The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| amazon -- fire_os | Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv. | 2017-04-09 | 10.0 | CVE-2015-7292 MISC |
| atlassian -- jira | The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. | 2017-04-10 | 7.5 | CVE-2017-5983 MISC BID CONFIRM CONFIRM CERT-VN |
| axis -- axis_communications_firmware | AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." | 2017-04-09 | 7.8 | CVE-2015-8258 EXPLOIT-DB |
| botan_project -- botan | botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain. | 2017-04-10 | 7.8 | CVE-2015-7825 CONFIRM CONFIRM |
| botan_project -- botan | botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com. | 2017-04-10 | 7.5 | CVE-2015-7826 CONFIRM CONFIRM |
| botan_project -- botan | The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang. | 2017-04-10 | 7.5 | CVE-2016-6878 CONFIRM |
| cisco -- aironet_access_point | A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for advanced troubleshooting and should not be available to individual users, even those with root privileges. The attacker must have the root password to exploit this vulnerability. More Information: CSCvb13893. Known Affected Releases: 8.2(121.0) 8.3(102.0). Known Fixed Releases: 8.4(1.53) 8.4(1.52) 8.3(111.0) 8.3(104.23) 8.2(130.0) 8.2(124.1). | 2017-04-07 | 7.2 | CVE-2016-9196 BID CONFIRM |
| cisco -- firepower_extensible_operating_system | A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61394 CSCvb86816. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1658) 2.0(1.115). | 2017-04-07 | 7.2 | CVE-2017-6597 BID CONFIRM |
| cisco -- firepower_extensible_operating_system | A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. More Information: CSCvb86725 CSCvb86797. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.105) 92.1(1.1733) 2.1(1.69). | 2017-04-07 | 7.2 | CVE-2017-6598 BID CONFIRM |
| cisco -- firepower_extensible_operating_system | A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61351 CSCvb61637. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1645) 2.0(1.82) 1.1(4.136. | 2017-04-07 | 7.2 | CVE-2017-6600 BID CONFIRM |
| cisco -- firepower_management_center | A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Products: This vulnerability affects Cisco Firepower System Software running software releases 6.0.0, 6.1.0, 6.2.0, or 6.2.1 when the device is configured with an SSL policy that has at least one rule specifying traffic decryption. More Information: CSCvc58563. Known Affected Releases: 6.0.0 6.1.0 6.2.0 6.2.1. | 2017-04-07 | 7.1 | CVE-2017-3885 BID CONFIRM |
| cisco -- mobility_services_engine | A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected Releases: 8.3(102.0). | 2017-04-07 | 7.2 | CVE-2016-9197 BID CONFIRM |
| cloudviewnms -- cloudview_nms | CloudView NMS before 2.10a has a format string issue exploitable over SNMP. | 2017-04-09 | 7.5 | CVE-2016-5074 MISC |
| dataprobe -- ibootbar_firmware | Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie. | 2017-04-07 | 7.5 | CVE-2007-6759 MISC |
| dataprobe -- ibootbar_firmware | Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie. | 2017-04-07 | 7.5 | CVE-2007-6760 MISC |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | 2017-04-09 | 7.5 | CVE-2015-7271 MISC BID |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | 2017-04-09 | 7.5 | CVE-2015-7272 MISC BID |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. | 2017-04-09 | 7.5 | CVE-2015-7273 MISC |
| gnu -- binutils | elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. | 2017-04-09 | 7.5 | CVE-2017-7614 MISC |
| google -- android | A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33641588. | 2017-04-07 | 9.3 | CVE-2017-0538 BID CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33864300. | 2017-04-07 | 9.3 | CVE-2017-0539 BID CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33966031. | 2017-04-07 | 9.3 | CVE-2017-0540 BID CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. | 2017-04-07 | 9.3 | CVE-2017-0541 BID CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33934721. | 2017-04-07 | 9.3 | CVE-2017-0542 BID CONFIRM CONFIRM |
| google -- android | A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097866. | 2017-04-07 | 9.3 | CVE-2017-0543 BID CONFIRM CONFIRM |
| google -- android | An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is rated as High because it is a local arbitrary code execution in a privileged process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31992879. | 2017-04-07 | 9.3 | CVE-2017-0544 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32591350. | 2017-04-07 | 9.3 | CVE-2017-0545 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32628763. | 2017-04-07 | 9.3 | CVE-2017-0546 BID CONFIRM |
| google -- android | A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605. | 2017-04-07 | 7.1 | CVE-2017-0548 BID CONFIRM |
| google -- android | A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818508. | 2017-04-07 | 7.1 | CVE-2017-0549 BID CONFIRM CONFIRM |
| google -- android | A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33933140. | 2017-04-07 | 7.1 | CVE-2017-0550 BID CONFIRM CONFIRM |
| google -- android | A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097231. | 2017-04-07 | 7.1 | CVE-2017-0551 BID CONFIRM CONFIRM CONFIRM |
| google -- android | A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097915. | 2017-04-07 | 7.1 | CVE-2017-0552 BID CONFIRM CONFIRM |
| google -- android | An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. | 2017-04-07 | 7.6 | CVE-2017-0553 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202425. References: M-ALPS02898189. | 2017-04-07 | 9.3 | CVE-2017-0562 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175904. References: M-ALPS02696516. | 2017-04-07 | 7.6 | CVE-2017-0565 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28470975. References: M-ALPS02696367. | 2017-04-07 | 7.6 | CVE-2017-0566 BID CONFIRM |
| google -- android | An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33964406. | 2017-04-07 | 7.6 | CVE-2017-0578 BID CONFIRM |
| gynoii -- gcw-1010 | Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account. | 2017-04-09 | 10.0 | CVE-2015-2881 MISC |
| ibaby -- m3s_baby_monitor_firmware | iBaby M3S has a password of admin for the backdoor admin account. | 2017-04-09 | 10.0 | CVE-2015-2887 MISC |
| lens_laboratories -- peek-a-view_firmware | Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account. | 2017-04-09 | 10.0 | CVE-2015-2885 MISC |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33353700. References: QC-CR#1104067. | 2017-04-07 | 7.6 | CVE-2017-0454 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33353601. References: QC-CR#1102288. | 2017-04-07 | 7.6 | CVE-2017-0462 CONFIRM |
| linux -- linux_kernel | A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814. | 2017-04-07 | 10.0 | CVE-2017-0561 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32089409. | 2017-04-07 | 9.3 | CVE-2017-0563 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203. | 2017-04-07 | 9.3 | CVE-2017-0564 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32125310. References: B-RB#112575. | 2017-04-07 | 7.6 | CVE-2017-0567 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34197514. References: B-RB#112600. | 2017-04-07 | 7.6 | CVE-2017-0568 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34198729. References: B-RB#110666. | 2017-04-07 | 7.6 | CVE-2017-0569 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199963. References: B-RB#110688. | 2017-04-07 | 7.6 | CVE-2017-0570 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34203305. References: B-RB#111541. | 2017-04-07 | 7.6 | CVE-2017-0571 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-34198931. References: B-RB#112597. | 2017-04-07 | 7.6 | CVE-2017-0572 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34469904. References: B-RB#91539. | 2017-04-07 | 7.6 | CVE-2017-0573 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34624457. References: B-RB#113189. | 2017-04-07 | 7.6 | CVE-2017-0574 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32658595. References: QC-CR#1103099. | 2017-04-07 | 7.6 | CVE-2017-0575 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33544431. References: QC-CR#1103089. | 2017-04-07 | 7.6 | CVE-2017-0576 BID MISC CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33842951. | 2017-04-07 | 7.6 | CVE-2017-0577 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34125463. References: QC-CR#1115406. | 2017-04-07 | 7.6 | CVE-2017-0579 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-34325986. | 2017-04-07 | 7.6 | CVE-2017-0580 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-34614485. | 2017-04-07 | 7.6 | CVE-2017-0581 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the HTC OEM fastboot command could enable a local malicious application to execute arbitrary code within the context of the sensor hub. This issue is rated as Moderate because it first requires exploitation of separate vulnerabilities. Product: Android. Versions: Kernel-3.10. Android ID: A-33178836. | 2017-04-07 | 7.6 | CVE-2017-0582 BID CONFIRM |
| linux -- linux_kernel | An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32068683. References: QC-CR#1103788. | 2017-04-07 | 7.6 | CVE-2017-0583 BID CONFIRM |
| linux -- linux_kernel | crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue. | 2017-04-10 | 7.8 | CVE-2017-7618 MISC BID |
| news_system_project -- news_system | SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed. | 2017-04-07 | 7.5 | CVE-2017-7581 MISC |
| ninka_project -- ninka | Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename. | 2017-04-10 | 7.5 | CVE-2017-7239 MLIST BID CONFIRM |
| osram -- lightify_home | OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. | 2017-04-09 | 7.5 | CVE-2016-5053 MISC |
| philips -- in.sight_b120\37 | Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account. | 2017-04-09 | 10.0 | CVE-2015-2882 MISC |
| proxygen_project -- proxygen | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. | 2017-04-09 | 7.5 | CVE-2015-7264 MISC |
| schneider-electric -- conext_combox_865-1058_firmware | An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot. | 2017-04-07 | 7.8 | CVE-2017-6019 CONFIRM BID MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection. | 2017-04-09 | 7.5 | CVE-2016-5065 MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user. | 2017-04-09 | 10.0 | CVE-2016-5066 MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection. | 2017-04-09 | 9.0 | CVE-2016-5067 MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests. | 2017-04-09 | 7.5 | CVE-2016-5068 MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL. | 2017-04-09 | 7.5 | CVE-2016-5069 MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root. | 2017-04-09 | 10.0 | CVE-2016-5071 MISC |
| sophos -- cyberoam_cr25ing_utm_firmware | Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5. | 2017-04-07 | 9.0 | CVE-2016-7786 MISC |
| summer_infant -- baby_zoom_wifi_monitor_firmware | Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service. | 2017-04-09 | 7.5 | CVE-2015-2888 MISC |
| trendnet -- tv-ip743sic | TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account. | 2017-04-09 | 9.0 | CVE-2015-2880 MISC |
| vertivco -- liebert_multilink_automated_shutdown | Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | 2017-04-09 | 7.2 | CVE-2015-7260 MISC |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- ignite | Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents. | 2017-04-07 | 4.3 | CVE-2016-6805 CONFIRM BID |
| atlassian -- bitbucket | Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource. | 2017-04-09 | 4.0 | CVE-2016-4320 BID MISC |
| atlassian -- jira | Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. | 2017-04-09 | 6.8 | CVE-2016-4319 BID MISC |
| axis -- axis_communications_firmware | AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. | 2017-04-09 | 6.8 | CVE-2015-8255 EXPLOIT-DB |
| botan_project -- botan | botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. | 2017-04-10 | 5.0 | CVE-2015-7824 CONFIRM CONFIRM |
| botan_project -- botan | The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value. | 2017-04-10 | 5.0 | CVE-2016-6879 CONFIRM |
| castle_rock_computing -- snmpc | Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. | 2017-04-09 | 4.3 | CVE-2015-6027 MISC |
| castle_rock_computing -- snmpc | Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | 2017-04-09 | 6.5 | CVE-2015-6028 MISC |
| cesanta -- mongoose_os | Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string. | 2017-04-10 | 5.0 | CVE-2017-7185 BUGTRAQ BID CONFIRM CONFIRM MISC |
| cisco -- asr_900_series_firmware | A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with an RSP2 card could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system because of incorrect IPv6 Packet Processing. More Information: CSCuy94366. Known Affected Releases: 15.4(3)S3.15. Known Fixed Releases: 15.6(2)SP 15.6(1.31)SP. | 2017-04-07 | 6.1 | CVE-2017-6603 BID CONFIRM |
| cisco -- firepower_threat_defense | A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco Firepower System Software prior to the first fixed release when it is configured with an SSL Decrypt-Resign policy. More Information: CSCvb62292. Known Affected Releases: 6.0.1 6.1.0 6.2.0. Known Fixed Releases: 6.2.0 6.1.0.2. | 2017-04-07 | 4.3 | CVE-2017-3887 BID CONFIRM |
| cisco -- ios_xe | A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. More Information: CSCuz06639 CSCuz42122. Known Affected Releases: 15.6(1.1)S 16.1.2 16.2.0 15.2(1)E. Known Fixed Releases: Denali-16.1.3 16.2(1.8) 16.1(2.61) 15.6(2)SP 15.6(2)S1 15.6(1)S2 15.5(3)S3a 15.5(3)S3 15.5(2)S4 15.5(1)S4 15.4(3)S6a 15.4(3)S6 15.3(3)S8a 15.3(3)S8 15.2(5)E 15.2(4)E3 15.2(3)E5 15.0(2)SQD3 15.0(1.9.2)SQD3 3.9(0)E. | 2017-04-07 | 6.9 | CVE-2017-6606 BID CONFIRM |
| cisco -- ios_xr | A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL. | 2017-04-07 | 5.0 | CVE-2017-6599 BID CONFIRM |
| cisco -- prime_infrastructure | A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. More Information: CSCuw63001 CSCuw63003. Known Affected Releases: 2.2(2). Known Fixed Releases: 3.1(0.0). | 2017-04-07 | 4.3 | CVE-2017-3848 BID CONFIRM |
| cisco -- prime_infrastructure | A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional reconnaissance attacks. More Information: CSCvc60031 (Fixed) CSCvc60041 (Fixed) CSCvc60095 (Open) CSCvc60102 (Open). Known Affected Releases: 2.2 2.2(3) 3.0 3.1(0.0) 3.1(0.128) 3.1(4.0) 3.1(5.0) 3.2(0.0) 2.0(4.0.45D). | 2017-04-07 | 4.0 | CVE-2017-3884 BID CONFIRM |
| cisco -- registered_envelope_service | A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc60123. Known Affected Releases: 5.1.0-015. | 2017-04-07 | 5.8 | CVE-2017-3889 BID CONFIRM |
| cisco -- unified_communications_manager | A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. The attacker must be authenticated as an administrative user to execute SQL database queries. More Information: CSCvc74291. Known Affected Releases: 1.0(1.10000.10) 11.5(1.10000.6). Known Fixed Releases: 12.0(0.98000.619) 12.0(0.98000.485) 12.0(0.98000.212) 11.5(1.13035.1) 11.0(1.23900.5) 11.0(1.23900.2) 11.0(1.23067.1) 10.5(2.15900.2). | 2017-04-07 | 4.0 | CVE-2017-3886 BID CONFIRM |
| cisco -- unified_computing_system | A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability affects the following Cisco products running Cisco IMC Software: Unified Computing System (UCS) B-Series M3 and M4 Blade Servers, Unified Computing System (UCS) C-Series M3 and M4 Rack Servers. More Information: CSCvc37931. Known Affected Releases: 3.1(2c)B. | 2017-04-07 | 5.8 | CVE-2017-6604 BID CONFIRM |
| cisco -- unified_computing_system_director | A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.5(0.1) 6.0(0.0). | 2017-04-07 | 4.0 | CVE-2017-3817 BID CONFIRM |
| cisco -- wireless_lan_controller | A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by disconnecting a single connection. This vulnerability affects Cisco Wireless LAN Controller running software release 8.3.102.0. More Information: CSCvb01835. Known Fixed Releases: 8.4(1.49) 8.3(111.0) 8.3(108.0) 8.3(104.24) 8.3(102.3). | 2017-04-07 | 5.0 | CVE-2016-9195 BID CONFIRM |
| cloudera -- cdh | Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. | 2017-04-10 | 5.0 | CVE-2016-6605 CONFIRM |
| cloudviewnms -- cloudview_nms | CloudView NMS before 2.10a has XSS via SNMP. | 2017-04-09 | 4.3 | CVE-2016-5073 MISC |
| cloudviewnms -- cloudview_nms | CloudView NMS before 2.10a has XSS via a TELNET login. | 2017-04-09 | 4.3 | CVE-2016-5075 MISC |
| cloudviewnms -- cloudview_nms | CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def. | 2017-04-09 | 5.0 | CVE-2016-5076 MISC |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | 2017-04-09 | 4.6 | CVE-2015-7270 MISC BID |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | 2017-04-09 | 6.5 | CVE-2015-7274 MISC BID BID |
| dell -- integrated_remote_access_controller_firmware | Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS. | 2017-04-09 | 4.3 | CVE-2015-7275 MISC BID |
| dlink -- dwr-116_firmware | Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. (dot dot) in a "GET /uir/" request. | 2017-04-10 | 5.0 | CVE-2017-6190 BID MISC |
| elfutils_project -- elfutils | The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7607 MISC |
| elfutils_project -- elfutils | The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7608 MISC |
| elfutils_project -- elfutils | elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7609 MISC |
| elfutils_project -- elfutils | The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7610 MISC |
| elfutils_project -- elfutils | The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7611 MISC |
| elfutils_project -- elfutils | The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7612 MISC |
| elfutils_project -- elfutils | elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 2017-04-09 | 4.3 | CVE-2017-7613 MISC |
| eparaksts -- eparakstitajs_3 | LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | 2017-04-09 | 4.3 | CVE-2015-8275 MISC |
| eparaksts -- eparakstitajs_3 | LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files. | 2017-04-09 | 4.3 | CVE-2015-8276 MISC |
| foxitsoftware -- foxit_pdf_toolkit | Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file. | 2017-04-07 | 6.8 | CVE-2017-7584 BID CONFIRM |
| google -- android | An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33861560. | 2017-04-07 | 4.3 | CVE-2017-0547 BID CONFIRM CONFIRM |
| google -- android | An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. This issue is rated as Moderate because it could be used to gain access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33815946. | 2017-04-07 | 6.8 | CVE-2017-0554 BID CONFIRM |
| google -- android | An information disclosure vulnerability in libavc in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33551775. | 2017-04-07 | 4.3 | CVE-2017-0555 BID CONFIRM CONFIRM |
| google -- android | An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34093952. | 2017-04-07 | 4.3 | CVE-2017-0556 BID CONFIRM CONFIRM |
| google -- android | An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34093073. | 2017-04-07 | 4.3 | CVE-2017-0557 BID CONFIRM CONFIRM |
| google -- android | An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34056274. | 2017-04-07 | 4.3 | CVE-2017-0558 BID CONFIRM CONFIRM |
| google -- android | An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33897722. | 2017-04-07 | 4.3 | CVE-2017-0559 BID CONFIRM |
| google -- android | An information disclosure vulnerability in the factory reset process could enable a local malicious attacker to access data from the previous owner. This issue is rated as Moderate due to the possibility of bypassing device protection. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-30681079. | 2017-04-07 | 4.3 | CVE-2017-0560 BID CONFIRM |
| ibaby -- m6_baby_monitor_firmware | iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service. | 2017-04-09 | 5.0 | CVE-2015-2886 MISC |
| ilias_project -- ilias | ILIAS before 5.2.3 has XSS via SVG documents. | 2017-04-07 | 4.3 | CVE-2017-7583 CONFIRM CONFIRM CONFIRM |
| imagemagick -- imagemagick | coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 4.3 | CVE-2017-7606 MISC |
| imagemagick -- imagemagick | In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv. | 2017-04-10 | 5.0 | CVE-2017-7619 CONFIRM |
| imageworsener_project -- imageworsener | The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 2017-04-10 | 4.3 | CVE-2017-7623 BID CONFIRM |
| imageworsener_project -- imageworsener | The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | 2017-04-10 | 4.3 | CVE-2017-7624 BID CONFIRM |
| jive_software -- jive | Jive before 2016.3.1 has an open redirect from the external-link.jspa page. | 2017-04-09 | 5.8 | CVE-2016-4334 MISC |
| keepassx_project -- keepassx | In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile. | 2017-04-10 | 5.0 | CVE-2015-8378 CONFIRM CONFIRM |
| libaacplus_project -- libaacplus | au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 2017-04-09 | 6.8 | CVE-2017-7603 MISC |
| libaacplus_project -- libaacplus | au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 2017-04-09 | 6.8 | CVE-2017-7604 MISC |
| libaacplus_project -- libaacplus | aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 2017-04-09 | 6.8 | CVE-2017-7605 MISC |
| libming -- libming | Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831. | 2017-04-07 | 6.8 | CVE-2017-7578 CONFIRM |
| libsndfile_project -- libsndfile | In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 2017-04-07 | 4.3 | CVE-2017-7585 CONFIRM CONFIRM CONFIRM MISC |
| libsndfile_project -- libsndfile | In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | 2017-04-07 | 4.3 | CVE-2017-7586 CONFIRM CONFIRM BID CONFIRM CONFIRM |
| libtiff -- libtiff | The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7592 MISC BID |
| libtiff -- libtiff | tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | 2017-04-09 | 4.3 | CVE-2017-7593 MISC BID |
| libtiff -- libtiff | The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image. | 2017-04-09 | 4.3 | CVE-2017-7594 MISC BID |
| libtiff -- libtiff | The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 2017-04-09 | 4.3 | CVE-2017-7595 MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7596 BID MISC |
| libtiff -- libtiff | tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7597 BID MISC |
| libtiff -- libtiff | tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 2017-04-09 | 4.3 | CVE-2017-7598 BID MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7599 BID BID MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7600 MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7601 BID MISC |
| libtiff -- libtiff | LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 2017-04-09 | 6.8 | CVE-2017-7602 BID MISC |
| netapp -- clustered_data_ontap | NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | 2017-04-10 | 5.0 | CVE-2017-5988 CONFIRM |
| netikus -- eventsentry | Netikus EventSentry before 3.2.1.44 has XSS via SNMP. | 2017-04-09 | 4.3 | CVE-2016-5077 MISC |
| opencv -- opencv | OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. | 2017-04-09 | 6.8 | CVE-2016-1516 MISC MISC |
| opencv -- opencv | OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks. | 2017-04-09 | 4.3 | CVE-2016-1517 MISC MISC |
| openidm_project -- openidm | In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in bin/defaults/script/info/login.js. | 2017-04-08 | 4.0 | CVE-2017-7589 MISC CONFIRM |
| openidm_project -- openidm | OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name. | 2017-04-08 | 4.3 | CVE-2017-7590 MISC CONFIRM |
| openidm_project -- openidm | OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/. | 2017-04-08 | 4.3 | CVE-2017-7591 MISC CONFIRM |
| opmantek -- network_management_information_system | Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations. | 2017-04-09 | 6.0 | CVE-2016-6534 MISC |
| opsview -- opsview | Opsview before 2015-11-06 has XSS via SNMP. | 2017-04-09 | 4.3 | CVE-2015-6035 MISC |
| osram -- lightify_home | OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. | 2017-04-09 | 5.0 | CVE-2016-5051 MISC |
| osram -- lightify_home | OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning. | 2017-04-09 | 5.0 | CVE-2016-5052 MISC |
| osram -- lightify_home | OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. | 2017-04-09 | 5.0 | CVE-2016-5054 MISC |
| osram -- lightify_pro | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page. | 2017-04-09 | 4.3 | CVE-2016-5055 MISC |
| osram -- lightify_pro | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. | 2017-04-09 | 5.0 | CVE-2016-5056 MISC |
| osram -- lightify_pro | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. | 2017-04-09 | 5.0 | CVE-2016-5057 MISC |
| osram -- lightify_pro | OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. | 2017-04-09 | 5.0 | CVE-2016-5058 MISC |
| osram -- lightify_pro | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | 2017-04-09 | 4.0 | CVE-2016-5059 MISC |
| oxidforge -- oxid_eshop | OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9. | 2017-04-09 | 6.5 | CVE-2016-5072 MISC |
| paessler -- prtg | Paessler PRTG before 16.2.24.4045 has XSS via SNMP. | 2017-04-09 | 4.3 | CVE-2016-5078 MISC |
| philips -- in.sight_b120\37 | Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. | 2017-04-09 | 5.0 | CVE-2015-2884 MISC |
| phpmyfaq -- phpmyfaq | inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. | 2017-04-07 | 4.3 | CVE-2017-7579 CONFIRM CONFIRM |
| pivotx -- pivotx | PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension. | 2017-04-07 | 6.5 | CVE-2017-7570 MISC |
| proxygen_project -- proxygen | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | 2017-04-09 | 5.0 | CVE-2015-7263 MISC |
| proxygen_project -- proxygen | Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | 2017-04-09 | 5.0 | CVE-2015-7265 MISC |
| sap -- netweaver | The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788. | 2017-04-10 | 4.0 | CVE-2016-10304 MISC |
| sap -- sql_anywhere | Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778. | 2017-04-10 | 4.0 | CVE-2016-10310 BID MISC |
| schneider-electric -- interactive_graphical_scada_system | A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path. | 2017-04-07 | 6.8 | CVE-2017-6033 CONFIRM BID MISC |
| sierrawireless -- aleos_firmware | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext. | 2017-04-09 | 5.0 | CVE-2016-5070 MISC |
| spiceworks -- desktop | Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. | 2017-04-09 | 4.3 | CVE-2015-6021 MISC |
| summer_infant -- baby_zoom_wifi_monitor_firmware | Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL. | 2017-04-09 | 6.5 | CVE-2015-2889 MISC |
| swagger_project -- swagger-ui | Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section. | 2017-04-09 | 4.3 | CVE-2016-5682 MISC |
| visioncritical -- vision_critical | Vision Critical before 2014-05-30 allows attackers to read arbitrary files via unspecified vectors, as demonstrated by image files and configuration files. | 2017-04-09 | 5.0 | CVE-2014-2960 MISC |
| web2py -- web2py | web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks. | 2017-04-10 | 5.0 | CVE-2016-10321 CONFIRM CONFIRM |
| xiongmai_technologies -- uc-httpd | XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. | 2017-04-07 | 5.0 | CVE-2017-7577 MISC |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple -- apple_music | The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2017-04-07 | 2.9 | CVE-2017-2387 MISC BID CONFIRM |
| atlassian -- confluence | Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page. | 2017-04-09 | 3.5 | CVE-2016-4317 BID MISC |
| atlassian -- jira | Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. | 2017-04-09 | 3.5 | CVE-2016-4318 BID MISC |
| cisco -- firepower_extensible_operating_system | A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61384 CSCvb86764. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1647). | 2017-04-07 | 3.6 | CVE-2017-6601 BID CONFIRM |
| cisco -- firepower_extensible_operating_system | A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189 CSCvb86775. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1742) 92.1(1.1658) 2.1(1.38) 2.0(1.107) 2.0(1.87) 1.1(4.148) 1.1(4.138). | 2017-04-07 | 3.6 | CVE-2017-6602 BID CONFIRM |
| cisco -- unified_communications_manager | A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability affects Cisco Unified Communications Manager with a default configuration running an affected software release with the attacker authenticated as the administrative user. More Information: CSCvc83712. Known Affected Releases: 12.0(0.98000.452). Known Fixed Releases: 12.0(0.98000.750) 12.0(0.98000.708) 12.0(0.98000.707) 12.0(0.98000.704) 12.0(0.98000.554) 12.0(0.98000.546) 12.0(0.98000.543) 12.0(0.98000.248) 12.0(0.98000.244) 12.0(0.98000.242). | 2017-04-07 | 3.5 | CVE-2017-3888 BID CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32074353. References: QC-CR#1104731. | 2017-04-07 | 2.6 | CVE-2017-0584 BID CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953. | 2017-04-07 | 2.6 | CVE-2017-0585 BID CONFIRM |
| linux -- linux_kernel | An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33649808. References: QC-CR#1097569. | 2017-04-07 | 2.6 | CVE-2017-0586 BID CONFIRM |
| linux -- linux_kernel | Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. | 2017-04-10 | 2.1 | CVE-2017-7616 CONFIRM BID CONFIRM |
| opmantek -- network_management_information_system | Opmantek NMIS before 8.5.12G has XSS via SNMP. | 2017-04-09 | 3.5 | CVE-2016-5642 MISC |
| philips -- in.sight_b120\37 | Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. | 2017-04-09 | 3.5 | CVE-2015-2883 MISC |
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- acrobat_flash_player | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3058 BID CONFIRM |
| adobe -- acrobat_flash_player | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3063 BID CONFIRM |
| adobe -- acrobat_flash_player |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3062 BID CONFIRM |
| adobe -- acrobat_flash_player |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3060 BID CONFIRM |
| adobe -- acrobat_flash_player |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3061 BID CONFIRM |
| adobe -- acrobat_flash_player |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3059 BID CONFIRM |
| adobe -- acrobat_flash_player |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3064 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3023 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3019 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. | 2017-04-12 | not yet calculated | CVE-2017-3012 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3024 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3018 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3026 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3051 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging. | 2017-04-12 | not yet calculated | CVE-2017-3013 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module. | 2017-04-12 | not yet calculated | CVE-2017-3020 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine. | 2017-04-12 | not yet calculated | CVE-2017-3021 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file. | 2017-04-12 | not yet calculated | CVE-2017-3022 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3011 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3057 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3030 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3048 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser. | 2017-04-12 | not yet calculated | CVE-2017-3032 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3014 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3056 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3044 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3054 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3015 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3017 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3050 BID CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3025 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3027 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3028 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream. | 2017-04-12 | not yet calculated | CVE-2017-3029 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data. | 2017-04-12 | not yet calculated | CVE-2017-3033 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine. | 2017-04-12 | not yet calculated | CVE-2017-3031 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3035 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3038 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3065 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3036 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3037 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3034 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3039 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3041 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3042 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3040 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box. | 2017-04-12 | not yet calculated | CVE-2017-3045 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing. | 2017-04-12 | not yet calculated | CVE-2017-3046 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality. | 2017-04-12 | not yet calculated | CVE-2017-3043 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3049 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format. | 2017-04-12 | not yet calculated | CVE-2017-3052 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files. | 2017-04-12 | not yet calculated | CVE-2017-3053 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3047 BID CONFIRM |
| adobe -- acrobat_reader |
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3055 BID CONFIRM |
| adobe -- campaign | Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database. | 2017-04-12 | not yet calculated | CVE-2017-2989 BID CONFIRM |
| adobe -- photoshop_cc | Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files. Successful exploitation could lead to arbitrary code execution. | 2017-04-12 | not yet calculated | CVE-2017-3004 BID CONFIRM |
| adobe -- photoshop_cc |
Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability. | 2017-04-12 | not yet calculated | CVE-2017-3005 BID CONFIRM |
| adobe -- thor | Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications. | 2017-04-12 | not yet calculated | CVE-2017-3006 BID CONFIRM |
| adobe -- thor | Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications. | 2017-04-12 | not yet calculated | CVE-2017-3007 BID CONFIRM |
| apache -- tomcat | Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. | 2017-04-12 | not yet calculated | CVE-2016-6808 MISC REDHAT FULLDISC CONFIRM MLIST BID SECTRACK REDHAT REDHAT |
| apache -- tomee |
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object. | 2017-04-11 | not yet calculated | CVE-2016-0779 MISC MLIST CONFIRM BUGTRAQ BID MISC |
| apple -- ios_shoplat_application | Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. | 2017-04-13 | not yet calculated | CVE-2016-1132 JVN JVNDB |
| apple -- mac_os_x |
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | 2017-04-13 | not yet calculated | CVE-2010-1821 APPLE |
| apple -- mac_os_x |
Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. | 2017-04-13 | not yet calculated | CVE-2010-1816 APPLE |
| appleple -- a-blog_cms | Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML. | 2017-04-12 | not yet calculated | CVE-2016-1179 JVN JVNDB CONFIRM |
| appleple -- a-blog_cms | The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors. | 2017-04-12 | not yet calculated | CVE-2016-1178 JVN JVNDB CONFIRM |
| asterisk -- asterisk |
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action. | 2017-04-10 | not yet calculated | CVE-2017-7617 CONFIRM BID CONFIRM |
| atutor -- atutor | SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php. | 2017-04-13 | not yet calculated | CVE-2016-2555 MISC MISC CONFIRM CONFIRM |
| auromeera -- emli |
Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. Ltd. eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different end user via the page parameter to code/student_portal/home.php. The affected versions are eMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0. | 2017-04-11 | not yet calculated | CVE-2017-7621 MISC |
| bigtree_cms -- bigtree_cms |
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code. | 2017-04-11 | not yet calculated | CVE-2017-7695 MISC MISC MISC |
| bigtree_cms -- bigtree_cms |
BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14. | 2017-04-15 | not yet calculated | CVE-2017-7881 MISC MISC |
| bitrix -- bitrix |
Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php. | 2017-04-14 | not yet calculated | CVE-2015-8356 MISC BUGTRAQ MISC |
| blackberry -- blackberry_enterprise_server | Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp. | 2017-04-13 | not yet calculated | CVE-2016-1915 FULLDISC MISC CONFIRM |
| blackberry -- blackberry_enterprise_server | Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image. | 2017-04-13 | not yet calculated | CVE-2016-1914 FULLDISC MISC CONFIRM |
| blue_coat -- sslv |
Blue Coat SSL Visibility (SSLV) 3.x before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server. | 2017-04-11 | not yet calculated | CVE-2016-10259 BID CONFIRM |
| brother -- multiple_devices |
On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W. | 2017-04-12 | not yet calculated | CVE-2017-7588 MISC |
| candlepin_project -- candlepin | The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories. | 2017-04-14 | not yet calculated | CVE-2016-4455 REDHAT REDHAT MLIST BID SECTRACK CONFIRM CONFIRM CONFIRM |
| citrix -- netscaler_gateway |
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors. | 2017-04-13 | not yet calculated | CVE-2017-7219 BID CONFIRM |
| concrete5 -- concrete5 |
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header; this is stored and allows for arbitrary domains to be set for certain links displayed to subsequent visitors, potentially an XSS vector. | 2017-04-13 | not yet calculated | CVE-2017-7725 MISC MISC MISC |
| dde -- dde |
dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Anybody can change the grub config, even to append some arguments to make a backdoor or privilege escalation, by calling DoWriteGrubSettings() provided by dde-daemon. | 2017-04-10 | not yet calculated | CVE-2017-7622 MISC |
| debian -- inspircd |
Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836. | 2017-04-13 | not yet calculated | CVE-2015-6674 DEBIAN CONFIRM GENTOO |
| eclipse -- jetty | The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. | 2017-04-13 | not yet calculated | CVE-2016-4800 MLIST MISC BID MISC |
| ember.js -- ember.js |
Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML. | 2017-04-13 | not yet calculated | CVE-2015-7565 CONFIRM CONFIRM |
| eyesofnetwork -- eyesofnetwork |
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter in module/monitoring_ged/ged_functions.php or the (5) type parameter in monitoring_ged/ajax.php. | 2017-04-11 | not yet calculated | CVE-2017-6088 MLIST BID |
| f5 -- big-ip_apm | The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector. | 2017-04-11 | not yet calculated | CVE-2016-7467 BID CONFIRM |
| feh -- feh |
In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free. | 2017-04-14 | not yet calculated | CVE-2017-7875 CONFIRM CONFIRM |
| ffmpeg -- ffmpeg |
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | 2017-04-14 | not yet calculated | CVE-2017-7863 MISC MISC |
| ffmpeg -- ffmpeg |
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | 2017-04-14 | not yet calculated | CVE-2017-7866 MISC MISC |
| ffmpeg -- ffmpeg |
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | 2017-04-14 | not yet calculated | CVE-2017-7865 MISC MISC |
| ffmpeg -- ffmpeg |
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. | 2017-04-14 | not yet calculated | CVE-2017-7862 MISC MISC |
| ffmpeg -- ffmpeg |
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | 2017-04-14 | not yet calculated | CVE-2017-7859 MISC |
| firejail -- firejail |
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. | 2017-04-13 | not yet calculated | CVE-2016-10121 MLIST MLIST |
| firejail -- firejail |
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. | 2017-04-13 | not yet calculated | CVE-2016-10123 MLIST MLIST |
| firejail -- firejail |
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /. | 2017-04-13 | not yet calculated | CVE-2016-10118 MLIST MLIST |
| firejail -- firejail |
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. | 2017-04-13 | not yet calculated | CVE-2016-10120 MLIST MLIST |
| firejail -- firejail |
Firejail does not properly clean environment variables, which allows local users to gain privileges. | 2017-04-13 | not yet calculated | CVE-2016-10122 MLIST MLIST |
| firejail -- firejail |
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. | 2017-04-13 | not yet calculated | CVE-2016-10117 MLIST MLIST |
| firejail -- firejail |
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges. | 2017-04-13 | not yet calculated | CVE-2016-10119 MLIST MLIST |
| fiyo_cms -- fiyo_cms |
In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code. | 2017-04-10 | not yet calculated | CVE-2017-7625 BID MISC |
| flatcore -- flatcore_cms |
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations. | 2017-04-14 | not yet calculated | CVE-2017-7877 CONFIRM |
| flatcore -- flatcore_cms |
SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database. | 2017-04-14 | not yet calculated | CVE-2017-7879 CONFIRM |
| flatcore -- flatcore_cms |
SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | 2017-04-14 | not yet calculated | CVE-2017-7878 CONFIRM |
| fortimail -- fortimail |
An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker. | 2017-04-12 | not yet calculated | CVE-2017-3125 CONFIRM BID |
| foscam -- foscam_networked_devices |
Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 2017-04-10 | not yet calculated | CVE-2017-7648 MISC |
| freetype -- freetype_2 |
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | 2017-04-14 | not yet calculated | CVE-2017-7858 MISC MISC |
| freetype -- freetype_2 |
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | 2017-04-14 | not yet calculated | CVE-2017-7857 MISC MISC |
| freetype -- freetype_2 |
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | 2017-04-14 | not yet calculated | CVE-2017-7864 MISC MISC |
| freetype_project -- freetype_2 | FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. | 2017-04-14 | not yet calculated | CVE-2016-10328 MISC MISC MISC |
| game-music-emu -- game-music-emu | game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. | 2017-04-12 | not yet calculated | CVE-2016-9958 SUSE SUSE MLIST BID CONFIRM FEDORA FEDORA FEDORA FEDORA MISC |
| game-music-emu -- game-music-emu | Stack-based buffer overflow in game-music-emu before 0.6.1. | 2017-04-12 | not yet calculated | CVE-2016-9957 SUSE SUSE MLIST BID CONFIRM FEDORA FEDORA FEDORA FEDORA MISC |
| game-music-emu -- game-music-emu | game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. | 2017-04-12 | not yet calculated | CVE-2016-9959 SUSE SUSE MLIST BID CONFIRM FEDORA FEDORA FEDORA FEDORA MISC |
| ghostscript -- ghostscript |
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | 2017-04-14 | not yet calculated | CVE-2016-8602 CONFIRM MLIST MLIST BID CONFIRM CONFIRM CONFIRM |
| gnu -- a2ps |
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. | 2017-04-13 | not yet calculated | CVE-2015-8107 MLIST BID |
| gnutls -- gnutls |
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | 2017-04-14 | not yet calculated | CVE-2017-7869 MISC MISC CONFIRM |
| google -- android | mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | 2017-04-13 | not yet calculated | CVE-2014-7921 CONFIRM CONFIRM |
| google -- android | mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. | 2017-04-13 | not yet calculated | CVE-2014-7920 CONFIRM CONFIRM |
| google -- android | HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | 2017-04-13 | not yet calculated | CVE-2016-1155 MISC JVN |
| google -- android_kernel | Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. | 2017-04-12 | not yet calculated | CVE-2016-5856 SECTRACK CONFIRM CONFIRM |
| google -- chrome | A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | 2017-04-11 | not yet calculated | CVE-2013-6647 CONFIRM |
| google -- chrome | Google Chrome caches TLS sessions before certificate validation occurs. | 2017-04-13 | not yet calculated | CVE-2013-6662 CONFIRM |
| google -- grpc | Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. | 2017-04-14 | not yet calculated | CVE-2017-7861 MISC MISC |
| google -- grpc | Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. | 2017-04-14 | not yet calculated | CVE-2017-7860 MISC MISC |
| hipchat -- server |
Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file. | 2017-04-14 | not yet calculated | CVE-2017-7357 BUGTRAQ CONFIRM CONFIRM |
| huawei -- p7 |
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver. | 2017-04-13 | not yet calculated | CVE-2015-7740 CONFIRM |
| huawei -- p7 |
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver. | 2017-04-13 | not yet calculated | CVE-2015-8223 CONFIRM |
| i-o_data -- rock_disk |
Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-4713. | 2017-04-13 | not yet calculated | CVE-2014-3887 CONFIRM JVN |
| ibm -- financial_transition_manager | IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293. | 2017-04-14 | not yet calculated | CVE-2017-1152 CONFIRM |
| ibm -- platform_lsf | IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741. | 2017-04-14 | not yet calculated | CVE-2017-1205 MISC |
| ibm -- tivoli | IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118540. | 2017-04-14 | not yet calculated | CVE-2016-8927 CONFIRM |
| ibm -- tivoli |
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539. | 2017-04-14 | not yet calculated | CVE-2016-8926 CONFIRM |
| ibm -- tivoli |
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538. | 2017-04-14 | not yet calculated | CVE-2016-8925 CONFIRM |
| icu_project -- icu |
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. | 2017-04-14 | not yet calculated | CVE-2017-7867 MISC MISC |
| icu_project -- icu |
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. | 2017-04-14 | not yet calculated | CVE-2017-7868 MISC MISC |
| imagemagick -- imagemagick |
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. | 2017-04-11 | not yet calculated | CVE-2014-9837 MISC MLIST CONFIRM |
| imagemagick -- imagemagick |
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash). | 2017-04-11 | not yet calculated | CVE-2014-8716 MISC BID CONFIRM |
| imagemagick -- imagemagick |
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | 2017-04-11 | not yet calculated | CVE-2014-8354 MISC BID CONFIRM MISC |
| imagemagick -- imagemagick |
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | 2017-04-11 | not yet calculated | CVE-2014-8562 BID CONFIRM MISC MISC |
| imagemagick -- imagemagick |
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). | 2017-04-11 | not yet calculated | CVE-2014-8355 MISC BID CONFIRM MISC |
| inspircd -- inspircd |
InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop). | 2017-04-13 | not yet calculated | CVE-2012-6697 DEBIAN CONFIRM CONFIRM GENTOO |
| intellinet_network -- nfc-30ir_IP_camera |
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization. | 2017-04-11 | not yet calculated | CVE-2017-7461 EXPLOIT-DB |
| intellinet_network -- nfc-30ir_IP_camera |
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | 2017-04-11 | not yet calculated | CVE-2017-7462 EXPLOIT-DB |
| ivywe -- ivywe | Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-04-14 | not yet calculated | CVE-2016-4875 JVN JVNDB BID CONFIRM CONFIRM |
| jackson-dataformat-xml -- jackson-dataformat-xml | XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. | 2017-04-14 | not yet calculated | CVE-2016-7051 CONFIRM |
| joomla -- joomla |
The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability). | 2017-04-12 | not yet calculated | CVE-2017-7628 MISC MISC MISC |
| joomla -- joomla |
The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method). | 2017-04-12 | not yet calculated | CVE-2017-7626 MISC MISC MISC |
| joomla -- joomla |
The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check). | 2017-04-12 | not yet calculated | CVE-2017-7627 MISC MISC |
| kancolleviewer -- kancolleviewer |
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic. | 2017-04-13 | not yet calculated | CVE-2015-2947 CONFIRM JVN |
| kony -- enterprise_mobile_management |
Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request. | 2017-04-11 | not yet calculated | CVE-2017-5672 MISC |
| ktools.net -- photostore | SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action. | 2017-04-12 | not yet calculated | CVE-2016-4337 MISC EXPLOIT-DB |
| lenovo_group -- lenovo_customer_care_software_development_ kit |
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges. | 2017-04-10 | not yet calculated | CVE-2016-8235 BID CONFIRM |
| lenovo_group -- lenovo_updates |
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code. | 2017-04-10 | not yet calculated | CVE-2016-8237 BID CONFIRM |
| libdwarf -- libdwarf |
dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name. | 2017-04-10 | not yet calculated | CVE-2016-5041 MLIST MLIST CONFIRM |
| libreoffice_project -- libreoffice | LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | 2017-04-14 | not yet calculated | CVE-2016-10327 MISC MISC |
| libreoffice_project -- libreoffice |
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | 2017-04-14 | not yet calculated | CVE-2017-7856 MISC MISC |
| libreoffice_project -- libreoffice |
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | 2017-04-15 | not yet calculated | CVE-2017-7882 MISC MISC |
| libreoffice_project -- libreoffice |
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | 2017-04-14 | not yet calculated | CVE-2017-7870 MISC MISC |
| libsamplerate -- libsamplerate |
In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. | 2017-04-11 | not yet calculated | CVE-2017-7697 BID CONFIRM |
| libsndfile -- libsndfile |
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 2017-04-12 | not yet calculated | CVE-2017-7741 MISC MISC |
| libsndfile -- libsndfile |
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 2017-04-12 | not yet calculated | CVE-2017-7742 MISC MISC |
| libtiff -- libtiff | The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 2017-04-11 | not yet calculated | CVE-2016-5322 DEBIAN MLIST BID BID CONFIRM GENTOO |
| libxml2 -- libxml2 | The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627. | 2017-04-11 | not yet calculated | CVE-2016-4483 DEBIAN MLIST MLIST MLIST MLIST CONFIRM BID CONFIRM CONFIRM |
| linux -- linux_kernel |
udevd in udev 232, when the Linux kernel 4.8.0 is used, does not properly verify the source of a Netlink message, which allows local users to execute arbitrary commands by leveraging access to the NETLINK_KOBJECT_UEVENT family, and the presence of the /lib/udev/rules.d/50-udev-default.rules file, to provide a crafted REMOVE_CMD value. | 2017-04-15 | not yet calculated | CVE-2017-7874 MISC |
| linux -- linux_kernel |
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. | 2017-04-11 | not yet calculated | CVE-2016-5011 REDHAT CONFIRM CONFIRM MLIST BID SECTRACK CONFIRM |
| microsoft -- .net_framework | Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0160 BID CONFIRM |
| microsoft -- edge | An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0208 BID CONFIRM |
| microsoft -- edge | A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201. | 2017-04-12 | not yet calculated | CVE-2017-0093 BID CONFIRM |
| microsoft -- edge | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0200 BID CONFIRM |
| microsoft -- edge | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "Microsoft Edge Memory Corruption Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0205 BID CONFIRM |
| microsoft -- edge |
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0203 BID CONFIRM |
| microsoft -- excel | Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft Office XSS Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0195 BID CONFIRM |
| microsoft -- excel | Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0194 BID CONFIRM |
| microsoft -- internet_explorer | A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0093. | 2017-04-12 | not yet calculated | CVE-2017-0201 BID CONFIRM |
| microsoft -- internet_explorer | An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0210 BID CONFIRM |
| microsoft -- internet_explorer |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0202 BID CONFIRM |
| microsoft -- office | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | 2017-04-12 | not yet calculated | CVE-2017-0199 BID MISC CONFIRM MISC |
| microsoft -- onenote |
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0197 BID CONFIRM |
| microsoft -- outlook | Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0106 BID CONFIRM |
| microsoft -- outlook | Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0204 BID CONFIRM |
| microsoft -- outlook |
Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0207 BID CONFIRM |
| microsoft -- windows | The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0155 BID CONFIRM |
| microsoft -- windows | A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0058 BID CONFIRM |
| microsoft -- windows | A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding, aka "Windows Denial of Service Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0191 BID CONFIRM |
| microsoft -- windows | An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system, a.k.a. "Windows Kernel Information Disclosure Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0167 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0188. | 2017-04-12 | not yet calculated | CVE-2017-0189 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when the Microsoft Graphics Component fails to properly handle objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0156 BID CONFIRM |
| microsoft -- windows | A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0189. | 2017-04-12 | not yet calculated | CVE-2017-0188 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0158 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0211 BID CONFIRM |
| microsoft -- windows | A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0164 BID CONFIRM |
| microsoft -- windows | The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially crafted document or an untrusted website, aka "ATMFD.dll Information Disclosure Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0192 BID CONFIRM |
| microsoft -- windows | A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0159 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0166 BID CONFIRM |
| microsoft -- windows | An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability." | 2017-04-12 | not yet calculated | CVE-2017-0165 BID CONFIRM |
| microsoft -- windows_hyper-v | A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0185, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0184 BID CONFIRM |
| microsoft -- windows_hyper-v | An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0168. | 2017-04-12 | not yet calculated | CVE-2017-0169 BID CONFIRM |
| microsoft -- windows_hyper-v | A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0179 BID CONFIRM |
| microsoft -- windows_hyper-v | A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0178 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0183 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch | An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0169. | 2017-04-12 | not yet calculated | CVE-2017-0168 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch | A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0180, and CVE-2017-0181. | 2017-04-12 | not yet calculated | CVE-2017-0163 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch | A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0163, CVE-2017-0180, and CVE-2017-0181. | 2017-04-12 | not yet calculated | CVE-2017-0162 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0182 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0185. | 2017-04-12 | not yet calculated | CVE-2017-0186 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0186. | 2017-04-12 | not yet calculated | CVE-2017-0185 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0181. | 2017-04-12 | not yet calculated | CVE-2017-0180 BID CONFIRM |
| microsoft -- windows_hyper-v_network_switch |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0180. | 2017-04-12 | not yet calculated | CVE-2017-0181 BID CONFIRM |
| mod_cluster -- mod_cluster | Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. | 2017-04-12 | not yet calculated | CVE-2016-4459 REDHAT REDHAT REDHAT REDHAT BID REDHAT REDHAT CONFIRM |
| mongodb -- mongod | mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database. | 2017-04-14 | not yet calculated | CVE-2016-3104 BID CONFIRM CONFIRM |
| moxa -- awk-3131a_wireless_access_point | An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response. | 2017-04-13 | not yet calculated | CVE-2016-8720 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. | 2017-04-13 | not yet calculated | CVE-2016-8725 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web server. | 2017-04-13 | not yet calculated | CVE-2016-8726 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a multitude of potentially unexpected HTTP get requests to trigger this vulnerability. | 2017-04-13 | not yet calculated | CVE-2016-8723 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. | 2017-04-13 | not yet calculated | CVE-2016-8724 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. | 2017-04-13 | not yet calculated | CVE-2016-8727 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. | 2017-04-13 | not yet calculated | CVE-2016-8722 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request. | 2017-04-12 | not yet calculated | CVE-2016-8718 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim. | 2017-04-12 | not yet calculated | CVE-2016-8719 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials. | 2017-04-12 | not yet calculated | CVE-2016-8716 MISC |
| moxa -- awk-3131a_wireless_access_point | An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. | 2017-04-13 | not yet calculated | CVE-2016-8712 MISC |
| moxa -- mx-aopc_server |
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure. | 2017-04-14 | not yet calculated | CVE-2017-7457 MISC FULLDISC |
| moxa -- mxview |
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. | 2017-04-14 | not yet calculated | CVE-2017-7455 MISC MISC FULLDISC |
| moxa -- mxview |
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. | 2017-04-14 | not yet calculated | CVE-2017-7456 MISC FULLDISC |
| mozilla_project -- bugzilla |
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML. | 2017-04-12 | not yet calculated | CVE-2016-2803 MISC BUGTRAQ SECTRACK CONFIRM |
| netapp -- oncommand |
NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | 2017-04-10 | not yet calculated | CVE-2017-7345 BID CONFIRM |
| nettle -- nettle | The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. | 2017-04-14 | not yet calculated | CVE-2016-6489 REDHAT MLIST UBUNTU CONFIRM MISC CONFIRM |
| netty -- netty | handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). | 2017-04-13 | not yet calculated | CVE-2016-4970 CONFIRM CONFIRM BID CONFIRM CONFIRM CONFIRM |
| novastor -- novabackup_datacenter | The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | 2017-04-13 | not yet calculated | CVE-2016-4898 CONFIRM |
| novastor -- novabackup_datacenter | The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | 2017-04-13 | not yet calculated | CVE-2016-4899 CONFIRM |
| oliver -- oliver |
Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php). | 2017-04-13 | not yet calculated | CVE-2014-2710 MISC FULLDISC BUGTRAQ |
| openssh -- openssh |
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | 2017-04-11 | not yet calculated | CVE-2016-1908 MLIST CONFIRM BID CONFIRM CONFIRM |
| openstack -- nova-lxd |
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions. | 2017-04-12 | not yet calculated | CVE-2017-5936 MLIST BID UBUNTU CONFIRM CONFIRM |
| osip -- osip | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. | 2017-04-13 | not yet calculated | CVE-2016-10326 CONFIRM |
| osip -- osip | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c. | 2017-04-13 | not yet calculated | CVE-2016-10324 BID CONFIRM |
| osip -- osip | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS. | 2017-04-13 | not yet calculated | CVE-2016-10325 CONFIRM |
| osip -- osip |
In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS. | 2017-04-13 | not yet calculated | CVE-2017-7853 CONFIRM |
| palo_alto_networks -- pan-os |
The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | 2017-04-14 | not yet calculated | CVE-2017-7217 CONFIRM |
| palo_alto_networks -- pan-os |
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 2017-04-14 | not yet calculated | CVE-2017-7218 CONFIRM |
| palo_alto_networks -- traps_esm_console |
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | 2017-04-14 | not yet calculated | CVE-2017-7408 BID CONFIRM CONFIRM |
| ping_identity --openid-connect |
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request. | 2017-04-12 | not yet calculated | CVE-2017-6059 MLIST BID CONFIRM MISC CONFIRM |
| pivotal -- cloud_foundry | SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2017-04-11 | not yet calculated | CVE-2016-4468 MLIST CONFIRM |
| proxifier -- proxifier |
Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program. | 2017-04-14 | not yet calculated | CVE-2017-7643 FULLDISC MISC |
| proxifier -- proxifier |
Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program. | 2017-04-14 | not yet calculated | CVE-2017-7690 MISC |
| pulp -- pulp | Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner. | 2017-04-13 | not yet calculated | CVE-2016-3106 MLIST MLIST CONFIRM CONFIRM |
| qemu_project -- qemu |
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | 2017-04-11 | not yet calculated | CVE-2015-8504 CONFIRM MLIST BID CONFIRM |
| qemu_project -- qemu |
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | 2017-04-13 | not yet calculated | CVE-2015-8567 FEDORA FEDORA FEDORA FEDORA SUSE SUSE SUSE SUSE SUSE SUSE SUSE SUSE DEBIAN MLIST BID UBUNTU MLIST GENTOO |
| qemu_project -- qemu |
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 2017-04-13 | not yet calculated | CVE-2015-8345 MLIST BID MLIST |
| qemu_project -- qemu |
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | 2017-04-13 | not yet calculated | CVE-2015-8619 MLIST BID MLIST |
| qemu_project -- qemu |
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 2017-04-11 | not yet calculated | CVE-2015-8613 MLIST BID CONFIRM MLIST |
| qemu_project -- qemu |
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator. | 2017-04-11 | not yet calculated | CVE-2015-8666 CONFIRM MLIST BID CONFIRM |
| qemu_project -- qemu |
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | 2017-04-10 | not yet calculated | CVE-2017-7377 CONFIRM MLIST BID CONFIRM MLIST |
| qemu_project -- qemu |
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | 2017-04-11 | not yet calculated | CVE-2015-8568 MLIST BID CONFIRM MLIST |
| quest -- priviledge_manager |
pmmasterd in Quest Privilege Manager 6.0.0-27 and 6.0.0-50 allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action. | 2017-04-14 | not yet calculated | CVE-2017-6554 MISC EXPLOIT-DB |
| radare -- radare2 |
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | 2017-04-13 | not yet calculated | CVE-2017-7854 CONFIRM CONFIRM |
| radare -- radare2 |
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | 2017-04-12 | not yet calculated | CVE-2017-7716 CONFIRM |
| red_hat -- quickstart_cloud_installer | The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the display. | 2017-04-14 | not yet calculated | CVE-2016-7060 REDHAT CONFIRM |
| red_hat -- red_hat_satellite_5 | Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags. | 2017-04-13 | not yet calculated | CVE-2016-2104 REDHAT CONFIRM CONFIRM |
| resteasy -- resteasy | JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack. | 2017-04-12 | not yet calculated | CVE-2016-6348 CONFIRM |
| roundcube -- webmail | Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864. | 2017-04-13 | not yet calculated | CVE-2016-4068 SUSE SUSE SUSE CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| roundcube -- webmail |
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. | 2017-04-13 | not yet calculated | CVE-2015-8864 SUSE SUSE SUSE CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| rtmpdump -- rtmpdump |
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash). | 2017-04-13 | not yet calculated | CVE-2015-8270 BID MISC |
| rtmpdump -- rtmpdump |
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code. | 2017-04-13 | not yet calculated | CVE-2015-8271 BID MISC |
| rtmpdump -- rtmpdump |
RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). | 2017-04-13 | not yet calculated | CVE-2015-8272 BID MISC |
| saltstack -- saltstack |
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | 2017-04-13 | not yet calculated | CVE-2015-1839 FEDORA CONFIRM CONFIRM CONFIRM CONFIRM |
| saltstack -- saltstack |
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | 2017-04-13 | not yet calculated | CVE-2015-1838 FEDORA CONFIRM CONFIRM CONFIRM |
| samsung -- galaxy | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301. | 2017-04-13 | not yet calculated | CVE-2016-4032 MISC |
| samsung -- galaxy | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301. | 2017-04-13 | not yet calculated | CVE-2016-4030 MISC |
| samsung -- galaxy | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301. | 2017-04-13 | not yet calculated | CVE-2016-4031 MISC |
| samsung -- galaxy_s6 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081. | 2017-04-13 | not yet calculated | CVE-2016-2565 MISC |
| samsung -- galaxy_s6 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. | 2017-04-13 | not yet calculated | CVE-2016-2566 MISC |
| samsung -- galaxy_s6 |
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. | 2017-04-11 | not yet calculated | CVE-2015-7893 MISC BID CONFIRM MISC EXPLOIT-DB |
| samsung -- samsung | Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. | 2017-04-13 | not yet calculated | CVE-2015-8780 MISC |
| samsung -- samsung_kernel | secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL. | 2017-04-13 | not yet calculated | CVE-2016-2567 MISC |
| samsung -- samsung_kernel | The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036. | 2017-04-13 | not yet calculated | CVE-2016-2036 MISC |
| sap -- business_intelligence_platform | SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL query. The vendor response is SAP Security Note 2361633. | 2017-04-13 | not yet calculated | CVE-2016-6818 MISC |
| sap -- business_warehouse_accelerator |
A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. | 2017-04-11 | not yet calculated | CVE-2017-7691 BID CONFIRM |
| sap -- hana | SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | 2017-04-13 | not yet calculated | CVE-2016-6143 BID MISC MISC |
| sap -- netweaver_as_java |
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. | 2017-04-14 | not yet calculated | CVE-2017-7717 MISC |
| sap -- netweaver |
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | 2017-04-10 | not yet calculated | CVE-2016-10311 MISC |
| sap -- sap_as_java |
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | 2017-04-14 | not yet calculated | CVE-2017-7696 MISC |
| schneider_electric -- homelynk_controller |
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. | 2017-04-11 | not yet calculated | CVE-2017-7689 CONFIRM BID MISC |
| scm_plug-in -- scm_plug-in | The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | 2017-04-14 | not yet calculated | CVE-2016-6299 MLIST BID CONFIRM FEDORA FEDORA FEDORA |
| seawell_networks -- spectrum |
Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00. | 2017-04-13 | not yet calculated | CVE-2015-8283 MISC FULLDISC EXPLOIT-DB |
| seawell_networks -- spectrum |
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | 2017-04-13 | not yet calculated | CVE-2015-8284 MISC FULLDISC EXPLOIT-DB |
| seawell_networks -- spectrum |
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account. | 2017-04-13 | not yet calculated | CVE-2015-8282 MISC FULLDISC EXPLOIT-DB |
| setroubleshoot -- setroubleshoot | The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function. | 2017-04-11 | not yet calculated | CVE-2016-4445 MLIST BID SECTRACK CONFIRM CONFIRM REDHAT |
| setroubleshoot -- setroubleshoot | The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function. | 2017-04-11 | not yet calculated | CVE-2016-4444 MLIST BID SECTRACK REDHAT CONFIRM CONFIRM REDHAT |
| setroubleshoot -- setroubleshoot | The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function. | 2017-04-11 | not yet calculated | CVE-2016-4446 MLIST BID SECTRACK REDHAT CONFIRM CONFIRM REDHAT |
| setroubleshoot -- setroubleshoot | setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445. | 2017-04-11 | not yet calculated | CVE-2016-4989 MLIST SECTRACK REDHAT CONFIRM CONFIRM CONFIRM REDHAT |
| setucocms -- setucocms | SetucoCMS allows remote attackers to alter or disclose information, related to session information. | 2017-04-12 | not yet calculated | CVE-2016-4896 JVN JVNDB BID |
| setucocms -- setucocms | SetucoCMS allows remote attackers to cause a denial of service. | 2017-04-12 | not yet calculated | CVE-2016-4894 JVN JVNDB BID |
| setucocms -- setucocms | SetucoCMS allows remote authenticated users to execute arbitrary code. | 2017-04-12 | not yet calculated | CVE-2016-4895 JVN JVNDB BID |
| setucocms -- setucocms | Cross-site request forgery (CSRF) vulnerability in SetucoCMS. | 2017-04-12 | not yet calculated | CVE-2016-4891 JVN JVNDB BID |
| setucocms -- setucocms | SQL injection vulnerability in SetucoCMS. | 2017-04-12 | not yet calculated | CVE-2016-4893 JVN JVNDB BID |
| setucocms -- setucocms | Cross-site scripting (XSS) vulnerability in SetucoCMS. | 2017-04-12 | not yet calculated | CVE-2016-4892 JVN JVNDB BID |
| skia -- skia |
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). | 2017-04-13 | not yet calculated | CVE-2013-6648 CONFIRM CONFIRM |
| solarwinds -- log_and_event_manager | SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. | 2017-04-10 | not yet calculated | CVE-2017-7646 CONFIRM |
| solarwinds -- log_and_event_manager | SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. | 2017-04-10 | not yet calculated | CVE-2017-7647 CONFIRM |
| solarwinds -- log_and_event_manager | In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell. | 2017-04-12 | not yet calculated | CVE-2017-7722 MISC MISC |
| sony -- cameras | SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. This may allow an attacker on the same local network segment to login to the device with administrative privileges and perform operations on the device. | 2017-04-13 | not yet calculated | CVE-2016-7834 JVN CONFIRM |
| splunk -- enterprise |
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage. | 2017-04-10 | not yet calculated | CVE-2017-5607 MISC FULLDISC BUGTRAQ BID BID SECTRACK EXPLOIT-DB CONFIRM |
| squashfs -- unsquash |
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. | 2017-04-13 | not yet calculated | CVE-2015-4646 MLIST BID |
| sudo -- sudo | sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function. | 2017-04-14 | not yet calculated | CVE-2016-7032 BID CONFIRM CONFIRM |
| symantec -- multiple_products |
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression. | 2017-04-14 | not yet calculated | CVE-2016-5309 BID SECTRACK SECTRACK SECTRACK SECTRACK MISC EXPLOIT-DB CONFIRM |
| symantec -- multiple_products |
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression. | 2017-04-14 | not yet calculated | CVE-2016-5310 BID SECTRACK SECTRACK SECTRACK SECTRACK MISC EXPLOIT-DB CONFIRM |
| symantec -- symantec_messaging_gateway | Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream. | 2017-04-14 | not yet calculated | CVE-2016-5312 MISC FULLDISC BID SECTRACK CONFIRM EXPLOIT-DB |
| symantec -- symantec_web_gateway | Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands. | 2017-04-12 | not yet calculated | CVE-2016-5313 MISC FULLDISC BID SECTRACK CONFIRM |
| symphony -- symphony_cms |
Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor. | 2017-04-11 | not yet calculated | CVE-2017-7694 MISC BID MISC MISC |
| synology -- photo_station | Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | 2017-04-10 | not yet calculated | CVE-2016-10322 MISC MISC |
| synology -- photo_station | Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | 2017-04-10 | not yet calculated | CVE-2016-10323 MISC MISC |
| teampass -- teampass | Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php. | 2017-04-12 | not yet calculated | CVE-2015-7564 CONFIRM EXPLOIT-DB |
| teampass -- teampass | Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user. | 2017-04-12 | not yet calculated | CVE-2015-7563 MISC EXPLOIT-DB |
| teampass -- teampass | Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role. | 2017-04-12 | not yet calculated | CVE-2015-7562 CONFIRM EXPLOIT-DB |
| trend_micro -- threat_discovery_appliance | A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. | 2017-04-12 | not yet calculated | CVE-2016-7547 BID MISC |
| trend_micro -- threat_discovery_appliance | On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. | 2017-04-12 | not yet calculated | CVE-2016-7552 BID MISC |
| trollpierre/tdm -- trollpierre/tdm |
trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in tdm-master/webhook.php (challenge parameter). | 2017-04-14 | not yet calculated | CVE-2017-7871 CONFIRM CONFIRM |
| ubuntu -- ubuntu |
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup. | 2017-04-14 | not yet calculated | CVE-2016-0727 MISC BID SECTRACK UBUNTU CONFIRM CONFIRM |
| umbraco -- umbraco |
The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter. | 2017-04-13 | not yet calculated | CVE-2012-1301 BUGTRAQ BID MISC |
| unisys -- s-par |
Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. | 2017-04-11 | not yet calculated | CVE-2017-5873 CONFIRM |
| unitrends -- enterprise_backup |
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login. | 2017-04-12 | not yet calculated | CVE-2017-7279 MISC |
| unitrends -- enterprise_backup |
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload. | 2017-04-12 | not yet calculated | CVE-2017-7281 MISC |
| unitrends -- enterprise_backup |
An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. This allows for an account takeover. | 2017-04-12 | not yet calculated | CVE-2017-7284 MISC |
| unitrends -- enterprise_backup |
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable. | 2017-04-12 | not yet calculated | CVE-2017-7280 MISC |
| vtiger -- vtiger_crm |
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000. | 2017-04-14 | not yet calculated | CVE-2016-1713 MISC MLIST MLIST |
| webmin -- usermin | Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690. | 2017-04-12 | not yet calculated | CVE-2016-4897 JVN JVNDB BID |
| wireshark -- wireshark | In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector. | 2017-04-12 | not yet calculated | CVE-2016-7958 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark | In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings. | 2017-04-12 | not yet calculated | CVE-2016-7957 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation. | 2017-04-12 | not yet calculated | CVE-2017-7702 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset. | 2017-04-12 | not yet calculated | CVE-2017-7705 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type. | 2017-04-12 | not yet calculated | CVE-2017-7701 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size. | 2017-04-12 | not yet calculated | CVE-2017-7700 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly. | 2017-04-12 | not yet calculated | CVE-2017-7703 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check. | 2017-04-12 | not yet calculated | CVE-2017-7745 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value. | 2017-04-12 | not yet calculated | CVE-2017-7704 BID CONFIRM CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree. | 2017-04-12 | not yet calculated | CVE-2017-7747 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check. | 2017-04-12 | not yet calculated | CVE-2017-7748 BID CONFIRM CONFIRM CONFIRM |
| wireshark -- wireshark |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length. | 2017-04-12 | not yet calculated | CVE-2017-7746 BID CONFIRM CONFIRM CONFIRM |
| wolf_cms -- wolf_cms |
Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. Exploitation requires a registered user who has access to upload functionality. | 2017-04-14 | not yet calculated | CVE-2015-6568 MISC MISC MISC CONFIRM CONFIRM |
| wolf_cms -- wolf_cms |
Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality. | 2017-04-14 | not yet calculated | CVE-2015-6567 MISC MISC MISC CONFIRM CONFIRM |
| wordpress -- wordpress |
SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | 2017-04-12 | not yet calculated | CVE-2017-7719 MISC |
| zoho -- manageengine_servicedesk_plus | Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceDesk Plus before 9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-04-14 | not yet calculated | CVE-2016-4888 JVN JVNDB BID |
| zoho -- manageengine_servicedesk_plus | ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. | 2017-04-14 | not yet calculated | CVE-2016-4889 JVN JVNDB BID |
| zoho -- manageengine_servicedesk_plus | ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method for generationg cookies, which makes it easier for attackers to obtain sensitive password information by leveraging access to a cookie. | 2017-04-14 | not yet calculated | CVE-2016-4890 JVN JVNDB BID |
| zurmo -- zurmo |
Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. | 2017-04-14 | not yet calculated | CVE-2017-7188 MISC MISC |
-출처: [US-CERT: Bulletin(SB17-107)] 2017년 4월 10일까지 발표된 보안 취약점
'IT 와 Social 이야기' 카테고리의 다른 글
| [NIA] 지능정보사회의 새로운 과제와 대응 방안 (0) | 2017.04.20 |
|---|---|
| [NIA] 인공지능 Kill Switch 관련 해외 동향 (0) | 2017.04.20 |
| [김태훈] DNC - Differentiable Neural Computer (0) | 2017.04.14 |
| [김태훈] 강화 학습 기초 Reinforcement Learning an introduction (0) | 2017.04.14 |
| [김태훈] 지적 대화를 위한 깊고 넓은 딥러닝 Deep Learning (0) | 2017.04.14 |
