CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
6101 CVE-2017-7758 125 2018-06-11 2018-08-03
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
6102 CVE-2017-7755 426 2018-06-11 2018-08-08
6.8
None Remote Medium Not required Partial Partial Partial
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
6103 CVE-2017-7753 125 2018-06-11 2018-08-03
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
6104 CVE-2017-7752 416 2018-06-11 2018-08-03
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
6105 CVE-2017-7721 20 2017-04-30 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.
6106 CVE-2017-7717 89 Exec Code Sql 2017-04-14 2018-12-10
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.
6107 CVE-2017-7698 416 Exec Code 2017-05-10 2017-05-24
6.8
None Remote Medium Not required Partial Partial Partial
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02.
6108 CVE-2017-7694 94 Exec Code 2017-04-11 2017-04-17
6.5
None Remote Low Single system Partial Partial Partial
Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor.
6109 CVE-2017-7693 22 Dir. Trav. 2017-08-26 2017-09-02
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in viewer_script.jsp in Riverbed OPNET App Response Xpert (ARX) version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files.
6110 CVE-2017-7682 2017-07-17 2019-10-02
6.4
None Remote Low Not required Partial Partial None
Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas.
6111 CVE-2017-7681 89 Sql 2017-07-17 2017-07-19
6.5
None Remote Low Single system Partial Partial Partial
Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.
6112 CVE-2017-7666 79 XSS CSRF 2017-07-17 2017-07-19
6.8
None Remote Medium Not required Partial Partial Partial
Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.
6113 CVE-2017-7662 352 CSRF 2017-05-16 2017-07-07
6.8
None Remote Medium Not required Partial Partial Partial
Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF (Cross Style Request Forgery) style vulnerability has been found in this web application in Apache CXF Fediz prior to 1.4.0 and 1.3.2, meaning that a malicious web application could create new clients, or reset secrets, etc, after the admin user has logged on to the client registration service and the session is still active.
6114 CVE-2017-7661 352 CSRF 2017-05-16 2017-07-07
6.8
None Remote Medium Not required Partial Partial Partial
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4.
6115 CVE-2017-7652 2018-04-25 2019-10-09
6.0
None Remote Medium Single system Partial Partial Partial
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then opening the configuration file will fail.
6116 CVE-2017-7647 Exec Code 2017-04-10 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.
6117 CVE-2017-7641 352 CSRF 2018-03-08 2018-03-27
6.8
None Remote Medium Not required Partial Partial Partial
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections.
6118 CVE-2017-7638 287 +Info 2018-03-08 2018-03-27
6.4
None Remote Low Not required Partial Partial None
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.
6119 CVE-2017-7635 352 CSRF 2018-06-05 2018-07-12
6.8
None Remote Medium Not required Partial Partial Partial
QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections.
6120 CVE-2017-7617 119 Exec Code Overflow 2017-04-10 2017-04-17
6.5
None Remote Low Single system Partial Partial Partial
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.
6121 CVE-2017-7615 640 2017-04-16 2017-08-15
6.5
None Remote Low Single system Partial Partial Partial
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
6122 CVE-2017-7605 617 DoS 2017-04-09 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.
6123 CVE-2017-7604 20 DoS 2017-04-09 2017-04-13
6.8
None Remote Medium Not required Partial Partial Partial
au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.
6124 CVE-2017-7603 190 DoS Overflow 2017-04-09 2017-04-13
6.8
None Remote Medium Not required Partial Partial Partial
au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.
6125 CVE-2017-7602 190 DoS Overflow 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6126 CVE-2017-7601 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6127 CVE-2017-7600 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6128 CVE-2017-7599 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6129 CVE-2017-7597 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6130 CVE-2017-7596 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6131 CVE-2017-7592 20 DoS 2017-04-09 2018-03-21
6.8
None Remote Medium Not required Partial Partial Partial
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
6132 CVE-2017-7584 119 DoS Exec Code Overflow Mem. Corr. 2017-04-07 2017-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file.
6133 CVE-2017-7578 119 DoS Overflow 2017-04-07 2017-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831.
6134 CVE-2017-7571 352 CSRF 2017-04-06 2017-08-15
6.0
None Remote Medium Single system Partial Partial Partial
public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.
6135 CVE-2017-7570 94 Exec Code 2017-04-07 2017-04-13
6.5
None Remote Low Single system Partial Partial Partial
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
6136 CVE-2017-7565 22 Exec Code Dir. Trav. 2017-04-06 2017-04-12
6.5
None Remote Low Single system Partial Partial Partial
Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.
6137 CVE-2017-7563 732 Bypass 2017-06-07 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).
6138 CVE-2017-7557 352 CSRF 2017-08-22 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.
6139 CVE-2017-7556 352 CSRF 2017-08-17 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.
6140 CVE-2017-7553 918 2017-09-28 2017-12-30
6.5
None Remote Low Single system Partial Partial Partial
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
6141 CVE-2017-7544 125 2017-09-21 2019-10-09
6.4
None Remote Low Not required Partial None Partial
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
6142 CVE-2017-7533 362 DoS +Priv Mem. Corr. 2017-08-05 2018-01-04
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
6143 CVE-2017-7530 2018-07-26 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to (e.g. destroying VMs).
6144 CVE-2017-7506 119 Overflow 2017-07-18 2018-11-08
6.5
None Remote Low Single system Partial Partial Partial
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
6145 CVE-2017-7505 269 2017-05-26 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global admin accounts including changing their passwords.
6146 CVE-2017-7489 269 2017-05-15 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
6147 CVE-2017-7477 119 DoS Overflow 2017-04-25 2018-01-04
6.9
None Local Medium Not required Complete Complete Complete
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
6148 CVE-2017-7461 22 Dir. Trav. 2017-04-11 2017-04-18
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
6149 CVE-2017-7447 352 Exec Code CSRF 2017-04-05 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
6150 CVE-2017-7446 352 CSRF 2017-04-05 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.