CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11001 CVE-2017-7564 20 DoS 2017-06-07 2017-06-15
5.0
None Remote Low Not required None None Partial
In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.
11002 CVE-2017-7563 264 Bypass 2017-06-07 2017-06-15
6.8
None Remote Medium Not required Partial Partial Partial
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).
11003 CVE-2017-7561 19 2017-09-13 2018-03-13
5.0
None Remote Low Not required None Partial None
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
11004 CVE-2017-7559 444 XSS +Info 2018-01-10 2018-11-15
5.8
None Remote Medium Not required Partial Partial None
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
11005 CVE-2017-7558 125 +Info 2018-07-26 2018-09-26
5.0
None Remote Low Not required Partial None None
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace.
11006 CVE-2017-7557 352 CSRF 2017-08-22 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.
11007 CVE-2017-7556 352 CSRF 2017-08-17 2017-08-25
6.8
None Remote Medium Not required Partial Partial Partial
Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.
11008 CVE-2017-7553 918 2017-09-28 2017-12-30
6.5
None Remote Low Single system Partial Partial Partial
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
11009 CVE-2017-7551 640 2017-08-16 2018-01-04
5.0
None Remote Low Not required Partial None None
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
11010 CVE-2017-7550 532 2017-11-21 2017-12-08
5.0
None Remote Low Not required Partial None None
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation.
11011 CVE-2017-7544 125 2017-09-21 2017-10-05
6.4
None Remote Low Not required Partial None Partial
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
11012 CVE-2017-7539 20 DoS 2018-07-26 2018-10-01
5.0
None Remote Low Not required None None Partial
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.
11013 CVE-2017-7537 798 Bypass 2018-07-26 2018-10-01
5.0
None Remote Low Not required None Partial None
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates.
11014 CVE-2017-7533 362 DoS +Priv Mem. Corr. 2017-08-05 2018-01-04
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
11015 CVE-2017-7530 264 2018-07-26 2018-10-01
6.5
None Remote Low Single system Partial Partial Partial
In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to (e.g. destroying VMs).
11016 CVE-2017-7529 190 Overflow +Info 2017-07-13 2018-01-04
5.0
None Remote Low Not required Partial None None
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
11017 CVE-2017-7524 200 +Info 2017-06-27 2017-07-05
5.0
None Remote Low Not required Partial None None
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.
11018 CVE-2017-7523 119 Overflow 2017-07-21 2017-07-27
5.0
None Remote Low Not required None None Partial
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string.
11019 CVE-2017-7513 295 2018-08-22 2018-10-23
5.8
None Remote Medium Not required Partial Partial None
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.
11020 CVE-2017-7508 399 2017-06-27 2017-11-03
5.0
None Remote Low Not required None None Partial
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
11021 CVE-2017-7507 476 2017-06-16 2018-01-04
5.0
None Remote Low Not required None None Partial
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
11022 CVE-2017-7506 119 Overflow 2017-07-18 2018-11-08
6.5
None Remote Low Single system Partial Partial Partial
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
11023 CVE-2017-7505 264 2017-05-26 2017-06-09
6.5
None Remote Low Single system Partial Partial Partial
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global admin accounts including changing their passwords.
11024 CVE-2017-7502 476 DoS 2017-05-30 2018-01-04
5.0
None Remote Low Not required None None Partial
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
11025 CVE-2017-7490 264 2017-05-15 2017-05-23
5.0
None Remote Low Not required Partial None None
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
11026 CVE-2017-7489 264 2017-05-15 2017-05-23
6.5
None Remote Low Single system Partial Partial Partial
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
11027 CVE-2017-7486 200 +Info 2017-05-12 2018-01-04
5.0
None Remote Low Not required Partial None None
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
11028 CVE-2017-7484 200 +Info 2017-05-12 2018-01-04
5.0
None Remote Low Not required Partial None None
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
11029 CVE-2017-7483 125 DoS Bypass 2017-05-02 2017-05-12
5.0
None Remote Low Not required None None Partial
Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read.
11030 CVE-2017-7478 20 DoS 2017-05-15 2017-08-15
5.0
None Remote Low Not required None None Partial
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
11031 CVE-2017-7477 119 DoS Overflow 2017-04-25 2018-01-04
6.9
None Local Medium Not required Complete Complete Complete
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
11032 CVE-2017-7473 200 +Info 2017-07-21 2017-07-27
5.0
None Remote Low Not required Partial None None
Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive where the information may not be sanitized properly.
11033 CVE-2017-7468 295 2018-07-16 2018-09-18
5.0
None Remote Low Not required None Partial None
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous certificate (or no certificate). libcurl supports by default the use of TLS session id/ticket to resume previous TLS sessions to speed up subsequent TLS handshakes. They are used when for any reason an existing TLS connection couldn't be kept alive to make the next handshake faster. This flaw is a regression and identical to CVE-2016-5419 reported on August 3rd 2016, but affecting a different version range.
11034 CVE-2017-7461 22 Dir. Trav. 2017-04-11 2017-04-18
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
11035 CVE-2017-7459 284 Http R.Spl. 2017-06-26 2017-06-29
5.0
None Remote Low Not required None Partial None
ntopng before 3.0 allows HTTP Response Splitting.
11036 CVE-2017-7458 476 DoS 2017-06-26 2017-06-29
5.0
None Remote Low Not required None None Partial
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.
11037 CVE-2017-7456 20 DoS 2017-04-14 2017-08-15
5.0
None Remote Low Not required None None Partial
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
11038 CVE-2017-7455 200 +Info 2017-04-14 2017-08-15
5.0
None Remote Low Not required Partial None None
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
11039 CVE-2017-7447 352 Exec Code CSRF 2017-04-05 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
11040 CVE-2017-7446 352 CSRF 2017-04-05 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
11041 CVE-2017-7442 22 Exec Code Dir. Trav. 2017-08-03 2017-08-09
6.8
None Remote Medium Not required Partial Partial Partial
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
11042 CVE-2017-7439 200 +Info 2017-05-25 2017-06-02
5.0
None Remote Low Not required Partial None None
NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages.
11043 CVE-2017-7434 532 2018-03-02 2018-03-19
5.0
None Remote Low Not required Partial None None
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.
11044 CVE-2017-7431 352 CSRF 2017-05-03 2017-05-15
6.8
None Remote Medium Not required Partial Partial Partial
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
11045 CVE-2017-7429 295 Exec Code 2018-03-02 2018-03-19
6.5
None Remote Low Single system Partial Partial Partial
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
11046 CVE-2017-7428 20 2017-05-03 2017-05-15
5.0
None Remote Low Not required None None Partial
NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
11047 CVE-2017-7426 611 DoS +Info 2018-03-01 2018-03-22
6.4
None Remote Low Not required Partial None Partial
The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
11048 CVE-2017-7423 352 CSRF 2017-08-21 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes creating new privileged credentials, resulting in privilege elevation (CWE-275). Note esfadmingui is not enabled by default.
11049 CVE-2017-7415 200 Bypass +Info 2017-04-27 2017-05-09
5.0
None Remote Low Not required Partial None None
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.
11050 CVE-2017-7414 77 2017-04-04 2018-06-28
5.1
None Remote High Not required Partial Partial Partial
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it.
Total number of vulnerabilities : 38818   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 (This Page)222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.