CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2017-17877 2017-12-27 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878.
102 CVE-2017-17876 275 Bypass 2017-12-27 2018-01-10
5.0
None Remote Low Not required Partial None None
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
103 CVE-2017-17875 89 Sql 2017-12-27 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.
104 CVE-2017-17874 434 2017-12-27 2018-01-11
6.5
None Remote Low Single system Partial Partial Partial
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI.
105 CVE-2017-17873 89 Sql 2017-12-27 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.
106 CVE-2017-17872 89 Sql 2017-12-27 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.
107 CVE-2017-17871 89 Sql 2017-12-27 2019-07-01
7.5
None Remote Low Not required Partial Partial Partial
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
108 CVE-2017-17870 89 Sql 2017-12-27 2018-01-11
7.5
None Remote Low Not required Partial Partial Partial
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.
109 CVE-2017-17869 79 XSS 2017-12-27 2018-01-10
4.3
None Remote Medium Not required None Partial None
The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.
110 CVE-2017-17868 79 XSS 2017-12-27 2018-01-09
4.3
None Remote Medium Not required None Partial None
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter (p_r_p) value, as demonstrated by p_r_p_564233524_tag.
111 CVE-2017-17866 119 DoS Overflow 2017-12-27 2018-11-05
6.8
None Remote Medium Not required Partial Partial Partial
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
112 CVE-2017-17864 200 +Info 2017-12-27 2018-01-12
2.1
None Local Low Not required Partial None None
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
113 CVE-2017-17863 190 DoS Overflow 2017-12-27 2018-03-15
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.
114 CVE-2017-17862 20 DoS 2017-12-27 2018-04-06
4.9
None Local Low Not required None None Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
115 CVE-2017-17859 79 XSS Bypass +Info 2017-12-27 2018-01-16
4.3
None Remote Medium Not required None Partial None
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML file does not have a document.domain value corresponding to the domain that is hosting the MHTML file, but instead has a document.domain value corresponding to an arbitrary URL within the content of the MHTML file.
116 CVE-2017-17857 119 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.
117 CVE-2017-17856 119 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.
118 CVE-2017-17855 119 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.
119 CVE-2017-17854 190 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
120 CVE-2017-17853 119 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.
121 CVE-2017-17852 119 DoS Overflow Mem. Corr. 2017-12-27 2018-01-09
7.2
None Local Low Not required Complete Complete Complete
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.
122 CVE-2017-17850 20 2017-12-27 2018-11-25
5.0
None Remote Low Not required None None Partial
An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSIP channel driver was used, Asterisk would crash. The severity of this vulnerability is somewhat mitigated if authentication is enabled. If authentication is enabled, a user would have to first be authorized before reaching the crash point.
123 CVE-2017-17849 119 Exec Code Overflow 2017-12-27 2018-07-27
10.0
None Remote Low Not required Complete Complete Complete
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
124 CVE-2017-17848 347 2017-12-27 2019-05-16
5.0
None Remote Low Not required None Partial None
An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a cid: URI but not actually displayed. In other words, the entire containing message appears to be signed, but the recipient does not see any of the signed text.
125 CVE-2017-17847 347 2017-12-27 2018-02-03
5.0
None Remote Low Not required None Partial None
An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachment that is a signed e-mail message in message/rfc822 format.
126 CVE-2017-17846 20 DoS 2017-12-27 2018-02-03
5.0
None Remote Low Not required None None Partial
An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.
127 CVE-2017-17845 338 2017-12-27 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001.
128 CVE-2017-17844 319 2017-12-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block (that the attacker cannot directly decrypt) to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted text, aka the TBE-01-005 "replay" issue.
129 CVE-2017-17843 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Enigmail before 1.9.9 that allows remote attackers to trigger use of an intended public key for encryption, because incorrect regular expressions are used for extraction of an e-mail address from a comma-separated list, as demonstrated by a modified Full Name field and a homograph attack, aka TBE-01-002.
130 CVE-2017-17840 119 Exec Code Overflow 2017-12-27 2018-01-11
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can cause the iscsiuio server to abort or potentially execute code by sending messages with incorrect lengths, which (due to lack of checking) can lead to buffer overflows, and result in aborts (with overflow checking enabled) or code execution. The process_iscsid_broadcast function in iscsiuio/src/unix/iscsid_ipc.c does not validate the payload length before a write operation.
131 CVE-2017-17832 79 XSS 2017-12-27 2018-01-17
3.5
None Remote Medium Single system None Partial None
ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings - SMS Alerts page).
132 CVE-2017-17831 20 Exec Code 2017-12-21 2019-08-01
6.8
None Remote Medium Not required Partial Partial Partial
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
133 CVE-2017-17830 352 CSRF 2017-12-21 2018-01-03
6.0
None Remote Medium Single system Partial Partial Partial
Bus Booking Script has CSRF via admin/new_master.php.
134 CVE-2017-17829 89 Sql 2017-12-21 2018-01-03
6.5
None Remote Low Single system Partial Partial Partial
Bus Booking Script has SQL Injection via the admin/view_seatseller.php sp_id parameter or the admin/view_member.php memid parameter.
135 CVE-2017-17828 79 XSS 2017-12-21 2018-01-03
3.5
None Remote Medium Single system None Partial None
Bus Booking Script has XSS via the results.php datepicker parameter or the admin/new_master.php spemail parameter.
136 CVE-2017-17827 352 CSRF 2017-12-20 2018-01-03
6.8
None Remote Medium Not required Partial Partial Partial
Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.
137 CVE-2017-17826 79 XSS 2017-12-20 2018-01-03
4.3
None Remote Medium Not required None Partial None
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallery_title parameter in an admin.php?page=configuration&section=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it.
138 CVE-2017-17825 79 XSS 2017-12-20 2018-01-03
3.5
None Remote Medium Single system None Partial None
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags-* array parameters in an admin.php?page=batch_manager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it.
139 CVE-2017-17824 89 Sql 2017-12-20 2018-01-03
4.0
None Remote Low Single system Partial None None
The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batch_manager_unit.php element_ids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database.
140 CVE-2017-17823 89 Sql 2017-12-20 2018-01-03
4.0
None Remote Low Single system Partial None None
The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php order_by array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database.
141 CVE-2017-17822 89 Sql 2017-12-20 2018-01-03
4.0
None Remote Low Single system Partial None None
The List Users API of Piwigo 2.9.2 is vulnerable to SQL Injection via the /admin/user_list_backend.php sSortDir_0 parameter. An attacker can exploit this to gain access to the data in a connected MySQL database.
142 CVE-2017-17821 119 DoS Overflow 2017-12-20 2018-01-10
7.5
None Remote Low Not required Partial Partial Partial
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
143 CVE-2017-17820 416 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
144 CVE-2017-17819 476 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.
145 CVE-2017-17818 125 DoS 2017-12-20 2019-10-02
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
146 CVE-2017-17817 416 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
147 CVE-2017-17816 416 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.
148 CVE-2017-17815 754 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.
149 CVE-2017-17814 416 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.
150 CVE-2017-17813 416 DoS 2017-12-20 2018-06-29
5.0
None Remote Low Not required None None Partial
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.
Total number of vulnerabilities : 1111   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.