device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured); and (2) the device must have a reachable IPv6 interface. An exploit could allow the attacker to cause the affected device to reload. Cisco Bug IDs: CSCvc42729. 2017-03-21 not yet calculated CVE-2017-3850
BID(link is external)
CONFIRM(link is external)
cisco -- ios_ios_xe_software
 
A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and using a specific DHCP client configuration. Cisco Bug IDs: CSCuu43892. 2017-03-22 not yet calculated CVE-2017-3864
BID(link is external)
CONFIRM(link is external)
cisco -- ios_ios_xe_software
 
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078. 2017-03-22 not yet calculated CVE-2017-3857
BID(link is external)
CONFIRM(link is external)
cisco -- ios_ios_xe_software
 
A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717. 2017-03-21 not yet calculated CVE-2017-3849
BID(link is external)
CONFIRM(link is external)
cisco -- ios_xe_software
 
A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco ASR 920 Series Aggregation Services Routers that are running an affected release of Cisco IOS XE Software (3.13 through 3.18) and are listening on the DHCP server port. By default, the devices do not listen on the DHCP server port. Cisco Bug IDs: CSCuy56385. 2017-03-22 not yet calculated CVE-2017-3859
BID(link is external)
CONFIRM(link is external)
cisco -- ios_xe_software
 
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353. 2017-03-22 not yet calculated CVE-2017-3856
BID(link is external)
CONFIRM(link is external)
cisco -- ios_xe_software
 
A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected web page parameter. The user must be authenticated to access the affected parameter. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects Cisco devices running Cisco IOS XE Software Release 16.2.1, if the HTTP Server feature is enabled for the device. The newly redesigned, web-based administration interface was introduced in the Denali 16.2 Release of Cisco IOS XE Software. The web-based administration interface in earlier releases of Cisco IOS XE Software is not affected by this vulnerability. Cisco Bug IDs: CSCuy83069. 2017-03-22 not yet calculated CVE-2017-3858
BID(link is external)
CONFIRM(link is external)
cisco -- iox_software A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52317. 2017-03-22 not yet calculated CVE-2017-3852
BID(link is external)
CONFIRM(link is external)
cisco -- iox_software
 
A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted requests to the CAF web interface. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52302. 2017-03-22 not yet calculated CVE-2017-3851
BID(link is external)
CONFIRM(link is external)
cisco -- iox_software
 
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. This vulnerability affects the following Cisco 800 Series Industrial Integrated Services Routers: Cisco IR809 and Cisco IR829. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52330. 2017-03-22 not yet calculated CVE-2017-3853
BID(link is external)
CONFIRM(link is external)
cloudera -- cloudera
 
Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x before 5.2.5, and 5.3.x before 5.3.3 uses global read permissions for files in its configuration directory when starting YARN NodeManager, which allows local users to obtain sensitive information by reading the files, as demonstrated by yarn.keytab or ssl-server.xml in /var/run/cloudera-scm-agent/process. 2017-03-23 not yet calculated CVE-2015-2263
CONFIRM(link is external)
cloudera -- cloudera
 
Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command. 2017-03-23 not yet calculated CVE-2014-0229
CONFIRM(link is external)
cloudera -- cloudera
 
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key. 2017-03-23 not yet calculated CVE-2015-4166
CONFIRM(link is external)
cloudera -- cloudera
 
The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs. 2017-03-23 not yet calculated CVE-2013-6446
CONFIRM(link is external)
cloudera -- cloudera
 
Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). 2017-03-23 not yet calculated CVE-2015-4078
CONFIRM(link is external)
cms_made_simple -- cms_made_simple
 
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack. 2017-03-24 not yet calculated CVE-2017-7255
MISC(link is external)
cms_made_simple -- cms_made_simple
 
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack. 2017-03-24 not yet calculated CVE-2017-7256
MISC(link is external)
cms_made_simple -- cms_made_simple
 
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. Someone must login to conduct the attack. 2017-03-24 not yet calculated CVE-2017-7257
MISC(link is external)
debian -- ubuntu
 
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory. 2017-03-23 not yet calculated CVE-2016-9774
DEBIAN
DEBIAN
MLIST(link is external)
MLIST(link is external)
BID(link is external)
UBUNTU(link is external)
UBUNTU(link is external)
CONFIRM
debian -- ubuntu
 
The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to gain root privileges via a setgid program in the Catalina directory, as demonstrated by /etc/tomcat8/Catalina/attack. 2017-03-23 not yet calculated CVE-2016-9775
DEBIAN
DEBIAN
MLIST(link is external)
MLIST(link is external)
BID(link is external)
UBUNTU(link is external)
UBUNTU(link is external)
CONFIRM
disk_sorter -- disk_sorter_enterprise
 
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request. 2017-03-22 not yet calculated CVE-2017-7230
EXPLOIT-DB(link is external)
eclipse_iot -- eclipse_iot
 
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. 2017-03-24 not yet calculated CVE-2017-7243
MISC(link is external)
MISC(link is external)
elfutils -- elfutils
 
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure. 2017-03-23 not yet calculated CVE-2016-10255
MLIST(link is external)
MISC
CONFIRM(link is external)
MLIST
elfutils -- elfutils
 
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. 2017-03-23 not yet calculated CVE-2016-10254
MLIST(link is external)
MISC
MLIST
emc -- emc_recoverpoint
 
EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. 2017-03-21 not yet calculated CVE-2016-6650
CONFIRM(link is external)
BID(link is external)
eyesofnetwork -- eyesofnetwork
 
EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php. 2017-03-24 not yet calculated CVE-2017-6087
MLIST(link is external)
CONFIRM(link is external)
f5 -- big-ip
 
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. 2017-03-23 not yet calculated CVE-2016-7468
CONFIRM(link is external)
firebird -- firebird
 
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. 2017-03-24 not yet calculated CVE-2017-6369
CONFIRM
firejail -- firejail Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. 2017-03-23 not yet calculated CVE-2017-5207
MLIST(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
GENTOO
firejail -- firejail
 
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument. 2017-03-23 not yet calculated CVE-2017-5206
MLIST(link is external)
MISC(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
GENTOO
gazelle -- gazelle
 
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazelle-master/sections/tools/managers/multiple_freeleech.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-23 not yet calculated CVE-2017-7247
CONFIRM(link is external)
CONFIRM(link is external)
gazelle -- gazelle
 
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (action, userid) passed to the 'Gazelle-master/sections/tools/data/ocelot_info.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-23 not yet calculated CVE-2017-7249
CONFIRM(link is external)
CONFIRM(link is external)
gazelle -- gazelle
 
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (type) passed to the 'Gazelle-master/sections/better/transcode.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-23 not yet calculated CVE-2017-7248
CONFIRM(link is external)
CONFIRM(link is external)
gazelle -- gazelle
 
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (action) passed to the 'Gazelle-master/sections/tools/finances/bitcoin_balance.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-23 not yet calculated CVE-2017-7250
CONFIRM(link is external)
CONFIRM(link is external)
gentoo -- qemu
 
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. 2017-03-24 not yet calculated CVE-2015-8556
MISC(link is external)
GENTOO
EXPLOIT-DB(link is external)
gnutls -- gnutls
 
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. 2017-03-24 not yet calculated CVE-2017-5334
SUSE
MLIST(link is external)
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
CONFIRM(link is external)
CONFIRM
GENTOO
gnutls -- gnutls
 
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. 2017-03-24 not yet calculated CVE-2017-5336
SUSE
MLIST(link is external)
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
MISC
CONFIRM(link is external)
CONFIRM
GENTOO
gnutls -- gnutls
 
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. 2017-03-24 not yet calculated CVE-2017-5337
SUSE
MLIST(link is external)
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
MISC
MISC
CONFIRM(link is external)
CONFIRM
GENTOO
gnutls -- gnutls
 
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. 2017-03-24 not yet calculated CVE-2017-5335
SUSE
MLIST(link is external)
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
MISC
CONFIRM(link is external)
CONFIRM
GENTOO
huawei -- ar3200_routers
 
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. 2017-03-24 not yet calculated CVE-2016-6206
CONFIRM(link is external)
BID(link is external)
huawei -- p8_smartphones
 
The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows remote attackers to cause a denial of service (crash) via a crafted application. 2017-03-24 not yet calculated CVE-2015-8678
CONFIRM(link is external)
imagemagick -- imagemagick
 
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors. 2017-03-24 not yet calculated CVE-2016-10146
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick
 
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. 2017-03-24 not yet calculated CVE-2016-10145
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick
 
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. 2017-03-24 not yet calculated CVE-2016-10144
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
imagemagick -- imagemagick
 
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. 2017-03-24 not yet calculated CVE-2017-5509
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick
 
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. 2017-03-24 not yet calculated CVE-2017-5506
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick
 
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. 2017-03-24 not yet calculated CVE-2017-5511
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick
 
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. 2017-03-24 not yet calculated CVE-2017-5508
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM
imagemagick -- imagemagick
 
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. 2017-03-24 not yet calculated CVE-2017-5507
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
imagemagick -- imagemagick
 
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. 2017-03-24 not yet calculated CVE-2017-5510
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. 2017-03-23 not yet calculated CVE-2016-9393
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). 2017-03-23 not yet calculated CVE-2016-8887
MLIST(link is external)
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
FEDORA
FEDORA
jasper -- jasper The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. 2017-03-23 not yet calculated CVE-2016-9394
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. 2017-03-23 not yet calculated CVE-2016-9397
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
jasper -- jasper
 
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. 2017-03-23 not yet calculated CVE-2016-9398
SUSE
SUSE
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
jasper -- jasper
 
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. 2017-03-23 not yet calculated CVE-2016-9399
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
jasper -- jasper
 
Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. 2017-03-23 not yet calculated CVE-2016-9557
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure. 2017-03-23 not yet calculated CVE-2016-9387
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. 2017-03-23 not yet calculated CVE-2016-9388
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure. 2017-03-23 not yet calculated CVE-2016-8886
MLIST(link is external)
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
FEDORA
FEDORA
jasper -- jasper
 
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer. 2017-03-23 not yet calculated CVE-2016-9391
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. 2017-03-23 not yet calculated CVE-2016-9390
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure). 2017-03-23 not yet calculated CVE-2016-9389
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. 2017-03-23 not yet calculated CVE-2016-9395
SUSE
SUSE
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
The JPC_NOMINALGAIN function in jpc_t1cod.c in JasPer before 1.900.12 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. 2017-03-23 not yet calculated CVE-2016-9396
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
jasper -- jasper
 
The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. 2017-03-23 not yet calculated CVE-2016-9392
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
jasper -- jasper
 
Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. 2017-03-23 not yet calculated CVE-2016-9262
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
joomla -- kunena_extension
 
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php, crypsis/layouts/message/item/bottom/default.php, crypsisb3/layouts/message/item/default.php, crypsisb3/layouts/message/item/top/default.php, and crypsisb3/layouts/message/item/bottom/default.php. This is fixed in 5.0.5. 2017-03-22 not yet calculated CVE-2017-5673
MISC(link is external)
konke -- smart_plug_k
 
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23. 2017-03-23 not yet calculated CVE-2014-7279
EXPLOIT-DB(link is external)
libdwarf -- libdwarf
 
The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read). 2017-03-23 not yet calculated CVE-2016-9276
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
libdwarf -- libdwarf
 
Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read). 2017-03-23 not yet calculated CVE-2016-9275
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
CONFIRM(link is external)
libgit2 -- libgit2 The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable. 2017-03-24 not yet calculated CVE-2016-10130
SUSE
SUSE
SUSE
MLIST(link is external)
MLIST(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
libgit2 -- libgit2 The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line. 2017-03-24 not yet calculated CVE-2016-10129
SUSE
SUSE
SUSE
MLIST(link is external)
MLIST(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
libgit2 -- libgit2
 
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet. 2017-03-24 not yet calculated CVE-2016-10128
SUSE
SUSE
SUSE
MLIST(link is external)
MLIST(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
libming -- libming
 
Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. 2017-03-23 not yet calculated CVE-2016-9264
MLIST(link is external)
BID(link is external)
MISC
libming -- libming
 
listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift. 2017-03-23 not yet calculated CVE-2016-9266
MLIST(link is external)
BID(link is external)
MISC
libming -- libming
 
The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. 2017-03-23 not yet calculated CVE-2016-9265
MLIST(link is external)
BID(link is external)
MISC
libtiff -- libtiff
 
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. 2017-03-24 not yet calculated CVE-2016-10271
MISC
MISC(link is external)
libtiff -- libtiff
 
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. 2017-03-24 not yet calculated CVE-2016-10270
MISC
MISC(link is external)
libtiff -- libtiff
 
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. 2017-03-24 not yet calculated CVE-2016-10269
MISC
MISC(link is external)
libtiff -- libtiff
 
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23. 2017-03-24 not yet calculated CVE-2016-10268
MISC
MISC(link is external)
libtiff -- libtiff
 
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. 2017-03-24 not yet calculated CVE-2016-10272
MISC
MISC(link is external)
libtiff -- libtiff
 
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. 2017-03-24 not yet calculated CVE-2016-10266
MISC
MISC(link is external)
libtiff -- libtiff
 
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. 2017-03-24 not yet calculated CVE-2016-10267
MISC
MISC(link is external)
libwmf -- libwmf
 
The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. 2017-03-23 not yet calculated CVE-2016-9011
MLIST(link is external)
BID(link is external)
MISC
CONFIRM(link is external)
linux -- linux_kernel
 
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device. 2017-03-24 not yet calculated CVE-2017-7261
MISC(link is external)
MISC(link is external)
MISC
linux -- linux_kernel
 
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. 2017-03-23 not yet calculated CVE-2017-5897
MLIST(link is external)
BID(link is external)
SECTRACK(link is external)
CONFIRM
linux -- linux_kernel
 
The linux-image-* package 4.8.0.41.52 for the Linux kernel on Ubuntu 16.10 allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017. 2017-03-19 not yet calculated CVE-2017-7184
MISC(link is external)
BID(link is external)
MISC(link is external)
MISC(link is external)
mediawiki -- mediawiki
 
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authenticated users to inject arbitrary web script or HTML via wikitext, as demonstrated by a wikilink to a page named "javascript:alert('XSS!')." 2017-03-23 not yet calculated CVE-2015-8622
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
mediawiki -- mediawiki
 
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant time before determining if a debugging message should be logged, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8623. 2017-03-23 not yet calculated CVE-2015-8624
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
mediawiki -- mediawiki
 
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed. 2017-03-23 not yet calculated CVE-2015-8627
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
mediawiki -- mediawiki
 
The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack. 2017-03-23 not yet calculated CVE-2015-8626
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
mediawiki -- mediawiki
 
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read arbitrary files via an @ (at sign) character in unspecified POST array parameters. 2017-03-23 not yet calculated CVE-2015-8625
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
mediawiki -- mediawiki
 
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624. 2017-03-23 not yet calculated CVE-2015-8623
MLIST(link is external)
MLIST(link is external)
CONFIRM
MLIST
CONFIRM
mediawiki -- mediawiki
 
The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics. 2017-03-23 not yet calculated CVE-2015-8628
MLIST(link is external)
MLIST(link is external)
MLIST
CONFIRM
microsoft -- skype
 
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process. 2017-03-23 not yet calculated CVE-2017-6517
MISC(link is external)
FULLDISC
BID(link is external)
CONFIRM(link is external)
MISC(link is external)
MISC(link is external)
miele_professional -- pg_8528_pst10
 
An issue was discovered on Miele Professional PG 8528 PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. 2017-03-24 not yet calculated CVE-2017-7240
MISC
minissdpd -- minissdpd
 
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling. 2017-03-24 not yet calculated CVE-2016-3179
MISC(link is external)
MLIST(link is external)
CONFIRM
CONFIRM(link is external)
minissdpd -- minissdpd
 
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value. 2017-03-24 not yet calculated CVE-2016-3178
MISC(link is external)
MLIST(link is external)
CONFIRM
CONFIRM(link is external)
netiq -- idm_servicenow_driver
 
An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 could expose cryptographic attributes to logged-in users. 2017-03-23 not yet calculated CVE-2016-1603
CONFIRM(link is external)
netiq -- novell_edirectory
 
NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL. 2017-03-23 not yet calculated CVE-2016-9167
CONFIRM(link is external)
netiq -- novell_edirectory
 
A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies. 2017-03-23 not yet calculated CVE-2016-5747
CONFIRM(link is external)
netiq -- novell_edirectory
 
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking. 2017-03-23 not yet calculated CVE-2016-9168
CONFIRM(link is external)
nuxeo -- nuxeo_platform
 
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header. 2017-03-24 not yet calculated CVE-2017-5869
MLIST(link is external)
openstack -- glance
 
An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service. 2017-03-21 not yet calculated CVE-2017-7200
BID(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM
pacemaker -- pacemaker
 
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. 2017-03-24 not yet calculated CVE-2016-7797
CONFIRM
SUSE
SUSE
SUSE
REDHAT(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM(link is external)
pcre -- pcre
 
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file. 2017-03-23 not yet calculated CVE-2017-7244
MISC
pcre -- pcre
 
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file. 2017-03-23 not yet calculated CVE-2017-7246
MISC
pcre -- pcre
 
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file. 2017-03-23 not yet calculated CVE-2017-7245
MISC
percona -- percona_xtrabackup
 
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394. 2017-03-23 not yet calculated CVE-2016-6225
SUSE
SUSE
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
FEDORA
FEDORA
CONFIRM(link is external)
phpmemcachedadmin -- phpmemcachedadmin
 
PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot. 2017-03-23 not yet calculated CVE-2014-8731
MISC(link is external)
BUGTRAQ(link is external)
BUGTRAQ(link is external)
BID(link is external)
XF(link is external)
pitivi -- pitivi
 
The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path. 2017-03-23 not yet calculated CVE-2015-0855
MLIST(link is external)
CONFIRM(link is external)
CONFIRM
plone -- plone
 
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method. 2017-03-23 not yet calculated CVE-2017-5524
MLIST(link is external)
BID(link is external)
CONFIRM
pngdefry -- pngdefry
 
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of the 'pngdefry.c' source file. 2017-03-22 not yet calculated CVE-2017-7231
BID(link is external)
MISC(link is external)
pysaml2  -- pysaml2 XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAMPL XML request or response. 2017-03-24 not yet calculated CVE-2016-10149
DEBIAN
MLIST(link is external)
CONFIRM
CONFIRM(link is external)
MISC(link is external)
CONFIRM(link is external)
qnap -- qnap_qts
 
QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file. 2017-03-23 not yet calculated CVE-2017-5227
BID(link is external)
SECTRACK(link is external)
MISC(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
qnap -- qnap_qts
 
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. 2017-03-23 not yet calculated CVE-2017-6359
SECTRACK(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
qnap -- qnap_qts
 
QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. 2017-03-23 not yet calculated CVE-2017-6361
SECTRACK(link is external)
CONFIRM(link is external)
qnap -- qnap_qts
 
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. 2017-03-23 not yet calculated CVE-2017-6360
SECTRACK(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
raspberry_pi -- pi_engine
 
A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data (preview) passed to the "pi-develop/www/script/editor/markitup/preview/markdown.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. 2017-03-23 not yet calculated CVE-2017-7251
CONFIRM(link is external)
samsung -- multiple_devices
 
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. 2017-03-23 not yet calculated CVE-2017-5538
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
BID(link is external)
samsung -- smart_tvs
 
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack. 2017-03-23 not yet calculated CVE-2015-5729
MISC(link is external)
MISC(link is external)
FULLDISC
BID(link is external)
SECTRACK(link is external)
SECTRACK(link is external)
sap_se -- sap
 
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616. 2017-03-23 not yet calculated CVE-2017-6950
BID(link is external)
MISC(link is external)
slims_7 -- slims_7_cendana
 
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.php, bibliography/item.php, bibliography/item_barcode_generator.php, bibliography/printed_card.php, circulation/loan_rules.php, master_file/author.php, master_file/coll_type.php, and master_file/doc_language.php and the quickReturnID field to circulation/ajax_action.php. 2017-03-23 not yet calculated CVE-2017-7242
MISC(link is external)
solarwinds -- lem
 
SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh. 2017-03-24 not yet calculated CVE-2017-5198
MISC(link is external)
solarwinds -- lem
 
The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl. 2017-03-24 not yet calculated CVE-2017-5199
MISC(link is external)
suse -- suse_linux
 
A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root). 2017-03-23 not yet calculated CVE-2016-1602
CONFIRM(link is external)
tenable -- nessus
 
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue. 2017-03-23 not yet calculated CVE-2017-7199
CONFIRM(link is external)
trend_micro -- security_products
 
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. 2017-03-21 not yet calculated CVE-2017-5565
MISC(link is external)
MISC(link is external)
BID(link is external)
uclibc-ng -- uclibc-ng
 
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet. 2017-03-24 not yet calculated CVE-2016-2225
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
uclibc-ng -- uclibc-ng
 
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply. 2017-03-24 not yet calculated CVE-2016-2224
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
BID(link is external)
CONFIRM
usb_pratirodh -- usb_pratirodh
 
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack. 2017-03-23 not yet calculated CVE-2017-6911
MISC(link is external)
FULLDISC
BUGTRAQ(link is external)
BID(link is external)
usb_pratirodh -- usb_pratirodh
 
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml. 2017-03-23 not yet calculated CVE-2017-6895
MISC(link is external)
FULLDISC
BID(link is external)
MISC

 

- 출처/원문확인하기: [US-CERT: Bulletin(SB17-086)] 2017년 3월 20일까지 발표된 보안 취약점