CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-7231 Overflow 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of the 'pngdefry.c' source file.
2 CVE-2017-7230 Exec Code Overflow 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
3 CVE-2017-7227 Overflow 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.
4 CVE-2017-7226 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well.
5 CVE-2017-7225 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.
6 CVE-2017-7224 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.
7 CVE-2017-7223 Overflow 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
8 CVE-2017-7222 XSS 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. This requires privileged access to MantisBT configuration management pages (i.e., administrator access rights) or altering the system configuration file (config_inc.php).
9 CVE-2017-7215 XSS 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4.69 allows remote attackers to inject arbitrary web script or HTML.
10 CVE-2017-7214 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
11 CVE-2017-7208 DoS +Info 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
12 CVE-2017-7207 DoS 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
13 CVE-2017-7206 DoS +Info 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
14 CVE-2017-7205 Exec Code XSS 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
A Cross-Site Scripting (XSS) was discovered in GamePanelX-V3 3.0.12. The vulnerability exists due to insufficient filtration of user-supplied data (a) passed to the "GamePanelX-V3-master/ajax/ajax.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
15 CVE-2017-7200 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.
16 CVE-2017-7187 DoS Overflow 2017-03-20 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
17 CVE-2017-7184 DoS 2017-03-19 2017-03-19
0.0
None ??? ??? ??? ??? ??? ???
The linux-image-* package 4.8.0.41.52 for the Linux kernel on Ubuntu 16.10 allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017.
18 CVE-2017-7177 2017-03-18 2017-03-18
0.0
None ??? ??? ??? ??? ??? ???
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
19 CVE-2017-6972 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
Unspecified vulnerability in AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 has unknown impact and attack vectors, aka AlienVault ID ENG-104945. This is different from CVE-2017-6970 and CVE-2017-6971, and less directly relevant. (Additional details are expected to be released in a new public reference.)
20 CVE-2017-6971 Exec Code 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
AlienVault USM and OSSIM before 5.3.5 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. NOTE: the AlienVault vendor statement of affected versions is disputed by another party.
21 CVE-2017-6970 Exec Code 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
AlienVault USM and OSSIM before 5.3.5 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863. NOTE: the AlienVault vendor statement of affected versions is disputed by another party.
22 CVE-2017-6952 DoS Overflow 2017-03-16 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or possibly have unspecified other impact via a large value.
23 CVE-2017-6949 Overflow 2017-03-16 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc(). With an unexpected size, the impact may have been a segfault or buffer overflow.
24 CVE-2017-6909 Exec Code 2017-03-14 2017-03-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
25 CVE-2017-6907 Exec Code 2017-03-14 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data (content) passed to the "Open.GL-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
26 CVE-2017-6906 Exec Code 2017-03-14 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the the "SiberianCMS-master/errors/500.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
27 CVE-2017-6905 Exec Code 2017-03-14 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
28 CVE-2017-6903 2017-03-14 2017-03-14
0.0
None ??? ??? ??? ??? ??? ???
In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engine) forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as native code DLLs. A malicious auto-downloaded file can contain configuration defaults that override the user's. Executable bytecode in a malicious auto-downloaded file can set configuration variables to values that will result in unwanted native code DLLs being loaded, resulting in sandbox escape.
29 CVE-2017-6883 200 DoS Exec Code +Info 2017-03-14 2017-03-15
2.6
None Remote High Not required Partial None None
The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
30 CVE-2017-6805 Dir. Trav. 2017-03-20 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET command.
31 CVE-2017-6803 Exec Code CSRF 2017-03-20 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler in SolarWinds (formerly Serv-U) FTP Voyager 16.2.0 allow remote attackers to hijack the authentication of users for requests that (1) change the admin password, (2) terminate the scheduler, or (3) possibly execute arbitrary commands via crafted requests to Admin/XML/Result.xml.
32 CVE-2017-6550 Exec Code Sql 2017-03-20 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.
33 CVE-2017-6516 +Priv 2017-03-14 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.
34 CVE-2017-6505 20 DoS 2017-03-15 2017-03-17
2.1
None Local Low Not required None None Partial
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors.
35 CVE-2017-6440 399 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
36 CVE-2017-6439 787 DoS Overflow 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
37 CVE-2017-6437 125 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
38 CVE-2017-6436 399 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
39 CVE-2017-6435 119 DoS Overflow Mem. Corr. 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
40 CVE-2017-6417 Exec Code Bypass 2017-03-21 2017-03-21
0.0
None ??? ??? ??? ??? ??? ???
Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
41 CVE-2017-6404 284 2017-03-02 2017-03-06
2.1
None Local Low Not required None Partial None
An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data.
42 CVE-2017-6381 Exec Code 2017-03-16 2017-03-17
0.0
None ??? ??? ??? ??? ??? ???
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren't vulnerable, you can remove the <siteroot>/vendor/phpunit directory from your production deployments
43 CVE-2017-6377 Bypass 2017-03-16 2017-03-17
0.0
None ??? ??? ??? ??? ??? ???
When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass.
44 CVE-2017-6366 Exec Code CSRF 2017-03-15 2017-03-15
0.0
None ??? ??? ??? ??? ??? ???
Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.
45 CVE-2017-6356 +Info 2017-03-20 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
46 CVE-2017-6355 190 DoS Overflow 2017-03-09 2017-03-13
2.1
None Local Low Not required None None Partial
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
47 CVE-2017-6318 +Info 2017-03-20 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
48 CVE-2017-6210 476 DoS 2017-03-15 2017-03-16
2.1
None Local Low Not required None None Partial
The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
49 CVE-2017-6209 119 DoS Overflow 2017-03-15 2017-03-16
2.1
None Local Low Not required None None Partial
Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to parsing properties.
50 CVE-2017-6189 Exec Code 2017-03-15 2017-03-15
0.0
None ??? ??? ??? ??? ??? ???
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
Total number of vulnerabilities : 4281   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.