CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1001000 264 2017-04-02 2017-04-10
5.0
None Remote Low Not required None Partial None
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI.
2 CVE-2017-1000361 399 2017-04-24 2017-04-27
5.0
None Remote Low Not required None None Partial
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
3 CVE-2017-1000360 399 2017-04-24 2017-04-27
5.0
None Remote Low Not required None None Partial
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
4 CVE-2017-1000359 399 2017-04-24 2017-04-27
5.0
None Remote Low Not required None None Partial
Java out of memory error and significant increase in resource consumption. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
5 CVE-2017-1000357 399 DoS 2017-04-24 2017-04-27
5.0
None Remote Low Not required None None Partial
Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 and 4.0 are affected by this flaw. Java version is openjdk version 1.8.0_91.
6 CVE-2017-9065 20 2017-05-18 2017-05-23
5.0
None Remote Low Not required None Partial None
In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.
7 CVE-2017-9062 19 2017-05-18 2017-05-23
5.0
None Remote Low Not required None Partial None
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
8 CVE-2017-8929 416 DoS 2017-05-14 2017-05-23
5.0
None Remote Low Not required None None Partial
The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.
9 CVE-2017-8891 17 2017-05-10 2017-05-18
5.0
None Remote Low Not required None None Partial
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
10 CVE-2017-8868 22 Dir. Trav. CSRF 2017-05-10 2017-05-17
5.0
None Remote Low Not required None None Partial
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
11 CVE-2017-8855 284 2017-05-09 2017-05-17
5.0
None Remote Low Not required None Partial None
wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.
12 CVE-2017-8825 476 2017-05-08 2017-05-18
5.0
None Remote Low Not required None None Partial
A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2. A crash can occur in low-level/imf/mailimf.c during a failed parse of a Cc header containing multiple e-mail addresses.
13 CVE-2017-8776 254 2017-05-04 2017-05-15
5.0
None Remote Low Not required None Partial None
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.
14 CVE-2017-8398 119 Overflow 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash.
15 CVE-2017-8397 119 Overflow 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
16 CVE-2017-8396 20 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
17 CVE-2017-8395 476 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.
18 CVE-2017-8394 476 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.
19 CVE-2017-8393 119 Overflow 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.
20 CVE-2017-8392 476 2017-05-01 2017-05-11
5.0
None Remote Low Not required None None Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
21 CVE-2017-8388 284 Bypass 2017-05-01 2017-05-11
5.0
None Remote Low Not required None Partial None
GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSG_USER_EMAIL_EXIST protection mechanism via a register.php?act=edit&id=1 request.
22 CVE-2017-8385 640 2017-05-01 2017-05-11
5.0
None Remote Low Not required None Partial None
Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message.
23 CVE-2017-8383 254 2017-05-01 2017-05-11
5.0
None Remote Low Not required Partial None None
Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.
24 CVE-2017-8308 264 Bypass 2017-04-27 2017-05-09
5.0
None Remote Low Not required None Partial None
In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components.
25 CVE-2017-8296 200 +Info 2017-04-27 2017-05-10
5.0
None Remote Low Not required Partial None None
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.
26 CVE-2017-8294 125 DoS 2017-04-27 2017-05-03
5.0
None Remote Low Not required None None Partial
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
27 CVE-2017-8223 287 2017-04-25 2017-05-05
5.0
None Remote Low Not required Partial None None
On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0.
28 CVE-2017-8222 320 +Info 2017-04-25 2017-05-05
5.0
None Remote Low Not required Partial None None
Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information.
29 CVE-2017-8221 200 +Info 2017-04-25 2017-05-05
5.0
None Remote Low Not required Partial None None
Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud feature) for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network.
30 CVE-2017-8217 254 2017-04-25 2017-05-09
5.0
None Remote Low Not required None Partial None
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.
31 CVE-2017-8115 22 Dir. Trav. +Info 2017-04-25 2017-05-05
5.0
None Remote Low Not required Partial None None
Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote attackers to obtain system directory information.
32 CVE-2017-8104 22 Dir. Trav. 2017-04-24 2017-04-28
5.0
None Remote Low Not required Partial None None
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.
33 CVE-2017-8099 352 CSRF 2017-04-24 2017-04-28
5.8
None Remote Medium Not required None Partial Partial
There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin's status via a GET request.
34 CVE-2017-8078 287 2017-04-23 2017-04-27
5.0
None Remote Low Not required None Partial None
On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
35 CVE-2017-8077 320 2017-04-23 2017-04-27
5.0
None Remote Low Not required Partial None None
On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
36 CVE-2017-8075 532 2017-04-23 2017-04-27
5.0
None Remote Low Not required Partial None None
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
37 CVE-2017-8074 532 2017-04-23 2017-04-27
5.0
None Remote Low Not required Partial None None
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
38 CVE-2017-8073 119 Overflow 2017-04-23 2017-04-28
5.0
None Remote Low Not required None None Partial
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.
39 CVE-2017-8057 200 +Info 2017-04-25 2017-05-03
5.0
None Remote Low Not required Partial None None
In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting.
40 CVE-2017-8056 611 DoS 2017-04-22 2017-04-27
5.0
None Remote Low Not required None None Partial
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox.
41 CVE-2017-8055 254 2017-04-22 2017-04-27
5.0
None Remote Low Not required Partial None None
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox.
42 CVE-2017-8050 284 2017-04-21 2017-04-26
5.0
None Remote Low Not required None Partial None
Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.
43 CVE-2017-7988 284 2017-04-25 2017-05-03
5.0
None Remote Low Not required None Partial None
In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article.
44 CVE-2017-7983 200 +Info 2017-04-25 2017-05-03
5.0
None Remote Low Not required Partial None None
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.
45 CVE-2017-7978 200 +Info 2017-04-19 2017-04-24
5.0
None Remote Low Not required Partial None None
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.
46 CVE-2017-7976 190 DoS Overflow 2017-04-19 2017-04-24
5.8
None Remote Medium Not required Partial None Partial
Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.
47 CVE-2017-7963 399 DoS 2017-04-19 2017-04-28
5.0
None Remote Low Not required None None Partial
** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior."
48 CVE-2017-7957 20 2017-04-29 2017-05-09
5.0
None Remote Low Not required None None Partial
XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call.
49 CVE-2017-7945 254 2017-04-28 2017-05-11
5.0
None Remote Low Not required Partial None None
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.
50 CVE-2017-7929 22 Dir. Trav. 2017-05-05 2017-05-17
5.5
None Remote Low Single system Partial None Partial
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.