CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-7275 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.
2 CVE-2017-7274 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.
3 CVE-2017-7273 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
4 CVE-2017-7272 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
PHP through 7.1.3 enables potential SSRF in applications that accept an fsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.
5 CVE-2017-7271 XSS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen.
6 CVE-2017-7269 Exec Code Overflow 2017-03-26 2017-03-26
0.0
None ??? ??? ??? ??? ??? ???
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
7 CVE-2017-7266 2017-03-26 2017-03-26
0.0
None ??? ??? ??? ??? ??? ???
Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
8 CVE-2017-7264 DoS 2017-03-26 2017-03-26
0.0
None ??? ??? ??? ??? ??? ???
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
9 CVE-2017-7263 DoS 2017-03-26 2017-03-26
0.0
None ??? ??? ??? ??? ??? ???
The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698.
10 CVE-2017-7262 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite.
11 CVE-2017-7261 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.
12 CVE-2017-7257 XSS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. Someone must login to conduct the attack.
13 CVE-2017-7256 XSS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack.
14 CVE-2017-7255 XSS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack.
15 CVE-2017-7251 Exec Code XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data (preview) passed to the "pi-develop/www/script/editor/markitup/preview/markdown.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
16 CVE-2017-7250 Exec Code XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (action) passed to the 'Gazelle-master/sections/tools/finances/bitcoin_balance.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
17 CVE-2017-7249 Exec Code XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (action, userid) passed to the 'Gazelle-master/sections/tools/data/ocelot_info.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
18 CVE-2017-7248 Exec Code XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (type) passed to the 'Gazelle-master/sections/better/transcode.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
19 CVE-2017-7247 Exec Code XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazelle-master/sections/tools/managers/multiple_freeleech.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
20 CVE-2017-7246 DoS Overflow 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.
21 CVE-2017-7245 DoS Overflow 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.
22 CVE-2017-7244 DoS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
23 CVE-2017-7243 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
24 CVE-2017-7242 XSS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.php, bibliography/item.php, bibliography/item_barcode_generator.php, bibliography/printed_card.php, circulation/loan_rules.php, master_file/author.php, master_file/coll_type.php, and master_file/doc_language.php and the quickReturnID field to circulation/ajax_action.php.
25 CVE-2017-7240 Dir. Trav. 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on Miele Professional PG 8528 PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1.
26 CVE-2017-7231 Overflow 2017-03-22 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of the 'pngdefry.c' source file.
27 CVE-2017-7230 Exec Code Overflow 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
28 CVE-2017-7200 2017-03-21 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.
29 CVE-2017-7199 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue.
30 CVE-2017-7191 DoS Exec Code 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors.
31 CVE-2017-7184 DoS 2017-03-19 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
The linux-image-* package 4.8.0.41.52 for the Linux kernel on Ubuntu 16.10 allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017.
32 CVE-2017-7183 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
33 CVE-2017-6972 2017-03-22 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
Unspecified vulnerability in AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 has unknown impact and attack vectors, aka AlienVault ID ENG-104945. This is different from CVE-2017-6970 and CVE-2017-6971, and less directly relevant. (Additional details are expected to be released in a new public reference.)
34 CVE-2017-6971 Exec Code 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.
35 CVE-2017-6970 Exec Code 2017-03-22 2017-03-22
0.0
None ??? ??? ??? ??? ??? ???
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
36 CVE-2017-6957 Exec Code Overflow 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156).
37 CVE-2017-6950 Exec Code Bypass 2017-03-23 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
38 CVE-2017-6911 2017-03-23 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack.
39 CVE-2017-6907 Exec Code 2017-03-14 2017-03-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data (content) passed to the "Open.GL-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
40 CVE-2017-6903 2017-03-14 2017-03-14
0.0
None ??? ??? ??? ??? ??? ???
In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engine) forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as native code DLLs. A malicious auto-downloaded file can contain configuration defaults that override the user's. Executable bytecode in a malicious auto-downloaded file can set configuration variables to values that will result in unwanted native code DLLs being loaded, resulting in sandbox escape.
41 CVE-2017-6895 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.
42 CVE-2017-6878 XSS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
43 CVE-2017-6542 Overflow 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
44 CVE-2017-6517 Exec Code 2017-03-23 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process.
45 CVE-2017-6516 +Priv 2017-03-14 2017-03-20
0.0
None ??? ??? ??? ??? ??? ???
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.
46 CVE-2017-6507 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic.
47 CVE-2017-6464 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
48 CVE-2017-6463 DoS 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
49 CVE-2017-6462 Overflow 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
50 CVE-2017-6460 Overflow 2017-03-27 2017-03-27
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
Total number of vulnerabilities : 207   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.