CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1801 CVE-2017-15935 94 Exec Code 2017-10-27 2017-11-14
9.0
None Remote Low Single system Complete Complete Complete
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file.
1802 CVE-2017-15876 434 2017-12-18 2018-01-05
9.0
None Remote Low Single system Complete Complete Complete
Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell.
1803 CVE-2017-15860 119 Overflow 2018-02-23 2018-03-12
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur.
1804 CVE-2017-15849 416 2018-01-10 2018-01-29
9.3
None Remote Medium Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.
1805 CVE-2017-15817 20 2018-02-23 2018-03-12
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
1806 CVE-2017-15815 119 Overflow 2018-03-15 2018-04-06
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.
1807 CVE-2017-15673 434 Exec Code 2017-11-28 2017-12-20
9.0
None Remote Low Single system Complete Complete Complete
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page.
1808 CVE-2017-15655 119 Overflow 2018-01-31 2018-02-21
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.
1809 CVE-2017-15637 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
1810 CVE-2017-15636 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
1811 CVE-2017-15635 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
1812 CVE-2017-15634 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
1813 CVE-2017-15633 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
1814 CVE-2017-15632 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
1815 CVE-2017-15631 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
1816 CVE-2017-15630 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
1817 CVE-2017-15629 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
1818 CVE-2017-15628 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
1819 CVE-2017-15627 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
1820 CVE-2017-15626 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
1821 CVE-2017-15625 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
1822 CVE-2017-15624 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
1823 CVE-2017-15623 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
1824 CVE-2017-15622 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
1825 CVE-2017-15621 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
1826 CVE-2017-15620 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
1827 CVE-2017-15619 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
1828 CVE-2017-15618 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
1829 CVE-2017-15617 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
1830 CVE-2017-15616 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
1831 CVE-2017-15615 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
1832 CVE-2017-15614 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
1833 CVE-2017-15613 77 Exec Code 2018-01-11 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
1834 CVE-2017-15597 264 DoS Mem. Corr. +Info 2017-10-30 2018-10-19
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
1835 CVE-2017-15550 22 Dir. Trav. 2018-01-05 2018-01-18
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
1836 CVE-2017-15549 434 2018-01-05 2018-01-18
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system.
1837 CVE-2017-15548 287 Bypass 2018-01-05 2018-01-18
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.
1838 CVE-2017-15400 93 Exec Code 2018-02-07 2018-07-12
9.3
None Remote Medium Not required Complete Complete Complete
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
1839 CVE-2017-15399 416 2018-08-28 2018-11-07
9.3
None Remote Medium Not required Complete Complete Complete
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
1840 CVE-2017-15376 94 Exec Code 2017-10-16 2017-11-07
10.0
None Remote Low Not required Complete Complete Complete
The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23.
1841 CVE-2017-15366 264 2017-10-26 2017-11-17
10.0
None Remote Low Not required Complete Complete Complete
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required.
1842 CVE-2017-15325 190 Exec Code Overflow 2018-03-23 2018-04-19
9.3
None Remote Medium Not required Complete Complete Complete
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.
1843 CVE-2017-15316 415 Exec Code 2017-12-22 2018-01-05
9.3
None Remote Medium Not required Complete Complete Complete
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which triggers double free and causes a system crash or arbitrary code execution.
1844 CVE-2017-15295 264 2017-10-16 2018-12-10
10.0
None Remote Low Not required Complete Complete Complete
Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.
1845 CVE-2017-15293 264 2017-10-16 2018-12-10
10.0
None Remote Low Not required Complete Complete Complete
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.
1846 CVE-2017-15126 416 2018-01-14 2018-05-06
9.3
None Remote Medium Not required Complete Complete Complete
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().
1847 CVE-2017-15114 16 +Priv 2017-11-27 2017-12-20
9.3
None Remote Medium Not required Complete Complete Complete
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
1848 CVE-2017-15103 20 Exec Code 2017-12-18 2018-01-12
9.0
None Remote Low Single system Complete Complete Complete
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation.
1849 CVE-2017-15049 78 Exec Code 2017-12-19 2018-01-08
9.3
None Remote Medium Not required Complete Complete Complete
The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.
1850 CVE-2017-15043 20 Exec Code +Priv 2018-05-04 2018-06-13
9.0
None Remote Low Single system Complete Complete Complete
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.5 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9 could allow an authenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. This vulnerability is due to insufficient input validation on user-controlled input in an HTTP request to the targeted device. An attacker in possession of router login credentials could exploit this vulnerability by sending a crafted HTTP request to an affected system.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.