CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
5001 CVE-2017-9300 119 DoS Overflow 2017-05-29 2017-11-22
6.8
None Remote Medium Not required Partial Partial Partial
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
5002 CVE-2017-9146 119 DoS Overflow 2017-05-22 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.
5003 CVE-2017-9115 189 Exec Code 2017-05-21 2019-07-30
6.8
None Remote Medium Not required Partial Partial Partial
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
5004 CVE-2017-9111 189 Exec Code 2017-05-21 2019-07-30
6.8
None Remote Medium Not required Partial Partial Partial
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
5005 CVE-2017-9097 22 Dir. Trav. 2017-06-15 2017-07-05
6.4
None Remote Low Not required Partial Partial None
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a path traversal technique, as demonstrated by reading the password file, or using the template parameter to cgi-bin/write.cgi to write to an arbitrary file.
5006 CVE-2017-9096 611 2017-11-08 2019-04-30
6.8
None Remote Medium Not required Partial Partial Partial
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
5007 CVE-2017-9069 434 Exec Code 2017-05-18 2017-05-30
6.5
None Remote Low Single system Partial Partial Partial
In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess.
5008 CVE-2017-9064 352 CSRF 2017-05-18 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
5009 CVE-2017-9043 20 DoS 2017-05-17 2017-05-24
6.8
None Remote Medium Not required Partial Partial Partial
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
5010 CVE-2017-9042 704 DoS 2017-05-17 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
5011 CVE-2017-9033 352 CSRF 2017-05-25 2017-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update from an arbitrary source via a crafted request to SProtectLinux/scanoption_set.cgi, related to the lack of anti-CSRF tokens.
5012 CVE-2017-9025 119 Overflow 2017-05-17 2017-05-24
6.4
None Remote Low Not required None Partial Partial
Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header.
5013 CVE-2017-8989 601 2018-08-06 2018-10-17
6.4
None Remote Low Not required Partial Partial None
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
5014 CVE-2017-8979 264 DoS Exec Code Bypass 2018-02-15 2018-05-09
6.8
None Remote Medium Not required Partial Partial Partial
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
5015 CVE-2017-8959 264 Bypass 2018-02-15 2018-03-15
6.5
None Remote Low Single system Partial Partial Partial
An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found.
5016 CVE-2017-8930 352 CSRF 2017-05-14 2017-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can (1) create new administrator user accounts and take over the entire application, (2) create regular user accounts, or (3) change configuration parameters such as tax rates and the enable/disable status of PayPal payment modules.
5017 CVE-2017-8928 352 CSRF 2017-05-14 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
5018 CVE-2017-8927 119 DoS Overflow 2017-05-15 2017-05-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
5019 CVE-2017-8926 119 DoS Overflow 2017-05-15 2017-05-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
5020 CVE-2017-8913 611 2017-05-23 2018-12-10
6.5
None Remote Low Single system Partial Partial Partial
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.
5021 CVE-2017-8912 94 Exec Code 2017-05-12 2017-08-15
6.5
None Remote Low Single system Partial Partial Partial
** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a bug."
5022 CVE-2017-8907 264 Exec Code 2017-06-14 2017-07-05
6.5
None Remote Low Single system Partial Partial Partial
Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan with a green build, to create a deployment project and execute arbitrary code on an available Bamboo Agent. By default a local agent is enabled; this means that code execution can occur on the system hosting Bamboo as the user running Bamboo.
5023 CVE-2017-8905 264 Exec Code 2017-05-11 2017-07-10
6.8
None Local Low Single system Complete Complete Complete
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
5024 CVE-2017-8904 264 Exec Code 2017-05-11 2017-07-10
6.8
None Local Low Single system Complete Complete Complete
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
5025 CVE-2017-8899 264 XSS 2017-05-11 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation.
5026 CVE-2017-8894 444 Exec Code 2017-07-02 2017-07-07
6.8
None Remote Medium Not required Partial Partial Partial
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.
5027 CVE-2017-8874 352 CSRF 2017-05-10 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
5028 CVE-2017-8872 125 DoS 2017-05-10 2017-05-15
6.4
None Remote Low Not required Partial None Partial
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
5029 CVE-2017-8870 119 Exec Code Overflow 2017-07-27 2017-08-03
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file.
5030 CVE-2017-8869 119 Exec Code Overflow 2017-07-27 2017-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
5031 CVE-2017-8854 119 Overflow 2017-05-09 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
5032 CVE-2017-8853 22 Dir. Trav. 2017-05-09 2017-05-17
6.4
None Remote Low Not required None Partial Partial
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.
5033 CVE-2017-8852 119 Overflow 2017-05-10 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
5034 CVE-2017-8844 119 DoS Overflow 2017-05-08 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
5035 CVE-2017-8836 352 Exec Code CSRF 2017-06-05 2017-08-12
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
5036 CVE-2017-8829 502 Exec Code 2017-05-08 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.
5037 CVE-2017-8827 287 DoS 2017-05-08 2017-05-12
6.4
None Remote Low Not required None Partial Partial
forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.
5038 CVE-2017-8826 119 Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
5039 CVE-2017-8823 416 2017-12-03 2017-12-21
6.8
None Remote Medium Not required Partial Partial Partial
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
5040 CVE-2017-8807 119 Overflow +Info 2017-11-15 2017-12-04
6.4
None Remote Low Not required Partial None Partial
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
5041 CVE-2017-8805 22 Dir. Trav. 2017-10-17 2017-11-08
6.4
None Remote Low Not required Partial Partial None
Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.
5042 CVE-2017-8803 119 Exec Code Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands.
5043 CVE-2017-8794 918 2017-05-05 2017-05-17
6.4
None Remote Low Not required Partial Partial None
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/[email protected]/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.
5044 CVE-2017-8793 264 Bypass 2017-05-05 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site access with a bypass of the Same Origin Policy.
5045 CVE-2017-8787 119 DoS Overflow 2017-05-05 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
5046 CVE-2017-8785 119 Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
5047 CVE-2017-8781 119 Exec Code Overflow 2017-07-05 2017-07-10
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue.
5048 CVE-2017-8777 285 2019-05-22 2019-05-23
6.5
None Remote Low Single system Partial Partial Partial
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.
5049 CVE-2017-8766 119 Exec Code Overflow 2017-07-05 2017-07-12
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.
5050 CVE-2017-8714 20 Exec Code 2017-09-12 2017-09-19
6.9
None Local Medium Not required Complete Complete Complete
The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.