CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1001 CVE-2016-2339 119 Overflow 2017-01-06 2018-07-14
7.5
None Remote Low Not required Partial Partial Partial
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
1002 CVE-2016-2337 Exec Code 2017-01-06 2018-08-28
7.5
None Remote Low Not required Partial Partial Partial
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
1003 CVE-2016-2336 Exec Code 2017-01-06 2017-01-10
7.5
None Remote Low Not required Partial Partial Partial
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
1004 CVE-2016-2242 94 Exec Code 2017-01-23 2018-10-09
10.0
None Remote Low Not required Complete Complete Complete
Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php.
1005 CVE-2016-2233 119 DoS Overflow 2017-01-18 2017-02-02
5.0
None Remote Low Not required None None Partial
Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.
1006 CVE-2016-2217 320 2017-01-30 2017-06-30
5.0
None Remote Low Not required Partial None None
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.
1007 CVE-2016-2090 119 Overflow 2017-01-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
1008 CVE-2016-2087 22 Dir. Trav. 2017-01-18 2017-02-01
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. (dot dot) in the server name.
1009 CVE-2016-2050 787 DoS 2017-01-31 2017-02-05
4.3
None Remote Medium Not required None None Partial
The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.
1010 CVE-2016-1925 191 Overflow 2017-01-23 2017-01-24
7.5
None Remote Low Not required Partial Partial Partial
Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow.
1011 CVE-2016-1920 284 2017-01-27 2018-10-09
4.3
None Remote Medium Not required None Partial None
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
1012 CVE-2016-1919 310 +Info 2017-01-27 2018-10-09
1.9
None Local Medium Not required Partial None None
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
1013 CVE-2016-1551 254 2017-01-27 2017-11-20
2.6
None Remote High Not required None Partial None
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock's peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.
1014 CVE-2016-1550 200 +Info 2017-01-06 2018-01-04
5.0
None Remote Low Not required Partial None None
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
1015 CVE-2016-1549 19 2017-01-06 2018-03-27
4.0
None Remote Low Single system None Partial None
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
1016 CVE-2016-1548 19 2017-01-06 2018-01-04
6.4
None Remote Low Not required None Partial Partial
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
1017 CVE-2016-1547 20 2017-01-06 2018-01-04
5.0
None Remote Low Not required None None Partial
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
1018 CVE-2016-1515 415 2017-01-06 2017-01-10
5.0
None Remote Low Not required None None Partial
A use-after-free / double-free vulnerability can occur in libebml master branch while parsing Track elements of the MKV container.
1019 CVE-2016-1514 189 +Info 2017-01-06 2017-01-10
5.0
None Remote Low Not required Partial None None
A specially crafted unicode string in libebml master branch can cause an off-by-few read on the heap in unicode string parsing code in libebml. This issue can potentially be used for information leaks.
1020 CVE-2016-1417 426 Exec Code 2017-01-23 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed.
1021 CVE-2016-1281 426 Exec Code 2017-01-23 2017-01-26
4.4
None Local Medium Not required Partial Partial Partial
Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs.
1022 CVE-2016-0769 89 Exec Code Sql 2017-01-23 2017-01-26
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter.
1023 CVE-2016-0765 79 XSS 2017-01-23 2017-01-26
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter.
1024 CVE-2015-8977 532 2017-01-31 2017-02-05
5.0
None Remote Low Not required Partial None None
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.
1025 CVE-2015-8976 79 XSS 2017-01-31 2017-02-03
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via vectors related to "old upgrade files."
1026 CVE-2015-8975 79 XSS 2017-01-31 2017-02-03
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
1027 CVE-2015-8974 89 Exec Code Sql 2017-01-31 2017-02-05
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
1028 CVE-2015-8973 284 Bypass 2017-01-31 2017-02-05
7.5
None Remote Low Not required Partial Partial Partial
xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password.
1029 CVE-2015-8972 119 Exec Code Overflow 2017-01-23 2017-01-25
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
1030 CVE-2015-8971 77 Exec Code 2017-01-23 2017-01-26
4.6
None Local Low Not required Partial Partial Partial
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.
1031 CVE-2015-8862 79 XSS 2017-01-23 2017-03-01
4.3
None Remote Medium Not required None Partial None
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
1032 CVE-2015-8861 79 XSS 2017-01-23 2017-03-01
4.3
None Remote Medium Not required None Partial None
The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
1033 CVE-2015-8860 59 2017-01-23 2017-01-24
5.0
None Remote Low Not required None Partial None
The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.
1034 CVE-2015-8859 200 +Info 2017-01-23 2017-03-01
5.0
None Remote Low Not required Partial None None
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors.
1035 CVE-2015-8858 399 DoS 2017-01-23 2017-03-01
7.8
None Remote Low Not required None None Complete
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service (CPU consumption) via crafted input in a parse call, aka a "regular expression denial of service (ReDoS)."
1036 CVE-2015-8857 254 Bypass 2017-01-23 2017-03-01
7.5
None Remote Low Not required Partial Partial Partial
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
1037 CVE-2015-8856 79 XSS 2017-01-23 2017-03-01
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name.
1038 CVE-2015-8855 399 DoS 2017-01-23 2017-01-26
7.8
None Remote Low Not required None None Complete
The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
1039 CVE-2015-8854 399 DoS 2017-01-23 2017-01-24
7.8
None Remote Low Not required None None Complete
The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (ReDoS)."
1040 CVE-2015-8684 79 XSS 2017-01-18 2017-01-19
4.3
None Remote Medium Not required None Partial None
Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality.
1041 CVE-2015-8667 79 XSS 2017-01-18 2017-01-19
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email.
1042 CVE-2015-8315 399 DoS 2017-01-23 2017-03-01
7.8
None Remote Low Not required None None Complete
The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
1043 CVE-2015-8212 20 Exec Code 2017-01-19 2017-01-20
7.5
None Remote Low Not required Partial Partial Partial
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
1044 CVE-2015-8158 DoS 2017-01-30 2018-01-04
4.3
None Remote Medium Not required None None Partial
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
1045 CVE-2015-8140 284 2017-01-30 2017-11-20
5.8
None Remote Medium Not required None Partial Partial
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
1046 CVE-2015-8139 284 2017-01-30 2017-11-20
5.0
None Remote Low Not required None Partial None
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
1047 CVE-2015-8138 20 Bypass 2017-01-30 2017-11-20
5.0
None Remote Low Not required None Partial None
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
1048 CVE-2015-8034 200 +Info 2017-01-30 2017-03-01
2.1
None Local Low Not required Partial None None
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.
1049 CVE-2015-8020 200 +Info 2017-01-11 2017-11-15
4.3
None Remote Medium Not required Partial None None
Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.
1050 CVE-2015-7979 19 DoS 2017-01-30 2018-05-17
5.0
None Remote Low Not required None None Partial
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
Total number of vulnerabilities : 1085   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 (This Page)22
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.