CVE-2017-7310

Public exploit
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.
Max CVSS
7.8
EPSS Score
93.38%
Published
2017-03-29
Updated
2018-03-08

CVE-2017-7308

Public exploit
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
Max CVSS
7.8
EPSS Score
0.09%
Published
2017-03-29
Updated
2023-02-14

CVE-2017-7269

Known exploited
Public exploit
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
Max CVSS
10.0
EPSS Score
97.12%
Published
2017-03-27
Updated
2019-07-03
CISA KEV Added
2021-11-03

CVE-2017-7230

Public exploit
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
Max CVSS
9.8
EPSS Score
60.98%
Published
2017-03-22
Updated
2017-03-31

CVE-2017-6527

Public exploit
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Max CVSS
7.5
EPSS Score
85.16%
Published
2017-03-09
Updated
2017-08-16

CVE-2017-6526

Public exploit
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).
Max CVSS
10.0
EPSS Score
90.61%
Published
2017-03-09
Updated
2019-10-03

CVE-2017-6516

Public exploit
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.
Max CVSS
7.2
EPSS Score
0.08%
Published
2017-03-14
Updated
2019-10-03

CVE-2017-6510

Public exploit
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory.
Max CVSS
7.5
EPSS Score
2.12%
Published
2017-03-16
Updated
2017-03-21

CVE-2017-6416

Public exploit
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
Max CVSS
9.8
EPSS Score
2.32%
Published
2017-03-06
Updated
2017-03-08

CVE-2017-6398

Public exploit
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because of an improper blacklisting rule, it's possible to inject arbitrary commands into it.
Max CVSS
9.0
EPSS Score
11.16%
Published
2017-03-14
Updated
2019-10-03

CVE-2017-6334

Known exploited
Public exploit
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
Max CVSS
9.0
EPSS Score
96.10%
Published
2017-03-06
Updated
2019-10-03
CISA KEV Added
2022-03-25

CVE-2017-5930

Public exploit
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.
Max CVSS
3.5
EPSS Score
0.47%
Published
2017-03-20
Updated
2020-02-26

CVE-2017-5638

Known exploited
Public exploit
Used for ransomware
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
Max CVSS
10.0
EPSS Score
97.53%
Published
2017-03-11
Updated
2021-02-24
CISA KEV Added
2021-11-03

CVE-2017-3881

Known exploited
Public exploit
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
Max CVSS
10.0
EPSS Score
97.45%
Published
2017-03-17
Updated
2020-08-07
CISA KEV Added
2022-03-25

CVE-2017-0148

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
Max CVSS
9.3
EPSS Score
97.17%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-04-06

CVE-2017-0147

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."
Max CVSS
5.9
EPSS Score
97.11%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-05-24

CVE-2017-0146

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.12%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-03-25

CVE-2017-0145

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.27%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-02-10

CVE-2017-0144

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.45%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-02-10

CVE-2017-0143

Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.30%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2021-11-03

CVE-2016-10225

Public exploit
The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug.
Max CVSS
7.8
EPSS Score
0.05%
Published
2017-03-27
Updated
2021-04-21

CVE-2016-6883

Public exploit
MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack.
Max CVSS
5.9
EPSS Score
0.26%
Published
2017-03-03
Updated
2017-12-15

CVE-2016-6816

Public exploit
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
Max CVSS
7.1
EPSS Score
0.26%
Published
2017-03-20
Updated
2023-12-08

CVE-2015-4624

Public exploit
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
Max CVSS
7.5
EPSS Score
14.59%
Published
2017-03-31
Updated
2018-10-09
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-03-31
Updated
2023-02-14
1300 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!