CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000380 200 +Info 2017-06-17 2017-06-21
2.1
None Local Low Not required Partial None None
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.
2 CVE-2017-1000369 264 Exec Code 2017-06-19 2017-07-06
2.1
None Local Low Not required None Partial None
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.
3 CVE-2017-12976 Exec Code 2017-08-20 2017-08-20
0.0
None ??? ??? ??? ??? ??? ???
git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.
4 CVE-2017-12974 2017-08-20 2017-08-20
0.0
None ??? ??? ??? ??? ??? ???
Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation.
5 CVE-2017-12973 2017-08-20 2017-08-20
0.0
None ??? ??? ??? ??? ??? ???
Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack.
6 CVE-2017-12972 Overflow Bypass 2017-08-20 2017-08-20
0.0
None ??? ??? ??? ??? ??? ???
In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC.
7 CVE-2017-12967 DoS 2017-08-19 2017-08-19
0.0
None ??? ??? ??? ??? ??? ???
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.
8 CVE-2017-12966 DoS 2017-08-20 2017-08-20
0.0
None ??? ??? ??? ??? ??? ???
The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file.
9 CVE-2017-12964 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. It will lead to a remote denial of service attack.
10 CVE-2017-12963 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24).
11 CVE-2017-12962 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack.
12 CVE-2017-12961 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service.
13 CVE-2017-12960 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service.
14 CVE-2017-12959 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP 0.11.0 that will lead to a remote denial of service attack.
15 CVE-2017-12958 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service.
16 CVE-2017-12957 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.
17 CVE-2017-12956 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
18 CVE-2017-12955 DoS Overflow 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
19 CVE-2017-12949 Sql CSRF 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
20 CVE-2017-12948 XSS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF.
21 CVE-2017-12947 Sql 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
22 CVE-2017-12946 Sql 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
23 CVE-2017-12944 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.
24 CVE-2017-12943 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.
25 CVE-2017-12942 Overflow 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
26 CVE-2017-12941 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
27 CVE-2017-12940 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
28 CVE-2017-12939 Exec Code 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.
29 CVE-2017-12938 Dir. Trav. Bypass 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
30 CVE-2017-12934 2017-08-17 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
31 CVE-2017-12933 2017-08-17 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
32 CVE-2017-12932 2017-08-17 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
33 CVE-2017-12892 2017-08-16 2017-08-19
0.0
None ??? ??? ??? ??? ??? ???
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
34 CVE-2017-12882 XSS 2017-08-18 2017-08-19
0.0
None ??? ??? ??? ??? ??? ???
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
35 CVE-2017-12881 CSRF 2017-08-18 2017-08-19
0.0
None ??? ??? ??? ??? ??? ???
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
36 CVE-2017-12880 2017-08-16 2017-08-16
0.0
None ??? ??? ??? ??? ??? ???
In PyJWT 1.5.0 and below the 'invalid_strings' check in 'HMACAlgorithm.prepare_key' does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string '-----BEGIN RSA PUBLIC KEY-----' which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an attacker to craft JWTs from scratch.
37 CVE-2017-12864 DoS Exec Code Overflow 2017-08-15 2017-08-15
0.0
None ??? ??? ??? ??? ??? ???
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
38 CVE-2017-12863 DoS Exec Code Overflow 2017-08-15 2017-08-15
0.0
None ??? ??? ??? ??? ??? ???
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has a integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
39 CVE-2017-12862 DoS Exec Code Overflow 2017-08-15 2017-08-15
0.0
None ??? ??? ??? ??? ??? ???
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
40 CVE-2017-12859 DoS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.
41 CVE-2017-12855 2017-08-15 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
42 CVE-2017-12853 CSRF 2017-08-14 2017-08-14
0.0
None ??? ??? ??? ??? ??? ???
The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
43 CVE-2017-12852 2017-08-15 2017-08-15
0.0
None ??? ??? ??? ??? ??? ???
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
44 CVE-2017-12851 2017-08-14 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.
45 CVE-2017-12850 2017-08-14 2017-08-17
0.0
None ??? ??? ??? ??? ??? ???
An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46.
46 CVE-2017-12776 Exec Code Sql 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter.
47 CVE-2017-12774 2017-08-09 2017-08-09
0.0
None ??? ??? ??? ??? ??? ???
finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database
48 CVE-2017-12762 Overflow 2017-08-09 2017-08-11
0.0
None ??? ??? ??? ??? ??? ???
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
49 CVE-2017-12754 Exec Code Overflow 2017-08-09 2017-08-09
0.0
None ??? ??? ??? ??? ??? ???
Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by sending a crafted http GET request packet that includes a long delete_offline_client parameter in the url.
50 CVE-2017-12680 XSS 2017-08-18 2017-08-18
0.0
None ??? ??? ??? ??? ??? ???
Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php.
Total number of vulnerabilities : 4780   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.