CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
8951 CVE-2017-2743 79 XSS 2018-01-23 2018-02-13
4.3
None Remote Medium Not required None Partial None
HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack.
8952 CVE-2017-2733 200 +Info 2017-11-22 2017-12-11
4.3
None Remote Medium Not required Partial None None
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN.
8953 CVE-2017-2732 200 +Info 2017-11-22 2017-12-07
4.3
None Remote Medium Not required Partial None None
Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious application and application can access Hilink APP data.
8954 CVE-2017-2727 284 Bypass 2017-11-22 2017-12-11
4.6
None Local Low Not required Partial Partial Partial
Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone.
8955 CVE-2017-2713 20 +Info 2017-11-22 2017-12-12
4.8
None Local Network Low Not required Partial Partial None
HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information.
8956 CVE-2017-2709 20 DoS 2017-11-22 2017-12-12
4.3
None Remote Medium Not required None None Partial
HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service.
8957 CVE-2017-2708 264 Bypass 2017-11-22 2017-12-12
4.9
None Local Low Not required None None Complete
The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset the phone by special steps. Due to missing authentication of the 'Find Phone' function, an attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.
8958 CVE-2017-2701 345 DoS 2017-11-22 2017-12-08
4.3
None Remote Medium Not required None None Partial
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of system unavailable.
8959 CVE-2017-2695 22 Dir. Trav. 2017-11-22 2017-12-12
4.3
None Remote Medium Not required Partial None None
TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application.
8960 CVE-2017-2694 275 2017-11-22 2017-12-11
4.3
None Remote Medium Not required None Partial None
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experience.
8961 CVE-2017-2690 399 DoS 2017-11-22 2017-12-08
4.9
None Local Low Not required None None Complete
SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.
8962 CVE-2017-2687 79 XSS 2017-03-28 2017-07-11
4.3
None Remote Medium Not required None Partial None
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link.
8963 CVE-2017-2686 200 +Info 2017-03-28 2017-07-11
4.0
None Remote Low Single system Partial None None
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.
8964 CVE-2017-2683 79 XSS 2017-02-27 2017-07-17
4.3
None Remote Medium Not required None Partial None
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
8965 CVE-2017-2675 264 2017-04-06 2017-04-12
4.6
None Local Low Not required Partial Partial Partial
Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Library/LaunchDaemons.
8966 CVE-2017-2672 284 2018-06-21 2018-08-13
4.0
None Remote Low Single system Partial None None
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems.
8967 CVE-2017-2671 284 DoS 2017-04-05 2018-08-24
4.9
None Local Low Not required None None Complete
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.
8968 CVE-2017-2668 476 DoS 2018-06-22 2018-08-23
4.3
None Remote Medium Not required None None Partial
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
8969 CVE-2017-2664 264 2018-07-26 2018-09-21
4.0
None Remote Low Single system None Partial None
CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges.
8970 CVE-2017-2663 264 +Priv 2018-07-27 2018-09-24
4.6
None Local Low Not required Partial Partial Partial
It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.
8971 CVE-2017-2662 284 2018-08-22 2018-10-23
4.0
None Remote Low Single system Partial None None
A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.
8972 CVE-2017-2661 79 XSS 2018-03-12 2018-04-12
4.3
None Remote Medium Not required None Partial None
ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster.
8973 CVE-2017-2658 20 2018-07-27 2018-09-27
4.3
None Remote Medium Not required None Partial None
It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console (clickjacking).
8974 CVE-2017-2653 20 XSS Bypass 2018-07-27 2018-09-27
4.0
None Remote Low Single system None Partial None
A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting or similar attacks in order to execute.
8975 CVE-2017-2651 200 +Info 2018-07-27 2018-09-24
4.3
None Remote Medium Not required Partial None None
jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.
8976 CVE-2017-2645 79 XSS 2017-03-26 2017-07-11
4.3
None Remote Medium Not required None Partial None
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
8977 CVE-2017-2644 79 XSS 2017-03-26 2017-07-11
4.3
None Remote Medium Not required None Partial None
In Moodle 3.x, XSS can occur via evidence of prior learning.
8978 CVE-2017-2642 200 +Info 2017-07-17 2017-07-19
4.0
None Remote Low Single system Partial None None
Moodle 3.x has user fullname disclosure on the user preferences page.
8979 CVE-2017-2635 476 DoS 2018-08-22 2018-10-12
4.0
None Remote Low Single system None None Partial
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.
8980 CVE-2017-2633 125 2018-07-27 2018-09-24
4.0
None Remote Low Single system None None Partial
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
8981 CVE-2017-2632 285 2018-07-27 2018-09-27
4.0
None Remote Low Single system None Partial None
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges.
8982 CVE-2017-2629 295 2018-07-27 2018-09-24
4.0
None Remote Low Single system None Partial None
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (--cert-status).
8983 CVE-2017-2623 295 2018-07-27 2018-10-05
4.3
None Remote Medium Not required None Partial None
It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default.
8984 CVE-2017-2618 682 2018-07-27 2018-09-20
4.9
None Local Low Not required None None Complete
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
8985 CVE-2017-2616 362 2018-07-27 2018-09-21
4.7
None Local Medium Not required None None Complete
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
8986 CVE-2017-2611 275 2018-05-08 2018-06-13
4.0
None Remote Low Single system None None Partial
Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents.
8987 CVE-2017-2609 200 +Info 2018-05-22 2018-06-26
4.0
None Remote Low Single system Partial None None
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
8988 CVE-2017-2606 200 +Info 2018-05-08 2018-06-13
4.0
None Remote Low Single system Partial None None
Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible (SECURITY-380). This only affects anonymous users (other users legitimately have access) that were able to get a list of items via an UnprotectedRootAction.
8989 CVE-2017-2604 264 2018-05-15 2018-06-20
4.0
None Remote Low Single system None Partial None
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).
8990 CVE-2017-2602 254 2018-05-15 2018-06-20
4.0
None Remote Low Single system None Partial None
jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents (SECURITY-358).
8991 CVE-2017-2600 200 +Info 2018-05-15 2018-06-20
4.0
None Remote Low Single system Partial None None
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
8992 CVE-2017-2598 326 2018-05-23 2018-06-26
4.0
None Remote Low Single system Partial None None
Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).
8993 CVE-2017-2596 399 DoS 2017-02-06 2018-01-04
4.9
None Local Low Not required None None Complete
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
8994 CVE-2017-2595 22 Dir. Trav. 2018-07-27 2018-09-24
4.0
None Remote Low Single system Partial None None
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.
8995 CVE-2017-2587 399 2018-07-27 2018-09-19
4.3
None Remote Medium Not required None None Partial
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
8996 CVE-2017-2586 476 2018-07-27 2018-09-19
4.3
None Remote Medium Not required None None Partial
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
8997 CVE-2017-2585 200 +Info 2018-03-12 2018-04-12
4.3
None Remote Medium Not required Partial None None
Red Hat Keycloak before version 2.5.1 has an implementation of HMAC verification for JWS tokens that uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks.
8998 CVE-2017-2583 264 DoS +Priv 2017-02-06 2018-08-24
4.6
None Local Low Not required Partial Partial Partial
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.
8999 CVE-2017-2582 200 +Info 2018-07-26 2019-01-23
4.0
None Remote Low Single system Partial None None
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
9000 CVE-2017-2578 79 XSS 2017-01-20 2017-01-25
4.3
None Remote Medium Not required None Partial None
In Moodle 3.x, there is XSS in the assignment submission page.
Total number of vulnerabilities : 26778   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 (This Page)181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.