***출처: [US-CERT: Bulletin(SB17-303)] 2017년 10월 23일까지 발표된 보안 취약점
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function. | 2017-10-22 | 7.8 | CVE-2017-7086 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. | 2017-10-22 | 7.5 | CVE-2017-7103 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. | 2017-10-22 | 10.0 | CVE-2017-7105 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. | 2017-10-22 | 10.0 | CVE-2017-7108 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. | 2017-10-22 | 10.0 | CVE-2017-7110 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. | 2017-10-22 | 10.0 | CVE-2017-7112 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-10-22 | 9.3 | CVE-2017-7114 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic that leverages a race condition. | 2017-10-22 | 9.3 | CVE-2017-7115 BID SECTRACK MISC CONFIRM CONFIRM EXPLOIT-DB |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-10-22 | 9.3 | CVE-2017-7127 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7128 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7129 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7130 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account. | 2017-10-22 | 7.1 | CVE-2017-7088 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2017-10-22 | 9.3 | CVE-2017-7077 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7121 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7122 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7123 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7124 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7125 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-10-22 | 7.5 | CVE-2017-7126 BID SECTRACK CONFIRM |
| gnu -- glibc | The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | 2017-10-20 | 7.5 | CVE-2017-15670 BID CONFIRM |
| gnu -- glibc | The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. | 2017-10-22 | 7.5 | CVE-2017-15804 BID CONFIRM CONFIRM |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- derby | In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file. | 2017-10-23 | 5.0 | CVE-2010-2232 CONFIRM BID CONFIRM |
| apple -- apple_support | An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the "Analytics" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe Marketing Cloud server operated for Apple, as demonstrated by information about the installation date and time. | 2017-10-22 | 5.0 | CVE-2017-7147 BID CONFIRM MISC |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a revoked X.509 certificate. | 2017-10-22 | 5.0 | CVE-2017-7080 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7081 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers to cause a denial of service. | 2017-10-22 | 4.0 | CVE-2017-7083 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7087 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing. | 2017-10-22 | 4.3 | CVE-2017-7089 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme. | 2017-10-22 | 5.0 | CVE-2017-7090 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7091 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7092 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7093 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7094 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7095 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7096 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7098 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7099 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7100 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7102 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7104 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7107 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy. | 2017-10-22 | 4.3 | CVE-2017-7109 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7111 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic. | 2017-10-22 | 5.0 | CVE-2017-7116 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7117 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- apple_tv | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2017-10-22 | 6.8 | CVE-2017-7120 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- icloud | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar. | 2017-10-22 | 4.3 | CVE-2017-7106 BID SECTRACK SECTRACK CONFIRM CONFIRM CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file. | 2017-10-22 | 4.3 | CVE-2017-7072 BID SECTRACK CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions. | 2017-10-22 | 5.0 | CVE-2017-7078 BID SECTRACK CONFIRM CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. | 2017-10-22 | 4.3 | CVE-2017-7097 BID SECTRACK CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image. | 2017-10-22 | 4.3 | CVE-2017-7118 BID SECTRACK CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app. | 2017-10-22 | 4.3 | CVE-2017-7131 BID CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. | 2017-10-22 | 5.0 | CVE-2017-7133 BID SECTRACK CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Keyboard Suggestions" component. It allows attackers to obtain sensitive information by reading keyboard autocorrect suggestions. | 2017-10-22 | 5.0 | CVE-2017-7140 BID CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Time" component. The "Setting Time Zone" feature mishandles the possibility of using location data. | 2017-10-22 | 5.0 | CVE-2017-7145 BID CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling. | 2017-10-22 | 5.0 | CVE-2017-7146 BID CONFIRM |
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Location Framework" component. It allows attackers to obtain sensitive location information via a crafted app that reads the location variable. | 2017-10-22 | 4.3 | CVE-2017-7148 BID CONFIRM |
| apple -- itunes | An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app. | 2017-10-22 | 4.3 | CVE-2017-7079 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app. | 2017-10-22 | 4.3 | CVE-2017-7074 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | 2017-10-22 | 6.8 | CVE-2017-7076 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Application Firewall" component. It allows remote attackers to bypass intended settings in opportunistic circumstances by leveraging incorrect handling of a denied setting after an upgrade. | 2017-10-22 | 4.3 | CVE-2017-7084 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | 2017-10-22 | 4.3 | CVE-2017-7119 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via an HTML email message. | 2017-10-22 | 5.0 | CVE-2017-7141 BID SECTRACK CONFIRM |
| apple -- safari | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar. | 2017-10-22 | 4.3 | CVE-2017-7085 BID SECTRACK SECTRACK CONFIRM CONFIRM |
| apple -- safari | An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites. | 2017-10-22 | 5.0 | CVE-2017-7142 BID SECTRACK CONFIRM |
| apple -- safari | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling. | 2017-10-22 | 4.3 | CVE-2017-7144 BID SECTRACK SECTRACK CONFIRM CONFIRM |
| apple -- xcode | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | 2017-10-22 | 6.8 | CVE-2017-7134 BID SECTRACK CONFIRM |
| apple -- xcode | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | 2017-10-22 | 6.8 | CVE-2017-7135 BID SECTRACK CONFIRM |
| apple -- xcode | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | 2017-10-22 | 6.8 | CVE-2017-7136 BID SECTRACK CONFIRM |
| apple -- xcode | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | 2017-10-22 | 6.8 | CVE-2017-7137 BID SECTRACK CONFIRM |
| foxitsoftware -- foxit_reader | Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to "Data from Faulting Address controls subsequent Write Address starting at frdvpr_drv!DrvQueryDriverInfo+0x000000000002c851." | 2017-10-22 | 6.8 | CVE-2017-15770 BID MISC |
| foxitsoftware -- foxit_reader | Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to "Data from Faulting Address controls subsequent Write Address starting at msvcrt!memmove+0x0000000000000158." | 2017-10-22 | 6.8 | CVE-2017-15771 BID MISC |
| gnu -- glibc | The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | 2017-10-20 | 4.3 | CVE-2017-15671 BID CONFIRM |
| ibm -- daeja_viewone | IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could allow an unauthenticated attacker to inject data into log files made to look legitimate. IBM X-Force ID: 123850. | 2017-10-24 | 5.0 | CVE-2017-1210 CONFIRM MISC |
| ibm -- daeja_viewone | IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852. | 2017-10-24 | 4.3 | CVE-2017-1212 CONFIRM MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009ae0." | 2017-10-22 | 6.8 | CVE-2017-15750 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39." | 2017-10-22 | 6.8 | CVE-2017-15751 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d6b0." | 2017-10-22 | 6.8 | CVE-2017-15752 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029c2." | 2017-10-22 | 6.8 | CVE-2017-15753 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000013968." | 2017-10-22 | 6.8 | CVE-2017-15754 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091." | 2017-10-22 | 6.8 | CVE-2017-15755 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d7c4." | 2017-10-22 | 6.8 | CVE-2017-15756 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029ba." | 2017-10-22 | 6.8 | CVE-2017-15757 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b." | 2017-10-22 | 6.8 | CVE-2017-15758 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3." | 2017-10-22 | 6.8 | CVE-2017-15759 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ce82." | 2017-10-22 | 6.8 | CVE-2017-15760 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ecaa." | 2017-10-22 | 6.8 | CVE-2017-15761 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f31b." | 2017-10-22 | 6.8 | CVE-2017-15762 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001eca0." | 2017-10-22 | 6.8 | CVE-2017-15763 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001e6b0." | 2017-10-22 | 6.8 | CVE-2017-15764 MISC |
| irfanview -- babacad4image | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f0a0." | 2017-10-22 | 6.8 | CVE-2017-15766 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f." | 2017-10-22 | 6.8 | CVE-2017-15737 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8." | 2017-10-22 | 6.8 | CVE-2017-15738 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5." | 2017-10-22 | 6.8 | CVE-2017-15739 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e." | 2017-10-22 | 6.8 | CVE-2017-15740 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378." | 2017-10-22 | 6.8 | CVE-2017-15741 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d2328." | 2017-10-22 | 6.8 | CVE-2017-15742 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADIMAGE+0x00000000003d24a0." | 2017-10-22 | 6.8 | CVE-2017-15743 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADIMAGE+0x00000000003d35a7." | 2017-10-22 | 6.8 | CVE-2017-15744 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000002ca2e." | 2017-10-22 | 6.8 | CVE-2017-15745 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000003d21b3." | 2017-10-22 | 6.8 | CVE-2017-15746 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad." | 2017-10-22 | 6.8 | CVE-2017-15747 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADIMAGE+0x000000000000613a." | 2017-10-22 | 6.8 | CVE-2017-15748 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000000348b9." | 2017-10-22 | 6.8 | CVE-2017-15749 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at CADIMAGE+0x00000000003e9462." | 2017-10-22 | 6.8 | CVE-2017-15765 MISC |
| irfanview -- cadimage | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADIMAGE+0x00000000003d5b52." | 2017-10-22 | 6.8 | CVE-2017-15767 MISC |
| irfanview -- irfanview | IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch Selection starting at image000007f7_42060000+0x0000000000094113." | 2017-10-22 | 6.8 | CVE-2017-15768 MISC |
| irfanview -- irfanview | IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W+0x0000000000001b22." | 2017-10-22 | 6.8 | CVE-2017-15769 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpResCompareResourceNames+0x0000000000000120." | 2017-10-22 | 6.8 | CVE-2017-15790 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll!LdrpResCompareResourceNames+0x00000000000000de." | 2017-10-22 | 6.8 | CVE-2017-15791 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceTypesInternal+0x00000000000007b2." | 2017-10-22 | 6.8 | CVE-2017-15792 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls subsequent Write Address starting at ntdll!memcpy+0x00000000000000a5." | 2017-10-22 | 6.8 | CVE-2017-15793 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpResSearchResourceInsideDirectory+0x0000000000000257." | 2017-10-22 | 6.8 | CVE-2017-15794 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpSearchResourceSection_U+0x00000000000002bd." | 2017-10-22 | 6.8 | CVE-2017-15795 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpSearchResourceSection_U+0x0000000000000386." | 2017-10-22 | 6.8 | CVE-2017-15796 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation on Block Data Move starting at TOOLS!IVLoadImage_W+0x00000000000020b9." | 2017-10-22 | 6.8 | CVE-2017-15797 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceNamesInternal+0x0000000000000609." | 2017-10-22 | 6.8 | CVE-2017-15798 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceNamesInternal+0x000000000000074a." | 2017-10-22 | 6.8 | CVE-2017-15799 MISC |
| irfanview -- irfanview | IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls subsequent Write Address starting at ntdll!memcpy+0x00000000000000a0." | 2017-10-22 | 6.8 | CVE-2017-15800 MISC |
| irssi -- irssi | Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on. | 2017-10-22 | 5.0 | CVE-2017-15227 CONFIRM CONFIRM |
| irssi -- irssi | Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string. | 2017-10-22 | 5.0 | CVE-2017-15228 CONFIRM CONFIRM |
| irssi -- irssi | In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468. | 2017-10-22 | 5.0 | CVE-2017-15721 CONFIRM CONFIRM |
| irssi -- irssi | In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. | 2017-10-22 | 5.0 | CVE-2017-15722 CONFIRM CONFIRM |
| irssi -- irssi | In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. | 2017-10-22 | 5.0 | CVE-2017-15723 CONFIRM CONFIRM |
| labwiki_project -- labwiki | Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php. | 2017-10-23 | 4.3 | CVE-2011-4333 MLIST MLIST |
| labwiki_project -- labwiki | edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter. | 2017-10-23 | 6.5 | CVE-2011-4334 MLIST MLIST |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment. | 2017-10-22 | 4.3 | CVE-2017-15727 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary. | 2017-10-22 | 6.8 | CVE-2017-15729 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php. | 2017-10-22 | 6.8 | CVE-2017-15730 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php. | 2017-10-22 | 6.8 | CVE-2017-15731 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php. | 2017-10-22 | 6.8 | CVE-2017-15732 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php. | 2017-10-22 | 6.8 | CVE-2017-15733 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php. | 2017-10-22 | 6.8 | CVE-2017-15734 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary. | 2017-10-22 | 6.8 | CVE-2017-15735 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. | 2017-10-23 | 6.8 | CVE-2017-15808 CONFIRM |
| phpmyfaq -- phpmyfaq | In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag. | 2017-10-23 | 4.3 | CVE-2017-15809 CONFIRM |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285e9d." | 2017-10-22 | 6.8 | CVE-2017-15772 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285d79." | 2017-10-22 | 6.8 | CVE-2017-15773 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADImage+0x0000000000221a9a." | 2017-10-22 | 6.8 | CVE-2017-15774 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000259aa4." | 2017-10-22 | 6.8 | CVE-2017-15775 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285ec1." | 2017-10-22 | 6.8 | CVE-2017-15776 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750." | 2017-10-22 | 6.8 | CVE-2017-15777 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285de7." | 2017-10-22 | 6.8 | CVE-2017-15778 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADImage+0x00000000000034b0." | 2017-10-22 | 6.8 | CVE-2017-15779 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285dad." | 2017-10-22 | 6.8 | CVE-2017-15780 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADImage+0x0000000000286a76." | 2017-10-22 | 6.8 | CVE-2017-15781 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb." | 2017-10-22 | 6.8 | CVE-2017-15782 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1." | 2017-10-22 | 6.8 | CVE-2017-15783 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnview+0x0000000000370074." | 2017-10-22 | 6.8 | CVE-2017-15784 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79." | 2017-10-22 | 6.8 | CVE-2017-15785 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x00000000001a78db." | 2017-10-22 | 6.8 | CVE-2017-15786 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063." | 2017-10-22 | 6.8 | CVE-2017-15787 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83." | 2017-10-22 | 6.8 | CVE-2017-15788 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7." | 2017-10-22 | 6.8 | CVE-2017-15789 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." | 2017-10-22 | 6.8 | CVE-2017-15801 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087." | 2017-10-22 | 6.8 | CVE-2017-15802 MISC |
| xnview -- xnview | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150." | 2017-10-22 | 6.8 | CVE-2017-15803 MISC |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple -- iphone_os | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action. | 2017-10-22 | 2.1 | CVE-2017-7139 BID CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Screen Lock" component. It allows physically proximate attackers to read Application Firewall prompts. | 2017-10-22 | 2.1 | CVE-2017-7082 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner. | 2017-10-22 | 2.1 | CVE-2017-7138 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwords in opportunistic circumstances by sniffing the network during use of the captive portal browser, which has a UI error that can lead to cleartext transmission without the user's awareness. | 2017-10-22 | 2.1 | CVE-2017-7143 BID SECTRACK CONFIRM |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value. | 2017-10-22 | 2.1 | CVE-2017-7149 BID SECTRACK MISC MISC CONFIRM MISC |
| apple -- mac_os_x | An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click. | 2017-10-22 | 2.1 | CVE-2017-7150 BID SECTRACK CONFIRM |
| ibm -- daeja_viewone | IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123849. | 2017-10-24 | 3.5 | CVE-2017-1209 CONFIRM MISC |
| ibm -- daeja_viewone | IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled. IBM X-Force ID: 123851. | 2017-10-24 | 1.9 | CVE-2017-1211 CONFIRM BID MISC |
| phpmyfaq -- phpmyfaq | In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords. | 2017-10-22 | 3.5 | CVE-2017-15728 CONFIRM |
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- flash |
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. | 2017-10-22 | not yet calculated | CVE-2017-11292 BID SECTRACK CONFIRM GENTOO |
| advantech -- web_op |
A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an attacker to execute arbitrary code. | 2017-10-25 | not yet calculated | CVE-2017-12705 BID MISC |
| apache -- james |
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library. | 2017-10-20 | not yet calculated | CVE-2017-12628 BID MLIST |
| apache -- portable_runtime_apr |
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service. | 2017-10-23 | not yet calculated | CVE-2017-12618 MLIST BID |
| apache -- portable_runtime_apr |
When apr_exp_time*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input. | 2017-10-23 | not yet calculated | CVE-2017-12613 BID MLIST |
| apache -- xml-rpc |
XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD. | 2017-10-27 | not yet calculated | CVE-2016-5002 MLIST BID SECTRACK MISC XF |
| apache -- xml-rpc |
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element. | 2017-10-27 | not yet calculated | CVE-2016-5003 MLIST BID BID SECTRACK MISC XF |
| apache -- activemq_apollo |
XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | 2017-10-27 | not yet calculated | CVE-2014-3579 CONFIRM MLIST BID XF CONFIRM |
| apache -- activemq |
XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | 2017-10-27 | not yet calculated | CVE-2014-3600 CONFIRM MLIST BID XF CONFIRM |
| apache -- cordova_android |
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL. | 2017-10-27 | not yet calculated | CVE-2015-1835 MISC BID CONFIRM |
| apache -- ofbiz |
Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors. | 2017-10-26 | not yet calculated | CVE-2012-1622 MLIST CONFIRM |
| argo_software_design -- argosoft_mini_mail_server |
Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop. | 2017-10-24 | not yet calculated | CVE-2017-15223 EXPLOIT-DB |
| artica -- pandora |
Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX). | 2017-10-27 | not yet calculated | CVE-2017-15937 MISC |
| artica -- pandora |
In Artica Pandora FMS version 7.0, an Attacker with write Permission can create an agent with an XSS Payload; when a user enters the agent definitions page, the script will get executed. | 2017-10-27 | not yet calculated | CVE-2017-15936 MISC |
| artica -- pandora |
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file. | 2017-10-27 | not yet calculated | CVE-2017-15935 MISC |
| artica -- pandora |
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter. | 2017-10-27 | not yet calculated | CVE-2017-15934 MISC |
| axigen -- mail_server |
Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment. | 2017-10-23 | not yet calculated | CVE-2015-5379 MISC BUGTRAQ MISC CONFIRM |
| axis_communications -- axis_2100_network_camera |
Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214. | 2017-10-25 | not yet calculated | CVE-2017-15885 MISC |
| ayukov_nftpd -- ayukov_nftpd |
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | 2017-10-24 | not yet calculated | CVE-2017-15222 EXPLOIT-DB |
| bchunk -- bchunk | bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file. | 2017-10-28 | not yet calculated | CVE-2017-15954 MISC |
| bchunk -- bchunk |
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file. | 2017-10-28 | not yet calculated | CVE-2017-15955 MISC |
| bchunk -- bchunk |
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file. | 2017-10-28 | not yet calculated | CVE-2017-15953 MISC |
| bomgar -- remote_support |
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions. | 2017-10-26 | not yet calculated | CVE-2017-5996 SECTRACK MISC |
| busybox -- busybox |
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | 2017-10-24 | not yet calculated | CVE-2017-15873 MISC MISC |
| busybox -- busybox |
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. | 2017-10-24 | not yet calculated | CVE-2017-15874 MISC |
| cisco -- amp_for_endpoints |
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904. | 2017-10-22 | not yet calculated | CVE-2017-12317 BID CONFIRM |
| cisco -- small_business_sa520_and_sa540_devices |
Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files. | 2017-10-23 | not yet calculated | CVE-2017-15805 MISC |
| cisco -- webex_meetings_server |
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643. | 2017-10-24 | not yet calculated | CVE-2014-0691 CONFIRM |
| cloud_foundry -- runtime |
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links. | 2017-10-24 | not yet calculated | CVE-2015-5172 CONFIRM |
| cloud_foundry -- runtime |
The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions. | 2017-10-24 | not yet calculated | CVE-2015-5171 CONFIRM |
| cloud_foundry -- runtime |
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage." | 2017-10-24 | not yet calculated | CVE-2015-5173 CONFIRM |
| cloud_foundry -- runtime |
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks. | 2017-10-24 | not yet calculated | CVE-2015-5170 BID CONFIRM |
| cumulus_linux -- cumulus_linux |
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label. | 2017-10-22 | not yet calculated | CVE-2015-5699 FULLDISC |
| d-link -- dgs-1500_ax_devices |
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. | 2017-10-25 | not yet calculated | CVE-2017-15909 CONFIRM CONFIRM CONFIRM CONFIRM |
| debian -- ubuntu |
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary files via a symlink attack on /tmp/foo2zjs. | 2017-10-23 | not yet calculated | CVE-2011-2684 MISC MLIST MISC MISC MISC |
| e-sic -- e-sic |
An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for the username and password. | 2017-10-23 | not yet calculated | CVE-2017-15379 MISC EXPLOIT-DB |
| e-sic -- e-sic |
SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI). | 2017-10-23 | not yet calculated | CVE-2017-15378 MISC EXPLOIT-DB |
| e-sic -- e-sic |
SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script). | 2017-10-23 | not yet calculated | CVE-2017-15381 EXPLOIT-DB |
| e-sic -- e-sic |
XSS exists in the E-Sic 1.0 /cadastro/index.php URI (aka the requester's registration area) via the nome parameter. | 2017-10-23 | not yet calculated | CVE-2017-15380 MISC EXPLOIT-DB |
| edgeofmyseat.com -- perch |
Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field. This is exploitable with a Limited Admin account. | 2017-10-27 | not yet calculated | CVE-2017-15948 MISC |
| extreme_networks -- extreme_exos | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. | 2017-10-23 | not yet calculated | CVE-2017-14332 CONFIRM |
| extreme_networks -- extreme_exos |
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. | 2017-10-23 | not yet calculated | CVE-2017-14328 CONFIRM |
| extreme_networks -- extreme_exos |
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. | 2017-10-23 | not yet calculated | CVE-2017-14327 CONFIRM |
| extreme_networks -- extreme_exos |
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. | 2017-10-23 | not yet calculated | CVE-2017-14330 CONFIRM |
| extreme_networks -- extreme_exos |
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. | 2017-10-23 | not yet calculated | CVE-2017-14329 CONFIRM |
| extreme_networks -- extreme_exos |
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. | 2017-10-23 | not yet calculated | CVE-2017-14331 CONFIRM |
| eyesofnetwork -- eyesofnetwork |
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. | 2017-10-27 | not yet calculated | CVE-2017-15933 MISC |
| eyesofnetwork -- eyesofnetwork |
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group). | 2017-10-24 | not yet calculated | CVE-2017-15880 MISC MISC |
| eyou_mail_system -- eyou_mail_system |
The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php. | 2017-10-24 | not yet calculated | CVE-2014-1203 FULLDISC |
| f5 -- multiple_products |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system. | 2017-10-27 | not yet calculated | CVE-2017-6157 SECTRACK CONFIRM |
| f5 -- multiple_products |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device. | 2017-10-27 | not yet calculated | CVE-2017-6162 SECTRACK CONFIRM |
| f5 -- multiple_products |
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile. Systems that do not have BIG-IP AAM module provisioned are not vulnerable. The Traffic Management Microkernel (TMM) may restart and temporarily fail to process traffic. Systems that do not have BIG-IP AAM or PEM module provisioned are not vulnerable. | 2017-10-27 | not yet calculated | CVE-2017-6160 SECTRACK CONFIRM |
| f5 -- multiple_products |
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed. | 2017-10-27 | not yet calculated | CVE-2017-6163 SECTRACK CONFIRM |
| f5 -- multiple_products |
F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic. | 2017-10-27 | not yet calculated | CVE-2017-6159 SECTRACK CONFIRM |
| f5 -- multiple_products |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. | 2017-10-27 | not yet calculated | CVE-2017-6161 SECTRACK SECTRACK CONFIRM |
| f5 -- multiple_products |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file. | 2017-10-20 | not yet calculated | CVE-2017-6165 BID SECTRACK CONFIRM |
| f5 -- multiple_programs |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections. | 2017-10-27 | not yet calculated | CVE-2017-0303 SECTRACK CONFIRM |
| ffmpeg -- ffmpeg |
Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file. | 2017-10-24 | not yet calculated | CVE-2017-15186 MLIST BID |
| fortinet -- fortimail |
A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests. | 2017-10-26 | not yet calculated | CVE-2017-7732 BID SECTRACK CONFIRM |
| fortinet -- fortios |
A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter. | 2017-10-27 | not yet calculated | CVE-2017-7733 BID SECTRACK CONFIRM |
| fortinet -- fortios |
A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API. | 2017-10-27 | not yet calculated | CVE-2017-14182 BID SECTRACK CONFIRM |
| fortinet -- fortiwlc |
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests. | 2017-10-26 | not yet calculated | CVE-2017-7341 BID CONFIRM |
| fortinet -- fortiwlc |
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests. | 2017-10-26 | not yet calculated | CVE-2017-7335 BID CONFIRM |
| gentoo_linux -- gentoo_linux |
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. | 2017-10-27 | not yet calculated | CVE-2017-15945 CONFIRM |
| gnu -- binutils |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. | 2017-10-27 | not yet calculated | CVE-2017-15939 MISC MISC MISC |
| gnu -- binutils |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). | 2017-10-27 | not yet calculated | CVE-2017-15938 MISC MISC MISC |
| gnu -- libextractor |
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. | 2017-10-26 | not yet calculated | CVE-2017-15922 MISC BID |
| gnu -- wget |
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. | 2017-10-27 | not yet calculated | CVE-2017-13089 CONFIRM BID SECTRACK MISC |
| gnu -- wget |
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer. | 2017-10-27 | not yet calculated | CVE-2017-13090 CONFIRM BID SECTRACK MISC |
| google -- chrome | Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5064 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5115 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5112 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5066 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | 2017-10-27 | not yet calculated | CVE-2017-5114 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5110 BID MISC MISC GENTOO |
| google -- chrome | Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5069 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | 2017-10-27 | not yet calculated | CVE-2017-5111 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5063 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5107 BID MISC MISC GENTOO |
| google -- chrome | A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. | 2017-10-27 | not yet calculated | CVE-2017-5062 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5091 BID MISC MISC GENTOO |
| google -- chrome | Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. | 2017-10-27 | not yet calculated | CVE-2017-5084 BID MISC MISC GENTOO |
| google -- chrome | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5105 BID MISC MISC GENTOO |
| google -- chrome | A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5100 BID MISC MISC GENTOO |
| google -- chrome | Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument. | 2017-10-27 | not yet calculated | CVE-2017-5078 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5106 BID MISC MISC GENTOO |
| google -- chrome | Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5073 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5088 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5086 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5083 BID SECTRACK MISC MISC GENTOO |
| google -- chrome | Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5082 BID SECTRACK MISC MISC GENTOO MISC |
| google -- chrome |
Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5109 BID MISC MISC GENTOO |
| google -- chrome |
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5056 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5103 BID MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5104 BID MISC MISC GENTOO |
| google -- chrome |
A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5055 BID MISC MISC GENTOO |
| google -- chrome |
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5054 BID MISC MISC GENTOO |
| google -- chrome |
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5097 BID MISC MISC GENTOO |
| google -- chrome |
A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5061 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents. | 2017-10-27 | not yet calculated | CVE-2017-5096 BID MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5101 BID MISC MISC GENTOO |
| google -- chrome |
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5102 BID MISC MISC GENTOO |
| google -- chrome |
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file. | 2017-10-27 | not yet calculated | CVE-2017-5108 BID MISC MISC GENTOO |
| google -- chrome |
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file. | 2017-10-27 | not yet calculated | CVE-2017-5095 BID MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5093 BID MISC MISC GENTOO |
| google -- chrome |
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 2017-10-27 | not yet calculated | CVE-2017-5057 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5113 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5092 BID MISC MISC GENTOO |
| google -- chrome |
Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5094 BID MISC MISC GENTOO |
| google -- chrome |
A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5058 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character, aka Apple rdar problem 32458012. | 2017-10-27 | not yet calculated | CVE-2017-5090 BID MISC |
| google -- chrome |
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5059 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape. | 2017-10-27 | not yet calculated | CVE-2017-5087 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5070 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5089 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5099 BID MISC MISC GENTOO |
| google -- chrome |
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5071 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. | 2017-10-27 | not yet calculated | CVE-2017-5052 BID MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page. | 2017-10-27 | not yet calculated | CVE-2017-5072 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5067 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5098 BID MISC MISC GENTOO |
| google -- chrome |
Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5065 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. | 2017-10-27 | not yet calculated | CVE-2017-5081 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5079 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5080 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth. | 2017-10-27 | not yet calculated | CVE-2017-5074 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5122 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5077 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase. | 2017-10-27 | not yet calculated | CVE-2017-5121 BID SECTRACK MISC MISC MISC GENTOO |
| google -- chrome |
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5068 BID MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5075 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5060 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf. | 2017-10-27 | not yet calculated | CVE-2017-5053 BID MISC MISC MISC GENTOO |
| google -- chrome |
Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring). | 2017-10-27 | not yet calculated | CVE-2017-5120 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5117 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5119 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5116 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 2017-10-27 | not yet calculated | CVE-2017-5076 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark. | 2017-10-27 | not yet calculated | CVE-2017-5085 BID SECTRACK MISC MISC GENTOO |
| google -- chrome |
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page. | 2017-10-27 | not yet calculated | CVE-2017-5118 BID SECTRACK MISC MISC GENTOO |
| graphicsmagick -- graphicsmagick |
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. | 2017-10-27 | not yet calculated | CVE-2017-15930 CONFIRM CONFIRM CONFIRM |
| hexis -- hawkeye |
Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist. | 2017-10-23 | not yet calculated | CVE-2015-2878 BUGTRAQ BUGTRAQ EXPLOIT-DB |
| ibm -- doors_next_generation |
IBM DOORS next Generation (DNG/RRC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123188. | 2017-10-25 | not yet calculated | CVE-2017-1169 CONFIRM BID MISC |
| ibm -- infosphere_master_data_management |
IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized user to download reports without authentication. IBM X-Force ID: 129892. | 2017-10-24 | not yet calculated | CVE-2017-1523 BID MISC CONFIRM |
| ibm -- jazz_foundation |
An unspecified vulnerability in IBM Jazz Foundation based applications might allow the display of stack trace information to an attacker. IBM X-Force ID: 124523. | 2017-10-25 | not yet calculated | CVE-2017-1241 CONFIRM BID MISC |
| ibm -- jazz_foundation |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123036. | 2017-10-25 | not yet calculated | CVE-2017-1164 CONFIRM BID MISC |
| ibm -- openpages_grc_platform |
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 114712. | 2017-10-24 | not yet calculated | CVE-2016-3049 CONFIRM BID MISC |
| ibm -- rsa_dm |
IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157. | 2017-10-25 | not yet calculated | CVE-2017-1295 CONFIRM MISC |
| ibm -- system_storage_storwize_v7000_unified |
IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126868. | 2017-10-24 | not yet calculated | CVE-2017-1375 CONFIRM BID MISC |
| ibm -- team_concert |
IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126856. | 2017-10-25 | not yet calculated | CVE-2017-1363 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager | IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 123907. | 2017-10-26 | not yet calculated | CVE-2017-1228 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905. | 2017-10-26 | not yet calculated | CVE-2017-1226 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 123911. | 2017-10-26 | not yet calculated | CVE-2017-1232 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909. | 2017-10-26 | not yet calculated | CVE-2017-1230 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831. | 2017-10-26 | not yet calculated | CVE-2017-1521 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 123862. | 2017-10-26 | not yet calculated | CVE-2017-1222 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 123860. | 2017-10-26 | not yet calculated | CVE-2017-1220 CONFIRM BID MISC |
| ibm -- tivoli_endpoint_manager |
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 123904. | 2017-10-26 | not yet calculated | CVE-2017-1225 CONFIRM BID MISC |
| ibm -- websphere_application_server |
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF. | 2017-10-24 | not yet calculated | CVE-2017-1583 CONFIRM BID MISC |
| idemia -- morphosmart |
The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. | 2017-10-23 | not yet calculated | CVE-2017-15567 MISC |
| ignite_realtime -- openfire |
The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allows arbitrary client-side JavaScript code execution on victims who click a crafted setup/setup-host-settings.jsp?domain= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. | 2017-10-26 | not yet calculated | CVE-2017-15911 MISC MISC |
| image_metrology -- spip |
Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php. | 2017-10-22 | not yet calculated | CVE-2017-15736 CONFIRM |
| joomla! -- joomla! |
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. | 2017-10-27 | not yet calculated | CVE-2017-15946 MISC |
| keystonejs -- keystonejs |
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export. | 2017-10-24 | not yet calculated | CVE-2017-15879 CONFIRM MISC EXPLOIT-DB |
| keystonejs -- keystonejs |
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature. | 2017-10-24 | not yet calculated | CVE-2017-15878 MISC BID CONFIRM MISC EXPLOIT-DB |
| keystonejs -- keystonejs |
Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878. | 2017-10-24 | not yet calculated | CVE-2017-15881 MISC BID MISC MISC |
| lenovo -- multiple_products |
System boot process is not adequately secured In Lenovo E95 and ThinkCentre M710s/M710t because systems were shipped from factory without completing BIOS/UEFI initialization process. | 2017-10-26 | not yet calculated | CVE-2017-3771 CONFIRM |
| letodms -- letodms |
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 2017-10-23 | not yet calculated | CVE-2012-4568 CONFIRM MLIST MLIST |
| letodms -- letodms |
Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-10-23 | not yet calculated | CVE-2012-4569 CONFIRM MLIST MLIST BID |
| letodms -- letodms |
Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.ClassUI.php or (2) out/out.DocumentNotify.php. | 2017-10-23 | not yet calculated | CVE-2012-4567 CONFIRM MLIST MLIST BID |
| letodms -- letodms |
SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2017-10-23 | not yet calculated | CVE-2012-4570 CONFIRM MLIST MLIST BID |
| linux -- linux_kernel |
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. | 2017-10-27 | not yet calculated | CVE-2017-15951 CONFIRM CONFIRM CONFIRM |
| logitech -- media_server |
DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI. | 2017-10-23 | not yet calculated | CVE-2017-15687 MISC EXPLOIT-DB |
| london_trust_media -- private_internet_access_application |
The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file. | 2017-10-26 | not yet calculated | CVE-2017-15882 MISC |
| mediawiki -- mediawiki |
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php. | 2017-10-26 | not yet calculated | CVE-2012-4378 MLIST MLIST MISC CONFIRM MLIST CONFIRM |
| mediawiki -- mediawiki |
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image. | 2017-10-26 | not yet calculated | CVE-2012-4377 MLIST MLIST MISC CONFIRM MLIST CONFIRM |
| msa -- vot.ar |
The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag. | 2017-10-23 | not yet calculated | CVE-2015-6839 MISC MISC CONFIRM MISC |
| node.js -- node.js |
The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe. | 2017-10-23 | not yet calculated | CVE-2013-7377 MLIST MLIST MISC |
| node.js -- node.js |
Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path. | 2017-10-23 | not yet calculated | CVE-2014-3744 MLIST MLIST BID CONFIRM MISC |
| node.js -- node.js |
The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command. | 2017-10-23 | not yet calculated | CVE-2014-3741 MLIST MLIST CONFIRM MISC |
| openmrs -- openmrs |
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request. | 2017-10-23 | not yet calculated | CVE-2017-12796 MISC MISC MISC |
| openslp.org -- openslp |
Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package. | 2017-10-22 | not yet calculated | CVE-2015-5177 CONFIRM BID SECTRACK CONFIRM DEBIAN |
| openssh -- openssh |
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. | 2017-10-25 | not yet calculated | CVE-2017-15906 CONFIRM CONFIRM |
| osticket.com -- osticket | osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content. | 2017-10-23 | not yet calculated | CVE-2017-15580 MISC |
| paessler -- prtg_network_monitor |
In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. | 2017-10-26 | not yet calculated | CVE-2017-15917 MISC |
| pallets/wekzeug -- pallets/wekzeug |
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message. | 2017-10-23 | not yet calculated | CVE-2016-10516 MISC MISC |
| panasonic -- kx-hjb1000_home_unit_devices |
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. | 2017-10-20 | not yet calculated | CVE-2017-2132 BID JVN |
| panasonic -- kx-hjb1000_home_unit_devices |
SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 2017-10-20 | not yet calculated | CVE-2017-2133 BID JVN |
| panasonic -- kx-hjb1000_home_unit_devices |
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors. | 2017-10-20 | not yet calculated | CVE-2017-2131 BID JVN |
| phpcollab -- phpcollab |
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php. | 2017-10-26 | not yet calculated | CVE-2017-15907 MISC |
| phpsugar -- phpmelody |
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. | 2017-10-24 | not yet calculated | CVE-2017-15081 MISC MISC |
| phpwcms -- phpwcms |
phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and include/inc_tmpl/admin.newuser.tmpl.php via the username (aka new_login) field. | 2017-10-24 | not yet calculated | CVE-2017-15872 CONFIRM CONFIRM |
| radare2 -- radare2 |
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems. | 2017-10-27 | not yet calculated | CVE-2017-15931 CONFIRM CONFIRM |
| radare2 -- radare2 |
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. | 2017-10-27 | not yet calculated | CVE-2017-15932 CONFIRM CONFIRM |
| random.org -- random.org |
reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack. | 2017-10-23 | not yet calculated | CVE-2011-2683 MISC MLIST MISC |
| red_hat -- glusterfs |
A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. | 2017-10-26 | not yet calculated | CVE-2017-15096 CONFIRM |
| red_hat -- keycloak |
It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. | 2017-10-26 | not yet calculated | CVE-2017-12160 REDHAT REDHAT REDHAT CONFIRM |
| red_hat -- keycloak |
It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. | 2017-10-26 | not yet calculated | CVE-2017-12159 BID REDHAT REDHAT REDHAT CONFIRM |
| red_hat -- keycloak |
It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. | 2017-10-26 | not yet calculated | CVE-2017-12158 REDHAT REDHAT REDHAT CONFIRM |
| redislabs -- redis |
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port). | 2017-10-24 | not yet calculated | CVE-2016-10517 BID MISC MISC MISC |
| ruby -- ruby |
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication. | 2017-10-27 | not yet calculated | CVE-2017-15928 MISC MISC |
| saltstack -- salt |
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request. | 2017-10-24 | not yet calculated | CVE-2017-14696 SUSE SUSE CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| saltstack -- salt |
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791. | 2017-10-24 | not yet calculated | CVE-2017-14695 SUSE SUSE CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| shadowsocks-libev -- shadowsocks-libev |
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. | 2017-10-27 | not yet calculated | CVE-2017-15924 MISC MISC MISC MISC |
| siemens -- multiple_products |
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices. | 2017-10-23 | not yet calculated | CVE-2017-9947 BID CONFIRM |
| siemens -- multiple_products |
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device. | 2017-10-23 | not yet calculated | CVE-2017-9946 BID CONFIRM |
| simple_asc -- cms |
Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp. | 2017-10-27 | not yet calculated | CVE-2017-15947 MISC |
| suricata -- suricata |
In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default). | 2017-10-23 | not yet calculated | CVE-2017-15377 MISC MISC |
| symantec -- encryption_desktop |
In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code. | 2017-10-23 | not yet calculated | CVE-2017-13682 BID CONFIRM |
| symantec -- endpoint_encryption |
In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code. | 2017-10-23 | not yet calculated | CVE-2017-13683 BID CONFIRM |
| systemd -- systemd |
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | 2017-10-26 | not yet calculated | CVE-2017-15908 BID SECTRACK CONFIRM CONFIRM |
| thornberry -- ndoc |
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required. | 2017-10-26 | not yet calculated | CVE-2017-15366 MISC |
| tp-link -- tl-mr3220_routers |
Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field. | 2017-10-20 | not yet calculated | CVE-2017-15291 MISC EXPLOIT-DB |
| tp-link -- wr940N_routers |
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm. | 2017-10-23 | not yet calculated | CVE-2017-13772 EXPLOIT-DB MISC |
| typo3 -- cms |
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms. | 2017-10-20 | not yet calculated | CVE-2010-3659 MLIST MLIST BID MISC CONFIRM |
| vbulletin -- vbulletin |
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/. | 2017-10-26 | not yet calculated | CVE-2014-2023 MISC FULLDISC EXPLOIT-DB BID MISC |
| wordpress -- wordpress |
SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands. | 2017-10-23 | not yet calculated | CVE-2015-5533 MISC BUGTRAQ CONFIRM MISC EXPLOIT-DB MISC |
| wordpress -- wordpress |
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. | 2017-10-26 | not yet calculated | CVE-2017-15919 MISC MISC |
| wordpress -- wordpress |
Multiple cross-site scripting (XSS) vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, (3) user_id, (4) username, (5) country_name, (6) browser, (7) operating_system, or (8) ip_address parameter to admin/partials/listing/listing.php. | 2017-10-24 | not yet calculated | CVE-2017-15867 CONFIRM |
| wordpress -- wordpress |
Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to membershiplevels.php, (2) memberslist.php, or (3) orders.php in adminpages/ or the (4) edit parameter to adminpages/membershiplevels.php. | 2017-10-23 | not yet calculated | CVE-2015-5532 MISC CONFIRM BUGTRAQ CONFIRM CONFIRM MISC MISC |
| wordpress -- wordpress |
The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel. | 2017-10-23 | not yet calculated | CVE-2017-15812 MISC MISC |
| wordpress -- wordpress |
Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin before 3.5.19 for WordPress via the date1 or date2 parameter to wp-admin/options-general.php. | 2017-10-24 | not yet calculated | CVE-2017-15863 MISC MISC |
| wordpress -- wordpress |
The Pootle Button plugin before 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php. | 2017-10-23 | not yet calculated | CVE-2017-15811 MISC MISC MISC |
| wordpress -- wordpress |
The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress has XSS via the tab parameter to wp-admin/admin.php. | 2017-10-23 | not yet calculated | CVE-2017-15810 MISC MISC MISC |
| writediary.com -- writediary |
In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries. | 2017-10-27 | not yet calculated | CVE-2017-15582 MISC MISC |
| writediary.com -- writediary |
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive information by sniffing the network during LoginActivity or NoteActivity execution. | 2017-10-27 | not yet calculated | CVE-2017-15581 MISC MISC |
| xavier -- xavier |
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php. | 2017-10-27 | not yet calculated | CVE-2017-15949 MISC |
'IT 와 Social 이야기' 카테고리의 다른 글
| [NIA] 4차 산업혁명을 이끄는 인공지능(AI) 발전방향 - 실리콘밸리의 AI 성공요인 분석 (0) | 2017.11.02 |
|---|---|
| [여신금융협회] 알리바바(Alibaba)의 온라인 연계 '자동차 자동판매기' 출시 배경 및 향후 전망 - 최민지 (0) | 2017.11.02 |
| [iitp] 지능정보기술 연구개발 방향 - 유종호 (0) | 2017.11.01 |
| [iitp] 악성 코드 설치 없는 시스템 해킹 방법, "파일 없는 공격" 증가 추세 (0) | 2017.11.01 |
| [kotra] 미 실리콘밸리, 감성컴퓨팅과 인공지능 융합기술 두각 - 백세은 (0) | 2017.10.30 |
