The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| allwinnertech -- linux-3.4-sunxi | The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. | 2017-03-27 | 7.2 | CVE-2016-10225 MLIST MLIST BID CONFIRM MISC MISC |
| apache -- camel | Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks. | 2017-03-28 | 7.5 | CVE-2016-8749 CONFIRM BID |
| apache -- poi | Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack. | 2017-03-24 | 7.1 | CVE-2017-5644 CONFIRM BID |
| artifex -- mujs | Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions. | 2017-03-24 | 7.5 | CVE-2016-10133 CONFIRM MLIST MLIST CONFIRM FEDORA |
| eviewgps -- ev-07s_gps_tracker_firmware | Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!" | 2017-03-27 | 7.8 | CVE-2017-5237 BID MISC |
| gnu -- gnutls | Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. | 2017-03-24 | 7.5 | CVE-2017-5334 SUSE MLIST MLIST BID SECTRACK CONFIRM CONFIRM GENTOO |
| gnu -- gnutls | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | 2017-03-24 | 7.5 | CVE-2017-5336 SUSE MLIST MLIST BID SECTRACK MISC CONFIRM CONFIRM GENTOO |
| gnu -- gnutls | Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. | 2017-03-24 | 7.5 | CVE-2017-5337 SUSE MLIST MLIST BID SECTRACK MISC MISC CONFIRM CONFIRM GENTOO |
| hesiod_project -- hesiod | The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache. | 2017-03-28 | 10.0 | CVE-2016-10152 MLIST BID CONFIRM CONFIRM |
| huawei -- ar3200_firmware | Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. | 2017-03-24 | 10.0 | CVE-2016-6206 CONFIRM BID |
| huawei -- mate_s_firmware | The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows remote attackers to cause a denial of service (crash) via a crafted application. | 2017-03-24 | 7.1 | CVE-2015-8678 CONFIRM |
| imagemagick -- imagemagick | coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. | 2017-03-24 | 7.5 | CVE-2016-10144 MLIST MLIST BID CONFIRM CONFIRM |
| imagemagick -- imagemagick | Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. | 2017-03-24 | 7.5 | CVE-2016-10145 MLIST MLIST BID CONFIRM CONFIRM |
| imagemagick -- imagemagick | Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 2017-03-24 | 7.8 | CVE-2016-10146 MLIST MLIST BID CONFIRM CONFIRM |
| imagemagick -- imagemagick | Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | 2017-03-24 | 7.8 | CVE-2017-5507 MLIST MLIST BID CONFIRM CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | 2017-03-24 | 7.5 | CVE-2017-5511 MLIST MLIST BID CONFIRM CONFIRM CONFIRM CONFIRM |
| intelliants -- subrion_cms | Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter. | 2017-03-26 | 7.5 | CVE-2017-6013 BID MISC |
| irssi -- irssi | The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. | 2017-03-27 | 7.5 | CVE-2017-7191 BID CONFIRM CONFIRM |
| libgit2_project -- libgit2 | Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet. | 2017-03-24 | 7.5 | CVE-2016-10128 SUSE SUSE SUSE MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| linux -- linux_kernel | The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device. | 2017-03-28 | 7.2 | CVE-2017-7294 BID MISC MISC |
| linux -- linux_kernel | The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls. | 2017-03-29 | 7.2 | CVE-2017-7308 BID CONFIRM |
| microsoft -- iis | Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. | 2017-03-26 | 10.0 | CVE-2017-7269 BID MISC MISC MISC MISC |
| modx -- modx_revolution | setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the config_key parameter to the setup/index.php?action=welcome URI. | 2017-03-30 | 7.5 | CVE-2017-7321 BID MISC |
| modx -- modx_revolution | setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the core_path parameter. | 2017-03-30 | 7.5 | CVE-2017-7324 BID MISC |
| moodle -- moodle | In Moodle 2.x and 3.x, SQL injection can occur via user preferences. | 2017-03-26 | 7.5 | CVE-2017-2641 BID CONFIRM |
| openbsd -- openbsd | httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 2017-03-27 | 7.8 | CVE-2017-5850 MLIST MISC FULLDISC MLIST BID SECTRACK CONFIRM CONFIRM CONFIRM MISC EXPLOIT-DB |
| putty -- putty | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. | 2017-03-27 | 7.5 | CVE-2017-6542 SUSE CONFIRM BID CONFIRM GENTOO |
| qemu -- qemu | Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. | 2017-03-24 | 10.0 | CVE-2015-8556 MISC GENTOO EXPLOIT-DB |
| qemu -- qemu | Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow. | 2017-03-27 | 7.2 | CVE-2017-5931 CONFIRM MLIST BID CONFIRM MLIST |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. Under some circumstances, that could have been an opportunity for an attacker to steal an authenticated session. | 2017-03-27 | 7.5 | CVE-2016-9125 MISC MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc.php` was vulnerable to the fairly new Reflected File Download (RFD) web attack vector that enables attackers to gain complete control over a victim's machine by virtually downloading a file from a trusted domain. | 2017-03-27 | 9.3 | CVE-2016-9470 MISC MISC |
| solarwinds -- log_and_event_manager | SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh. | 2017-03-24 | 7.2 | CVE-2017-5198 MISC BID |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| amd -- ryzen | The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. | 2017-03-24 | 4.9 | CVE-2017-7262 MISC MISC BID MISC MISC |
| artifex -- mupdf | Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | 2017-03-26 | 6.8 | CVE-2017-7264 MISC BID MISC |
| brave -- browser | Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names. | 2017-03-27 | 4.3 | CVE-2016-9473 BID MISC MISC MISC |
| broadcom -- bcm4339_soc_firmware | Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156). | 2017-03-27 | 6.8 | CVE-2017-6957 MISC BID MISC |
| call-cc -- chicken | The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service (crash). | 2017-03-29 | 5.0 | CVE-2015-4556 MLIST MLIST MLIST CONFIRM |
| canonical -- ubuntu_core | An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic. | 2017-03-24 | 4.3 | CVE-2017-6507 CONFIRM CONFIRM BID CONFIRM CONFIRM |
| clusterlabs -- pacemaker | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. | 2017-03-24 | 5.0 | CVE-2016-7797 CONFIRM SUSE SUSE SUSE REDHAT MLIST BID CONFIRM |
| debian -- debian_linux | XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response. | 2017-03-24 | 5.0 | CVE-2016-10149 DEBIAN MLIST CONFIRM CONFIRM MISC CONFIRM |
| dotcms -- dotcms | dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. | 2017-03-26 | 4.3 | CVE-2017-6003 BID MISC |
| eclipse -- tinydtls | Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. | 2017-03-24 | 5.0 | CVE-2017-7243 BID MISC MISC |
| eonweb_project -- eonweb | EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php. | 2017-03-24 | 6.5 | CVE-2017-6087 MLIST BID CONFIRM |
| eviewgps -- ev-07s_gps_tracker_firmware | Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field. | 2017-03-27 | 5.0 | CVE-2017-5238 BID MISC |
| eviewgps -- ev-07s_gps_tracker_firmware | Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle (MitM) listener. | 2017-03-27 | 5.0 | CVE-2017-5239 BID MISC |
| exfat_prokect -- exfat | Heap-based buffer overflow in the verify_vbr_checksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service (infinite loop) or possibly execute arbitrary code via a crafted filesystem. | 2017-03-27 | 6.8 | CVE-2015-8026 MLIST BID MISC CONFIRM CONFIRM GENTOO |
| extraputty -- extraputty | The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message. | 2017-03-27 | 5.0 | CVE-2017-7183 MISC BUGTRAQ BID |
| f5 -- big-ip_webaccelerator | The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors. | 2017-03-27 | 5.0 | CVE-2016-9252 CONFIRM |
| fedoraproject -- fedora | regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. | 2017-03-24 | 5.0 | CVE-2016-10132 CONFIRM MLIST MLIST CONFIRM FEDORA |
| fedoraproject -- fedora | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690. | 2017-03-28 | 4.3 | CVE-2016-8884 MLIST MLIST BID MISC CONFIRM CONFIRM FEDORA FEDORA |
| fedoraproject -- fedora | ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. | 2017-03-27 | 6.8 | CVE-2017-5330 MLIST BID CONFIRM CONFIRM FEDORA GENTOO |
| firebirdsql -- firebird | Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. | 2017-03-24 | 6.5 | CVE-2017-6369 CONFIRM BID |
| fomori -- cherrymusic | Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download." | 2017-03-27 | 4.0 | CVE-2015-8309 CONFIRM BID CONFIRM CONFIRM EXPLOIT-DB |
| freeradius -- freeradius | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet. | 2017-03-27 | 4.3 | CVE-2015-8762 CONFIRM MLIST |
| freeradius -- freeradius | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read. | 2017-03-27 | 6.8 | CVE-2015-8763 CONFIRM MLIST |
| freeradius -- freeradius | Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow. | 2017-03-27 | 6.8 | CVE-2015-8764 CONFIRM MLIST |
| getsymphony -- symphony_cms | Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field. | 2017-03-26 | 4.3 | CVE-2017-6067 BID MISC |
| gnu -- bash | The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. | 2017-03-27 | 4.6 | CVE-2017-5932 CONFIRM MLIST BID MLIST |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. | 2017-03-29 | 4.3 | CVE-2017-7299 BID CONFIRM |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. | 2017-03-29 | 5.0 | CVE-2017-7300 BID CONFIRM |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. | 2017-03-29 | 5.0 | CVE-2017-7301 BID CONFIRM |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. | 2017-03-29 | 5.0 | CVE-2017-7302 BID CONFIRM |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. | 2017-03-29 | 5.0 | CVE-2017-7303 BID CONFIRM |
| gnu -- binutils | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. | 2017-03-29 | 5.0 | CVE-2017-7304 BID CONFIRM |
| gnu -- gnutls | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | 2017-03-24 | 5.0 | CVE-2017-5335 SUSE MLIST MLIST BID SECTRACK MISC CONFIRM CONFIRM GENTOO |
| go-jose_project -- go-jose | go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making it vulnerable to an invalid curve attack. | 2017-03-27 | 6.4 | CVE-2016-9121 MISC MISC MISC |
| go-jose_project -- go-jose | go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated. | 2017-03-27 | 5.0 | CVE-2016-9122 MISC MISC MISC |
| go-jose_project -- go-jose | go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures. | 2017-03-27 | 5.0 | CVE-2016-9123 MISC MISC MISC |
| ibm -- cognos_business_intelligence | IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subsequent requests. IBM Reference #: 1993718. | 2017-03-27 | 6.5 | CVE-2016-8960 CONFIRM BID |
| ibm -- kenexa_lcms_premier | IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM Reference #: 1998874. | 2017-03-27 | 4.0 | CVE-2017-1142 CONFIRM BID |
| ibm -- security_key_lifecycle_manager | IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM Reference #: 2000359. | 2017-03-27 | 4.3 | CVE-2016-6102 CONFIRM BID |
| ibm -- tririga_application_platform | IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563. | 2017-03-27 | 6.5 | CVE-2017-1153 CONFIRM BID |
| ibm -- websphere_portal | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000152. | 2017-03-27 | 4.3 | CVE-2017-1120 CONFIRM BID |
| imagemagick -- imagemagick | Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. | 2017-03-24 | 6.8 | CVE-2017-5506 MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. | 2017-03-24 | 4.3 | CVE-2017-5508 MLIST MLIST BID CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | 2017-03-24 | 6.8 | CVE-2017-5509 MLIST MLIST BID CONFIRM CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | 2017-03-24 | 6.8 | CVE-2017-5510 MLIST MLIST BID CONFIRM CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. | 2017-03-27 | 4.3 | CVE-2017-7275 BID MISC MISC |
| intelliants -- subrion_cms | Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add any blog entry, and can optionally insert XSS into that entry via the body parameter. | 2017-03-26 | 6.8 | CVE-2017-6002 MISC |
| intelliants -- subrion_cms | Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can perform any Edit Language action, and can optionally insert XSS via the title parameter. | 2017-03-26 | 6.8 | CVE-2017-6066 BID MISC |
| intelliants -- subrion_cms | Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter. | 2017-03-26 | 6.8 | CVE-2017-6068 BID MISC |
| intelliants -- subrion_cms | Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally insert XSS via the tags parameter. | 2017-03-26 | 6.8 | CVE-2017-6069 BID MISC |
| libgit2_project -- libgit2 | The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line. | 2017-03-24 | 5.0 | CVE-2016-10129 SUSE SUSE SUSE MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| libgit2_project -- libgit2 | The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable. | 2017-03-24 | 4.3 | CVE-2016-10130 SUSE SUSE SUSE MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| libtiff -- libtiff | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | 2017-03-24 | 4.3 | CVE-2016-10266 BID MISC MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | 2017-03-24 | 4.3 | CVE-2016-10267 BID MISC MISC |
| libtiff -- libtiff | tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23. | 2017-03-24 | 6.8 | CVE-2016-10268 BID MISC MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. | 2017-03-24 | 6.8 | CVE-2016-10269 BID MISC MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. | 2017-03-24 | 6.8 | CVE-2016-10270 BID MISC MISC |
| libtiff -- libtiff | tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. | 2017-03-24 | 6.8 | CVE-2016-10271 BID MISC MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. | 2017-03-24 | 6.8 | CVE-2016-10272 BID MISC MISC |
| linux -- linux_kernel | The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device. | 2017-03-24 | 4.9 | CVE-2017-7261 MISC BID MISC MISC |
| linux -- linux_kernel | The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c. | 2017-03-28 | 6.6 | CVE-2017-7277 CONFIRM CONFIRM BID CONFIRM CONFIRM MISC CONFIRM CONFIRM |
| miele_professional -- pst10_webserver | An issue was discovered on Miele Professional PG 8528 PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. | 2017-03-24 | 5.0 | CVE-2017-7240 MISC BID |
| modx -- modx_revolution | setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier does not properly constrain the language parameter, which allows remote attackers to conduct Cookie-Bombing attacks and cause a denial of service (cookie quota exhaustion), or conduct HTTP Response Splitting attacks with resultant XSS, via an invalid parameter value. | 2017-03-30 | 4.3 | CVE-2017-7320 BID MISC |
| modx -- modx_revolution | The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code via a crafted certificate. | 2017-03-30 | 6.8 | CVE-2017-7322 BID MISC |
| modx -- modx_revolution | The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier use http://rest.modx.com by default, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code by leveraging the lack of the HTTPS protection mechanism. | 2017-03-30 | 6.8 | CVE-2017-7323 BID MISC |
| moodle -- moodle | In Moodle 3.2.x, global search displays user names for unauthenticated users. | 2017-03-26 | 5.0 | CVE-2017-2643 BID CONFIRM |
| moodle -- moodle | In Moodle 3.x, XSS can occur via evidence of prior learning. | 2017-03-26 | 4.3 | CVE-2017-2644 BID CONFIRM |
| moodle -- moodle | In Moodle 3.x, XSS can occur via attachments to evidence of prior learning. | 2017-03-26 | 4.3 | CVE-2017-2645 BID CONFIRM |
| netflix -- security_monkey | Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header. | 2017-03-26 | 5.8 | CVE-2017-7266 BID CONFIRM CONFIRM CONFIRM |
| nextcloud -- nextcloud | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user. | 2017-03-27 | 5.0 | CVE-2016-9460 MISC MISC MISC MISC MISC MISC MISC |
| nextcloud -- nextcloud | Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare the file to themselves but not to the whole group. The previous API implementation simply unshared the file to all users in the group. | 2017-03-27 | 4.0 | CVE-2016-9464 MISC MISC MISC MISC MISC MISC |
| nextcloud -- nextcloud | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user. | 2017-03-27 | 5.0 | CVE-2016-9467 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| nextcloud -- nextcloud | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of information. | 2017-03-27 | 5.0 | CVE-2016-9468 MISC MISC MISC MISC MISC MISC MISC |
| ntp -- ntp | The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write. | 2017-03-27 | 4.6 | CVE-2017-6451 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. | 2017-03-27 | 4.6 | CVE-2017-6452 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable. | 2017-03-27 | 4.4 | CVE-2017-6455 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. | 2017-03-27 | 6.5 | CVE-2017-6458 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. | 2017-03-27 | 6.5 | CVE-2017-6460 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. | 2017-03-27 | 4.6 | CVE-2017-6462 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option. | 2017-03-27 | 4.0 | CVE-2017-6463 CONFIRM CONFIRM BID SECTRACK |
| ntp -- ntp | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive. | 2017-03-27 | 4.0 | CVE-2017-6464 CONFIRM CONFIRM BID SECTRACK |
| nuxeo -- nuxeo | Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header. | 2017-03-24 | 6.5 | CVE-2017-5869 MLIST BID |
| openslp -- openslp | The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure. | 2017-03-27 | 5.0 | CVE-2016-4912 MLIST SECTRACK CONFIRM |
| opensuse_project -- leap | Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. | 2017-03-27 | 4.3 | CVE-2015-8010 SUSE MLIST MLIST BID CONFIRM |
| owncloud -- owncloud | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with an attachment disposition forcing the browser to download the document. However, Firefox running on Microsoft Windows would offer the user to open the data in the browser as an HTML document. Thus any injected data in the log would be executed. | 2017-03-27 | 4.3 | CVE-2016-9459 MISC MISC MISC MISC MISC MISC MISC |
| owncloud -- owncloud | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files. | 2017-03-27 | 4.0 | CVE-2016-9461 MISC MISC MISC MISC MISC MISC MISC MISC |
| owncloud -- owncloud | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to restore old versions. | 2017-03-27 | 4.0 | CVE-2016-9462 MISC MISC MISC MISC MISC MISC MISC MISC |
| owncloud -- owncloud | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against an SMB server. This backend is implemented in a way that tries to connect to a SMB server and if that succeeded consider the user logged-in. The backend did not properly take into account SMB servers that have any kind of anonymous auth configured. This is the default on SMB servers nowadays and allows an unauthenticated attacker to gain access to an account without valid credentials. Note: The SMB backend is disabled by default and requires manual configuration in the Nextcloud/ownCloud config file. If you have not configured the SMB backend then you're not affected by this vulnerability. | 2017-03-27 | 6.8 | CVE-2016-9463 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| owncloud -- owncloud | Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could influence the error message, this led to a reflected Cross-Site-Scripting vulnerability. | 2017-03-27 | 4.3 | CVE-2016-9466 MISC MISC MISC MISC MISC MISC |
| php -- php | PHP through 7.1.3 enables potential SSRF in applications that accept an fsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function. | 2017-03-27 | 5.8 | CVE-2017-7272 BID CONFIRM CONFIRM |
| potrace_project -- potrace | The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698. | 2017-03-26 | 6.8 | CVE-2017-7263 BID MISC |
| radare -- radare2 | The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file. | 2017-03-27 | 4.3 | CVE-2017-7274 BID CONFIRM CONFIRM |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown feature was considered, but rejected to avoid introducing service disruptions to regular users during such attacks. A random delay has instead been introduced as a countermeasure in case of password failures, along with a system to discourage parallel brute forcing. These systems will effectively allow the valid users to log in to the adserver, even while an attack is in progress. | 2017-03-27 | 5.0 | CVE-2016-9124 MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The password recovery form in Revive Adserver is vulnerable to CSRF attacks. This vulnerability could be exploited to send a large number of password recovery emails to the registered users, especially in conjunction with a bug that caused recovery emails to be sent to all the users at once. Both issues have been fixed. | 2017-03-27 | 6.8 | CVE-2016-9127 MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username. | 2017-03-27 | 5.0 | CVE-2016-9129 MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/admin/banner-activate.php`, `www/admin/banner-advanced.php`, `www/admin/banner-modify.php`, `www/admin/banner-swf.php`, `www/admin/banner-zone.php`, `www/admin/tracker-modify.php`. | 2017-03-27 | 6.8 | CVE-2016-9455 BID MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other potential CSRF vulnerabilities. Over 20+ such issues were fixed. | 2017-03-27 | 6.8 | CVE-2016-9456 BID MISC MISC |
| s-nail_project -- s-nail | Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument. | 2017-03-27 | 6.9 | CVE-2017-5899 MLIST MLIST BID MLIST |
| siemens -- ruggedcom_rox_i | Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information. | 2017-03-28 | 4.0 | CVE-2017-2686 BID CONFIRM |
| siemens -- ruggedcom_rox_i | Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link. | 2017-03-28 | 4.3 | CVE-2017-2687 BID CONFIRM |
| siemens -- ruggedcom_rox_i | The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF. | 2017-03-28 | 6.8 | CVE-2017-2688 BID CONFIRM |
| siemens -- ruggedcom_rox_i | Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings. | 2017-03-28 | 6.5 | CVE-2017-2689 BID CONFIRM |
| solarwinds -- log_and_event_manager | The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl. | 2017-03-24 | 6.5 | CVE-2017-5199 MISC BID |
| uclibc-ng_project -- uclibc-ng | The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply. | 2017-03-24 | 5.0 | CVE-2016-2224 CONFIRM MLIST MLIST BID CONFIRM |
| uclibc-ng_project -- uclibc-ng | The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet. | 2017-03-24 | 5.0 | CVE-2016-2225 CONFIRM MLIST MLIST BID CONFIRM |
| yii_software -- yii | Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen. | 2017-03-27 | 4.3 | CVE-2017-7271 BID CONFIRM |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| cmsmadesimple -- cms_made_simple | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack. | 2017-03-24 | 3.5 | CVE-2017-7255 MISC |
| cmsmadesimple -- cms_made_simple | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack. | 2017-03-24 | 3.5 | CVE-2017-7256 MISC BID |
| cmsmadesimple -- cms_made_simple | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. Someone must login to conduct the attack. | 2017-03-24 | 3.5 | CVE-2017-7257 MISC BID |
| f5 -- big-ip_webaccelerator | In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. | 2017-03-27 | 2.1 | CVE-2016-7474 BID CONFIRM |
| fomori -- cherrymusic | Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist. | 2017-03-27 | 3.5 | CVE-2015-8310 CONFIRM BID CONFIRM CONFIRM |
| ibm -- call_center_for_commerce | IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000442. | 2017-03-27 | 3.5 | CVE-2016-6056 CONFIRM BID |
| ibm -- kenexa_lcms_premier | IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM Reference #: 1998874. | 2017-03-27 | 3.5 | CVE-2017-1143 CONFIRM BID |
| ibm -- tririga_application_platform | IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1996200. | 2017-03-27 | 3.5 | CVE-2016-9737 CONFIRM BID |
| metinfo -- metinfo | Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php. | 2017-03-27 | 3.5 | CVE-2017-6878 MISC FULLDISC BID |
| miniupnp_project -- minisspd | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value. | 2017-03-24 | 2.1 | CVE-2016-3178 MISC MLIST CONFIRM CONFIRM |
| miniupnp_project -- minisspd | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling. | 2017-03-24 | 2.1 | CVE-2016-3179 MISC MLIST CONFIRM CONFIRM |
| moodle -- moodle | In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element. | 2017-03-29 | 3.5 | CVE-2017-7298 MISC BID |
| netcomm -- nb16wv-02_firmware | Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 allows remote authenticated users to inject arbitrary web script or HTML via the S801F0334 parameter to hdd.htm. | 2017-03-29 | 3.5 | CVE-2017-5900 FULLDISC BID |
| nextcloud -- nextcloud | Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing any kind of verification on the image content this is prone to a stored Cross-Site Scripting attack. | 2017-03-27 | 3.5 | CVE-2016-9465 MISC MISC MISC MISC MISC MISC |
| ntp -- ntp | The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. | 2017-03-27 | 2.1 | CVE-2017-6459 CONFIRM CONFIRM BID SECTRACK |
| oneplus -- oxygenos | With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information. | 2017-03-26 | 3.6 | CVE-2017-5622 BID MISC |
| qemu -- qemu | The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values. | 2017-03-27 | 2.1 | CVE-2016-9922 CONFIRM MLIST BID CONFIRM MLIST |
| qemu -- qemu | The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | 2017-03-27 | 2.1 | CVE-2017-5973 CONFIRM MLIST BID CONFIRM MLIST |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An authenticated user with enough privileges to create other users could exploit the vulnerability to access the administrator account. | 2017-03-27 | 3.5 | CVE-2016-9126 MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate-preview.php script in www/admin is vulnerable to a reflected XSS attack. This vulnerability could be used by an attacker to steal the session ID of an authenticated user, by tricking them into visiting a specifically crafted URL. | 2017-03-27 | 3.5 | CVE-2016-9128 MISC MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name wasn't properly escaped when displayed in the campaign-zone.php script. | 2017-03-27 | 3.5 | CVE-2016-9130 MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages. | 2017-03-27 | 3.5 | CVE-2016-9454 BID MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others. | 2017-03-27 | 3.5 | CVE-2016-9457 BID MISC MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver. | 2017-03-27 | 2.1 | CVE-2016-9471 MISC MISC |
| revive-adserver -- revive_adserver | Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other parameters. It has to be noted that the window for such attack vectors to be possible is extremely narrow and it is very unlikely that such an attack could be actually effective. | 2017-03-27 | 3.5 | CVE-2016-9472 MISC MISC MISC |
| siemens -- ruggedcom_rox_i | The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks. | 2017-03-28 | 3.5 | CVE-2017-6864 BID CONFIRM |
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution. | 2017-03-31 | not yet calculated | CVE-2017-3010 CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure. | 2017-03-31 | not yet calculated | CVE-2017-3009 CONFIRM |
| apache -- ambari |
Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process. | 2017-03-28 | not yet calculated | CVE-2016-6807 BID CONFIRM |
| apache -- ambari |
Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing. | 2017-03-29 | not yet calculated | CVE-2016-4976 BID CONFIRM |
| apache -- ambari |
The certificate signing REST API in Apache Ambari before 2.4.0 allows remote attackers to execute arbitrary code via shell metacharacters in the agentHostname value. | 2017-03-29 | not yet calculated | CVE-2014-3582 CONFIRM MISC |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Phone" component. It allows attackers to trigger telephone calls to arbitrary numbers via a third-party app. | 2017-04-01 | not yet calculated | CVE-2017-2484 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream to iTunes sandbox web services by leveraging use of cleartext HTTP. | 2017-04-01 | not yet calculated | CVE-2017-2412 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol (SCEP) implementation in the the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support. | 2017-04-01 | not yet calculated | CVE-2017-2380 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "DataAccess" component. It allows remote attackers to access Exchange traffic in opportunistic circumstances by leveraging a mistake in typing an e-mail address. | 2017-04-01 | not yet calculated | CVE-2017-2414 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Accounts" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen. | 2017-04-01 | not yet calculated | CVE-2017-2397 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode. | 2017-04-01 | not yet calculated | CVE-2017-2384 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to read text messages on the lock screen via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2452 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof an HTTP authentication sheet or cause a denial of service via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2389 CONFIRM CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Safari Reader" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2393 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode). | 2017-04-01 | not yet calculated | CVE-2017-2399 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "SafariViewController" component. It allows attackers to obtain sensitive information by leveraging the SafariViewController's incorrect synchronization of Safari cache clearing. | 2017-04-01 | not yet calculated | CVE-2017-2400 CONFIRM |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary numbers via a tel: URL in a PDF document, as exploited in the wild in October 2016. | 2017-04-01 | not yet calculated | CVE-2017-2404 CONFIRM MISC |
| apple -- ios |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the presence of Home Control on Control Center. | 2017-04-01 | not yet calculated | CVE-2017-2434 CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL. | 2017-04-01 | not yet calculated | CVE-2017-2403 CONFIRM |
| apple -- macos_server |
An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the "Wiki Server" component. It allows remote attackers to enumerate user accounts via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2382 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleGraphicsPowerManagement" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2421 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file. | 2017-04-01 | not yet calculated | CVE-2017-2413 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "CoreMedia" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .mov file. | 2017-04-01 | not yet calculated | CVE-2017-2431 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2436 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2422 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2489 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2427 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the system-installation subsystem of the "System Integrity Protection" component. It allows attackers to modify the contents of a protected disk location via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-6974 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2420 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2410 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "FinderKit" component. It allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging unexpected permission changes during an iCloud Sharing Send Link action. | 2017-04-01 | not yet calculated | CVE-2017-2429 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code via a crafted certificate. | 2017-04-01 | not yet calculated | CVE-2017-2425 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files via a file: URL in an iBooks file. | 2017-04-01 | not yet calculated | CVE-2017-2426 MISC CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory server. | 2017-04-01 | not yet calculated | CVE-2017-2381 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 2017-04-01 | not yet calculated | CVE-2017-2477 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter. | 2017-04-01 | not yet calculated | CVE-2016-7585 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOATAFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2408 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2388 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass intended access restrictions by leveraging Active Directory certificate trust that should not have remained. | 2017-04-01 | not yet calculated | CVE-2017-2402 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2409 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2449 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2437 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2438 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2418 CONFIRM |
| apple -- macos |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2443 CONFIRM |
| apple -- safari |
An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows local users to obtain access to locked keychain items via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2385 CONFIRM |
| apple -- safari |
An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2392 CONFIRM |
| apple -- software | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2473 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2459 CONFIRM CONFIRM CONFIRM |
| apple -- software | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2470 CONFIRM CONFIRM CONFIRM |
| apple -- software | An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track users via correlation with this certificate. | 2017-04-01 | not yet calculated | CVE-2017-2383 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. | 2017-04-01 | not yet calculated | CVE-2017-2462 MISC CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2457 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2463 MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2466 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2464 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2465 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2458 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file. | 2017-04-01 | not yet calculated | CVE-2017-2467 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code by leveraging an unspecified "type confusion." | 2017-04-01 | not yet calculated | CVE-2017-2415 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2469 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2478 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2468 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2460 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2482 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted text message. | 2017-04-01 | not yet calculated | CVE-2017-2461 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2479 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2406 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2395 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2386 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory permissions via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2390 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2407 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2396 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2480 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. | 2017-04-01 | not yet calculated | CVE-2017-2391 CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted .dfont file. | 2017-04-01 | not yet calculated | CVE-2017-2379 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2367 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the "WebKit" component. It allows remote attackers to execute arbitrary code or spoof a bookmark by leveraging mishandling of links during drag-and-drop actions. | 2017-04-01 | not yet calculated | CVE-2017-2378 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2398 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2405 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a window-close action during a debugger-pause state. | 2017-04-01 | not yet calculated | CVE-2017-2377 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2401 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page. | 2017-04-01 | not yet calculated | CVE-2017-2376 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2442 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2394 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2451 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2487 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2453 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted C++ app that is mishandled during demangling. | 2017-04-01 | not yet calculated | CVE-2017-2441 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2440 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves mishandling of OpenGL shaders in the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2424 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with an empty signature. | 2017-04-01 | not yet calculated | CVE-2017-2423 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2454 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2486 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2490 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2447 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode functions. | 2017-04-01 | not yet calculated | CVE-2017-2446 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects. | 2017-04-01 | not yet calculated | CVE-2017-2445 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2444 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2450 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection mechanism by leveraging lack of authentication for OTR packets. | 2017-04-01 | not yet calculated | CVE-2017-2448 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors. | 2017-04-01 | not yet calculated | CVE-2017-2419 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of service (infinite recursion) via a crafted image. | 2017-04-01 | not yet calculated | CVE-2017-2417 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2472 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2474 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2483 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2471 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted X.509 certificate file. | 2017-04-01 | not yet calculated | CVE-2017-2485 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2476 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. | 2017-04-01 | not yet calculated | CVE-2017-2475 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2017-04-01 | not yet calculated | CVE-2017-2456 MISC CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2455 CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. | 2017-04-01 | not yet calculated | CVE-2017-2430 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an unspecified impact via unknown vectors. | 2017-04-01 | not yet calculated | CVE-2017-2428 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file. | 2017-04-01 | not yet calculated | CVE-2017-2416 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2439 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | 2017-04-01 | not yet calculated | CVE-2017-2435 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. | 2017-04-01 | not yet calculated | CVE-2017-2432 CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2433 CONFIRM CONFIRM |
| apple -- software |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-04-01 | not yet calculated | CVE-2017-2481 MISC CONFIRM CONFIRM CONFIRM |
| auromeera -- emli_portal |
HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an Attacker to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as demonstrated by reading core-emli/Storage. The affected versions are eMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0. | 2017-03-29 | not yet calculated | CVE-2017-7258 MISC |
| bubblewrap -- bubblewrap |
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox. | 2017-03-29 | not yet calculated | CVE-2017-5226 CONFIRM CONFIRM CONFIRM |
| ceragon -- fibeair | In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser. | 2017-03-30 | not yet calculated | CVE-2016-10309 MISC |
| citymont_symetrie -- citymont_symetrie |
citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in symetrie-master/app/commands/page.php (model parameter). | 2017-03-31 | not yet calculated | CVE-2017-7386 CONFIRM |
| dahua -- ip_camera |
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login. | 2017-03-30 | not yet calculated | CVE-2017-7253 MISC |
| emc -- isilon_onefs |
EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1. | 2017-03-29 | not yet calculated | CVE-2017-4980 CONFIRM BID |
| emc -- rsa_archer_security_operations_management |
EMC RSA Archer Security Operations Management with RSA Unified Collector Framework versions prior to 1.3.1.52 contain a sensitive information disclosure vulnerability that could potentially be exploited by malicious users to compromise an affected system. | 2017-03-29 | not yet calculated | CVE-2017-4977 CONFIRM BID |
| fortinet -- fortigate |
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected. | 2017-03-30 | not yet calculated | CVE-2016-7541 CONFIRM BID |
| fortinet -- fortios |
A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them. | 2017-03-30 | not yet calculated | CVE-2016-7542 CONFIRM BID |
| gitlab -- gitlab |
Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. For GitLab instances with publicly available projects this vulnerability could be exploited by an unauthenticated user. A fix was included in versions 8.14.3, 8.13.8, and 8.12.11, which were released on December 5th 2016 at 3:59 PST. The GitLab versions vulnerable to this are 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2, and 8.14.2-ee. | 2017-03-27 | not yet calculated | CVE-2016-9469 MISC MISC MISC MISC MISC MISC |
| gitlab -- gitlab |
Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC. | 2017-03-27 | not yet calculated | CVE-2017-0882 BID MISC MISC MISC MISC MISC |
| hak5 -- wifi-pineapple |
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. | 2017-03-31 | not yet calculated | CVE-2015-4624 MISC MISC BUGTRAQ EXPLOIT-DB |
| hkdf -- hkdf |
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size. | 2017-03-27 | not yet calculated | CVE-2016-9243 MLIST BID UBUNTU CONFIRM CONFIRM CONFIRM FEDORA FEDORA FEDORA |
| honeywell -- intermec |
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file. | 2017-03-29 | not yet calculated | CVE-2017-5671 CONFIRM BID MISC CONFIRM |
| ibm -- algorithmics_one-algo_risk_application |
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. IBM Reference #: 1999892. | 2017-03-31 | not yet calculated | CVE-2017-1154 CONFIRM |
| ibm -- curam_social_program_manager |
IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833. | 2017-03-31 | not yet calculated | CVE-2016-6111 CONFIRM |
| ibm -- inotes |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824. | 2017-03-31 | not yet calculated | CVE-2016-9990 CONFIRM |
| ibm -- jazz_foundation |
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784. | 2017-03-31 | not yet calculated | CVE-2016-9707 CONFIRM |
| ibm -- kenexa |
IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999483. | 2017-03-31 | not yet calculated | CVE-2016-8935 CONFIRM |
| ibm -- rational_quality_manager |
IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784. | 2017-03-31 | not yet calculated | CVE-2016-6036 CONFIRM |
| ibm -- rational_quality_manager |
IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784. | 2017-03-31 | not yet calculated | CVE-2016-6031 CONFIRM |
| ibm -- rational_quality_manager |
IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784. | 2017-03-31 | not yet calculated | CVE-2016-6022 CONFIRM |
| ibm -- sterling_order_management |
IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 2000943. | 2017-03-31 | not yet calculated | CVE-2016-8917 CONFIRM |
| ibm -- tririga |
The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 2001083. | 2017-03-31 | not yet calculated | CVE-2017-1171 CONFIRM |
| illumos -- illumos |
illumos smbsrv NULL pointer dereference allows system crash. | 2017-03-31 | not yet calculated | CVE-2016-6561 CONFIRM CONFIRM CONFIRM |
| illumos -- illumos |
illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. | 2017-03-31 | not yet calculated | CVE-2016-6560 CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | 2017-03-30 | not yet calculated | CVE-2014-9821 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." | 2017-03-30 | not yet calculated | CVE-2014-9804 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | 2017-03-30 | not yet calculated | CVE-2014-9812 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. | 2017-03-30 | not yet calculated | CVE-2014-9805 MLIST MLIST CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. | 2017-03-30 | not yet calculated | CVE-2014-9806 MLIST MLIST CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | 2017-03-30 | not yet calculated | CVE-2014-9809 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | 2017-03-30 | not yet calculated | CVE-2014-9820 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. | 2017-03-30 | not yet calculated | CVE-2014-9810 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. | 2017-03-30 | not yet calculated | CVE-2014-9808 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. | 2017-03-30 | not yet calculated | CVE-2014-9819 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. | 2017-03-30 | not yet calculated | CVE-2014-9807 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. | 2017-03-30 | not yet calculated | CVE-2014-9817 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files. | 2017-03-30 | not yet calculated | CVE-2014-9826 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. | 2017-03-30 | not yet calculated | CVE-2014-9823 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. | 2017-03-30 | not yet calculated | CVE-2014-9813 MLIST MLIST CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick |
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. | 2017-03-30 | not yet calculated | CVE-2014-9811 MLIST MLIST CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. | 2017-03-30 | not yet calculated | CVE-2014-9825 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. | 2017-03-30 | not yet calculated | CVE-2014-9814 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. | 2017-03-30 | not yet calculated | CVE-2014-9816 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. | 2017-03-30 | not yet calculated | CVE-2014-9824 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. | 2017-03-30 | not yet calculated | CVE-2014-9818 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | 2017-03-30 | not yet calculated | CVE-2014-9822 MLIST MLIST CONFIRM CONFIRM |
| imagemagick -- imagemagick |
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. | 2017-03-30 | not yet calculated | CVE-2014-9815 MLIST MLIST CONFIRM CONFIRM |
| intel_security -- anti-virus_engine |
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | 2017-03-28 | not yet calculated | CVE-2016-8031 BID CONFIRM |
| intel_security -- anti-virus_engine |
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | 2017-03-31 | not yet calculated | CVE-2016-8032 CONFIRM |
| jensen_of_scandinavia -- air_link |
Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint. | 2017-03-26 | not yet calculated | CVE-2016-10273 MISC |
| linux -- linux_kernel |
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | 2017-03-31 | not yet calculated | CVE-2014-9114 FEDORA FEDORA SUSE MLIST BID XF CONFIRM CONFIRM GENTOO |
| linux -- linux_kernel |
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely. | 2017-03-31 | not yet calculated | CVE-2017-7374 CONFIRM CONFIRM CONFIRM |
| linux -- linux_kernel |
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. | 2017-03-31 | not yet calculated | CVE-2017-2647 CONFIRM CONFIRM CONFIRM |
| linux -- linux_kernel |
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device. | 2017-03-30 | not yet calculated | CVE-2017-7346 CONFIRM CONFIRM CONFIRM |
| linux -- linux_kernel |
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. | 2017-03-27 | not yet calculated | CVE-2017-7273 CONFIRM CONFIRM BID CONFIRM |
| magmi -- magmi |
A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-31 | not yet calculated | CVE-2017-7391 CONFIRM CONFIRM |
| mantisbt -- configuration_report |
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3. | 2017-03-31 | not yet calculated | CVE-2017-7309 CONFIRM CONFIRM BID |
| mantisbt -- configuration_report |
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This is fixed in 1.3.8, 2.1.2, and 2.2.2. | 2017-03-31 | not yet calculated | CVE-2017-6973 CONFIRM CONFIRM BID |
| mantisbt -- move_attachments |
A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'type' parameter, if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed, as recommended in the "Post-installation and upgrade tasks" of the MantisBT Admin Guide. A reminder to do so is also displayed on the login page. | 2017-03-31 | not yet calculated | CVE-2017-7241 CONFIRM CONFIRM BID |
| mikrotik -- mikrotik |
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | 2017-03-29 | not yet calculated | CVE-2017-7285 MISC EXPLOIT-DB |
| multi-router_looking_glass -- multi-router_looking_glass |
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption. | 2017-03-31 | not yet calculated | CVE-2014-3931 CONFIRM MISC MISC |
| mxit -- mxit |
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords. | 2017-03-29 | not yet calculated | CVE-2016-2379 BID MISC CONFIRM GENTOO |
| nagios -- nagios |
Cross-site scripting (XSS) vulnerability in Nagios. | 2017-03-31 | not yet calculated | CVE-2016-6209 FULLDISC CONFIRM |
| national_instruments -- labview_2016 |
An exploitable memory corruption vulnerability exists in the LvVarientUnflatten functionality of LabVIEW 2016 version 16.0.0.49152. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled VI file can be used to trigger this vulnerability, exploitation could lead to remote code execution. | 2017-03-31 | not yet calculated | CVE-2017-2775 MISC |
| netiq -- sentinel_server |
A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration). | 2017-03-30 | not yet calculated | CVE-2017-5184 CONFIRM |
| netiq -- sentinel_server |
A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service. | 2017-03-30 | not yet calculated | CVE-2017-5185 CONFIRM |
| oci-register-machine -- oci-register-machine |
The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command. | 2017-03-29 | not yet calculated | CVE-2016-6349 MLIST MLIST BID CONFIRM CONFIRM |
| open-exchange --appsuite |
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML. | 2017-03-29 | not yet calculated | CVE-2016-6846 CONFIRM BID CONFIRM CONFIRM |
| open_eclass -- open_eclass |
Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-31 | not yet calculated | CVE-2017-7389 CONFIRM |
| openstack -- glance |
The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision. | 2017-03-29 | not yet calculated | CVE-2015-8234 MLIST MISC CONFIRM |
| pixie -- pixie |
Pixie 1.0.4 allows an admin/index.php s=login&m= XSS attack. | 2017-03-31 | not yet calculated | CVE-2017-7359 MISC |
| pixie -- pixie |
Pixie 1.0.4 allows an admin/index.php s=settings&x= XSS attack. | 2017-03-31 | not yet calculated | CVE-2017-7360 MISC |
| pixie -- pixie |
Pixie 1.0.4 allows an admin/index.php s=publish&m=dynamic&x= XSS attack. | 2017-03-31 | not yet calculated | CVE-2017-7362 MISC |
| pixie -- pixie |
Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS attack. | 2017-03-31 | not yet calculated | CVE-2017-7363 MISC |
| pixie -- pixie |
Pixie 1.0.4 allows an admin/index.php s=publish&m=static&x= XSS attack. | 2017-03-31 | not yet calculated | CVE-2017-7361 MISC |
| rancher_labs -- rancher_server |
Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3. | 2017-03-28 | not yet calculated | CVE-2017-7297 BID CONFIRM |
| ruby -- ruby |
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. | 2017-03-29 | not yet calculated | CVE-2009-5147 MLIST BID CONFIRM CONFIRM CONFIRM |
| samsung -- galaxy |
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 2017-03-27 | not yet calculated | CVE-2015-0863 MISC |
| samsung -- samsung_account |
Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 2017-03-27 | not yet calculated | CVE-2015-0864 BID MISC |
| siklu -- etherhaul |
Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as usernames and plaintext passwords from the device with no authentication. | 2017-03-30 | not yet calculated | CVE-2017-7318 MISC BID |
| siklu -- etherhaul |
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the device, allowing full control over it. | 2017-03-30 | not yet calculated | CVE-2016-10308 MISC BID |
| snoopy -- snoopy |
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. | 2017-03-31 | not yet calculated | CVE-2008-7313 CONFIRM MLIST MLIST MLIST BID CONFIRM XF REDHAT REDHAT REDHAT REDHAT GENTOO MISC |
| snoopy -- snoopy |
Snoopy allows remote attackers to execute arbitrary commands. | 2017-03-31 | not yet calculated | CVE-2014-5008 REDHAT REDHAT REDHAT REDHAT CONFIRM DEBIAN MLIST MLIST MLIST BID CONFIRM MISC |
| snoopy -- snoopy |
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. | 2017-03-31 | not yet calculated | CVE-2014-5009 REDHAT REDHAT REDHAT REDHAT CONFIRM MLIST MLIST MLIST BID XF CONFIRM MISC MISC |
| socialnetwork -- socialnetwork |
A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/template/pw_forgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-31 | not yet calculated | CVE-2017-7390 CONFIRM |
| sophos -- sophos_web_appliance |
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. | 2017-03-30 | not yet calculated | CVE-2017-6412 CONFIRM CONFIRM |
| sophos -- sophos_web_appliance |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | 2017-03-30 | not yet calculated | CVE-2017-6183 CONFIRM CONFIRM |
| sophos -- sophos_web_appliance |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | 2017-03-30 | not yet calculated | CVE-2017-6182 CONFIRM CONFIRM |
| sophos -- sophos_web_appliance |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | 2017-03-30 | not yet calculated | CVE-2017-6184 CONFIRM CONFIRM |
| sync_breeze -- enterprise_client |
A buffer overflow vulnerability in Import Command in Sync Breeze Enterprise Client 9.5.16, Disk Sorter Enterprise Client 9.5.12, and DiskBoss Enterprise Client 7.8.16 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element. | 2017-03-29 | not yet calculated | CVE-2017-7310 BID EXPLOIT-DB EXPLOIT-DB EXPLOIT-DB |
| thefirstquestion_helpmewatchwho -- thefirstquestion_helpmewatchwho |
TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a reflected XSS in HelpMeWatchWho-master/unaired.php (episodeID parameter). | 2017-03-31 | not yet calculated | CVE-2017-7387 CONFIRM |
| tigervnc -- tigervnc |
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. | 2017-03-31 | not yet calculated | CVE-2017-7392 CONFIRM |
| tigervnc -- tigervnc |
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. | 2017-03-31 | not yet calculated | CVE-2017-7393 CONFIRM |
| tigervnc -- tigervnc |
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. | 2017-03-31 | not yet calculated | CVE-2017-7395 CONFIRM CONFIRM |
| tigervnc -- tigervnc |
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. | 2017-03-31 | not yet calculated | CVE-2017-7396 CONFIRM CONFIRM |
| tigervnc -- tigervnc |
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames. | 2017-03-31 | not yet calculated | CVE-2017-7394 CONFIRM |
| trango -- altum_ac600 |
Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. | 2017-03-30 | not yet calculated | CVE-2016-10306 MISC MISC BID |
| trango -- trango |
Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. | 2017-03-30 | not yet calculated | CVE-2016-10305 MISC |
| trango -- trango |
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. | 2017-03-30 | not yet calculated | CVE-2016-10307 MISC BID |
| trend_micro -- enterprise_mobile_security_android_applicaton |
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398. | 2017-03-30 | not yet calculated | CVE-2016-9319 MISC CONFIRM |
| ubuntu -- dmcrypt-get-device | dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS. | 2017-03-27 | not yet calculated | CVE-2017-6964 BID CONFIRM CONFIRM |
| vlc -- vlc |
VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service. | 2017-03-28 | not yet calculated | CVE-2014-6440 MISC MLIST BID MISC GENTOO |
| wallacepos -- wallacepos |
A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. The vulnerability exists due to insufficient filtration of user-supplied data (token) passed to the 'wallacepos-master/myaccount/resetpassword.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2017-03-31 | not yet calculated | CVE-2017-7388 CONFIRM |
| xoops -- xoops |
SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program. | 2017-03-30 | not yet calculated | CVE-2017-7290 BID MISC |
| zimbra -- zimbra_collaboration_suite |
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks. | 2017-03-29 | not yet calculated | CVE-2016-9924 BID CONFIRM |
| zulip -- zulip |
An error in the implementation of an autosubscribe feature in the check_stream_exists route of the Zulip group chat application server before 1.4.3 allowed an authenticated user to subscribe to a private stream that should have required an invitation from an existing member to join. The issue affects all previously released versions of the Zulip server. | 2017-03-27 | not yet calculated | CVE-2017-0881 BID MISC MISC |
-출처/원문기사: [US-CERT: Bulletin(SB17-093)] 2017년 3월 27일까지 발표된 보안 취약점
'IT 와 Social 이야기' 카테고리의 다른 글
| [KDB경제연구소] 한국형 4차 산업혁명 대응전략 (0) | 2017.04.07 |
|---|---|
| [Digieco] 4차 산업혁명을 이끄는 인공지능 - 딥러닝을 중심으로 (0) | 2017.04.07 |
| [POSCO경영연구원] Office에 부는 4차 산업혁명 바람 - Robot in Biz Operation의 시대 (0) | 2017.04.06 |
| [kotra]4차 산업혁명시대, 첨단제품 개발 트렌드와 시사점 (0) | 2017.04.06 |
| [IBK경제연구소] 스마트 팩토리와 리쇼어링 - Smart Factory and Reshoring (0) | 2017.04.06 |
