CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-6214 399 DoS 2017-02-23 2017-02-24
5.0
None Remote Low Not required None None Partial
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
2 CVE-2017-6206 200 +Info 2017-02-23 2017-02-24
5.0
None Remote Low Not required Partial None None
D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure attacks via unspecified vectors.
3 CVE-2017-6100 284 2017-02-23 2017-02-24
5.0
None Remote Low Not required Partial None None
tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP.
4 CVE-2017-6072 200 +Info 2017-02-21 2017-02-23
5.0
None Remote Low Not required Partial None None
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin.
5 CVE-2017-6071 200 +Info 2017-02-21 2017-02-23
5.0
None Remote Low Not required Partial None None
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml.
6 CVE-2017-5997 399 DoS 2017-02-15 2017-02-23
5.0
None Remote Low Not required None None Partial
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.
7 CVE-2017-5992 611 2017-02-15 2017-02-17
5.8
None Remote Medium Not required Partial None Partial
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
8 CVE-2017-5991 476 2017-02-15 2017-02-24
5.0
None Remote Low Not required None None Partial
An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation.
9 CVE-2017-5970 284 DoS 2017-02-14 2017-02-16
5.0
None Remote Low Not required None None Partial
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
10 CVE-2017-5848 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
11 CVE-2017-5847 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
12 CVE-2017-5845 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.
13 CVE-2017-5843 416 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
14 CVE-2017-5841 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
15 CVE-2017-5840 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
16 CVE-2017-5839 20 DoS Overflow 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.
17 CVE-2017-5838 125 DoS 2017-02-09 2017-02-13
5.0
None Remote Low Not required None None Partial
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
18 CVE-2017-5610 200 Bypass +Info 2017-01-29 2017-02-05
5.0
None Remote Low Not required Partial None None
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
19 CVE-2017-5601 125 2017-01-27 2017-02-07
5.0
None Remote Low Not required None None Partial
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
20 CVE-2017-5598 89 Sql 2017-01-27 2017-01-31
5.0
None Remote Low Not required Partial None None
An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection within the EmployeePortalServlet, which can be exploited by un-authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects the EmployeePortalServlet page and the following parameter: employer.
21 CVE-2017-5597 190 Overflow 2017-01-25 2017-01-27
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.
22 CVE-2017-5596 Overflow 2017-01-25 2017-01-27
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
23 CVE-2017-5572 264 2017-01-30 2017-02-07
5.5
None Remote Low Single system None Partial Partial
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
24 CVE-2017-5556 125 DoS Exec Code 2017-01-23 2017-01-26
5.8
None Remote Medium Not required Partial None Partial
The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
25 CVE-2017-5541 22 Dir. Trav. 2017-01-20 2017-01-26
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote attackers to rename arbitrary files via a .. (dot dot) in the existing-folder and new-folder parameters.
26 CVE-2017-5493 310 Bypass 2017-01-14 2017-01-18
5.0
None Remote Low Not required None Partial None
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.
27 CVE-2017-5491 254 Bypass 2017-01-14 2017-01-18
5.0
None Remote Low Not required None Partial None
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
28 CVE-2017-5487 200 +Info 2017-01-14 2017-01-18
5.0
None Remote Low Not required Partial None None
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
29 CVE-2017-5480 22 Dir. Trav. 2017-01-15 2017-01-18
5.5
None Remote Low Single system Partial Partial None
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter.
30 CVE-2017-5474 601 2017-01-14 2017-01-25
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
31 CVE-2017-5372 200 +Info 2017-01-23 2017-01-25
5.0
None Remote Low Not required Partial None None
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908.
32 CVE-2017-5371 20 DoS 2017-01-23 2017-01-25
5.0
None Remote Low Not required None None Partial
Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422.
33 CVE-2017-5357 416 DoS 2017-02-16 2017-02-17
5.0
None Remote Low Not required None None Partial
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
34 CVE-2017-5350 388 2017-01-12 2017-01-27
5.0
None Remote Low Not required None None Partial
Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.
35 CVE-2017-5328 284 2017-01-27 2017-02-07
5.0
None Remote Low Not required None Partial None
Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors.
36 CVE-2017-5169 352 Exec Code CSRF 2017-02-13 2017-02-24
5.1
None Remote High Not required Partial Partial Partial
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.
37 CVE-2017-5168 22 Exec Code Dir. Trav. 2017-02-13 2017-02-24
5.1
None Remote High Not required Partial Partial Partial
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.
38 CVE-2017-5166 200 +Priv +Info 2017-02-13 2017-02-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device.
39 CVE-2017-5146 200 +Info 2017-02-13 2017-02-24
5.0
None Remote Low Not required Partial None None
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text.
40 CVE-2017-5140 255 2017-02-13 2017-02-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Password is stored in clear text.
41 CVE-2017-5139 264 2017-02-13 2017-02-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Any user is able to disclose a password by accessing a specific URL, because of Plaintext Storage of a Password.
42 CVE-2017-5137 532 2017-02-05 2017-02-09
5.0
None Remote Low Not required Partial None None
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.
43 CVE-2017-3842 200 +Info 2017-02-21 2017-02-23
5.0
None Remote Low Not required Partial None None
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments. More Information: CSCuh91455. Known Affected Releases: 7.2(1)V7.
44 CVE-2017-3841 200 +Info 2017-02-21 2017-02-23
5.0
None Remote Low Not required Partial None None
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. Known Affected Releases: 5.8(2.5).
45 CVE-2017-3840 601 2017-02-21 2017-02-23
5.8
None Remote Medium Not required Partial Partial None
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. More Information: CSCvc04849. Known Affected Releases: 5.8(2.5).
46 CVE-2017-3837 20 DoS 2017-02-21 2017-02-23
5.5
None Remote Low Single system Partial None Partial
An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge. Affected Products: This vulnerability affects Cisco Meeting Server software releases prior to 2.1.2. This product was previously known as Acano Conferencing Server. More Information: CSCvc89551. Known Affected Releases: 2.0 2.0.7 2.1. Known Fixed Releases: 2.1.2.
47 CVE-2017-3830 20 DoS 2017-02-21 2017-02-24
5.0
None Remote Low Not required None None Partial
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Information: CSCvc89678. Known Affected Releases: 2.1. Known Fixed Releases: 2.1.2.
48 CVE-2017-3824 119 DoS Overflow 2017-02-03 2017-02-23
5.4
None Remote High Not required None None Complete
A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco cBR-8 Converged Broadband Routers running vulnerable versions of Cisco IOS XE are affected. More Information: CSCux40637. Known Affected Releases: 15.5(3)S 15.6(1)S. Known Fixed Releases: 15.5(3)S2 15.6(1)S1 15.6(2)S 15.6(2)SP 16.4(1).
49 CVE-2017-3814 20 Bypass 2017-02-03 2017-02-09
5.0
None Remote Low Not required None Partial None
A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0.
50 CVE-2017-3809 20 2017-02-03 2017-02-09
5.0
None Remote Low Not required None Partial None
A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. More Information: CSCvb95281. Known Affected Releases: 6.1.0 6.2.0. Known Fixed Releases: 6.1.0.1 6.2.0.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.