# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
16051 |
CVE-2017-7746 |
835 |
|
|
2017-04-12 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length. |
16052 |
CVE-2017-7731 |
640 |
|
|
2017-05-27 |
2017-05-31 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows attacker to carry out information disclosure via the Forgotten Password feature. |
16053 |
CVE-2017-7729 |
311 |
|
|
2017-07-11 |
2021-08-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted in cleartext. |
16054 |
CVE-2017-7726 |
295 |
|
|
2017-07-11 |
2021-08-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. |
16055 |
CVE-2017-7703 |
74 |
|
|
2017-04-12 |
2019-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly. |
16056 |
CVE-2017-7696 |
770 |
|
DoS |
2017-04-14 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. |
16057 |
CVE-2017-7688 |
|
|
|
2017-07-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache OpenMeetings 1.0.0 updates user password in insecure manner. |
16058 |
CVE-2017-7687 |
|
|
DoS |
2017-09-29 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev might crash because the code accidentally calls inappropriate function. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. |
16059 |
CVE-2017-7686 |
200 |
|
+Info |
2017-06-28 |
2017-07-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where it needs to send some system properties like Apache Ignite or Java version. Some of the properties might contain user sensitive information. |
16060 |
CVE-2017-7685 |
|
|
|
2017-07-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH. |
16061 |
CVE-2017-7684 |
400 |
|
DoS |
2017-07-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server. |
16062 |
CVE-2017-7683 |
200 |
|
+Info |
2017-07-17 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure. |
16063 |
CVE-2017-7680 |
|
|
|
2017-07-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains. |
16064 |
CVE-2017-7675 |
22 |
|
Dir. Trav. Bypass |
2017-08-11 |
2019-06-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL. |
16065 |
CVE-2017-7673 |
326 |
|
|
2017-07-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection. |
16066 |
CVE-2017-7671 |
20 |
|
|
2018-02-27 |
2018-03-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump. |
16067 |
CVE-2017-7670 |
400 |
|
DoS |
2017-07-10 |
2021-06-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol. |
16068 |
CVE-2017-7668 |
125 |
|
|
2017-06-20 |
2022-04-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. |
16069 |
CVE-2017-7667 |
346 |
|
|
2017-06-12 |
2017-06-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin. |
16070 |
CVE-2017-7660 |
287 |
|
|
2017-07-07 |
2018-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected. |
16071 |
CVE-2017-7659 |
476 |
|
|
2017-07-26 |
2021-06-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. |
16072 |
CVE-2017-7656 |
|
|
|
2018-06-26 |
2021-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response. |
16073 |
CVE-2017-7655 |
476 |
|
|
2019-03-27 |
2021-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in the Mosquitto library which could lead to crashes for those applications using the library. |
16074 |
CVE-2017-7654 |
772 |
|
DoS |
2018-06-05 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker. |
16075 |
CVE-2017-7651 |
400 |
|
|
2018-04-24 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. This can be done without authentications if occur in connection phase of MQTT protocol. |
16076 |
CVE-2017-7639 |
287 |
|
|
2018-06-05 |
2018-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server. |
16077 |
CVE-2017-7633 |
200 |
|
+Info |
2018-03-05 |
2018-03-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device. |
16078 |
CVE-2017-7630 |
200 |
|
+Info |
2018-03-27 |
2018-04-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi. |
16079 |
CVE-2017-7629 |
640 |
|
|
2017-06-15 |
2017-06-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function. |
16080 |
CVE-2017-7627 |
|
|
|
2017-04-13 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check). |
16081 |
CVE-2017-7619 |
835 |
|
|
2017-04-10 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv. |
16082 |
CVE-2017-7577 |
22 |
|
Dir. Trav. |
2017-04-07 |
2018-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. |
16083 |
CVE-2017-7575 |
200 |
|
+Info |
2017-04-06 |
2017-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded. |
16084 |
CVE-2017-7569 |
918 |
|
Bypass |
2017-04-06 |
2017-04-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. |
16085 |
CVE-2017-7564 |
20 |
|
DoS |
2017-06-07 |
2017-06-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers. |
16086 |
CVE-2017-7561 |
444 |
|
|
2017-09-13 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact. |
16087 |
CVE-2017-7559 |
444 |
|
XSS +Info |
2018-01-10 |
2019-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. |
16088 |
CVE-2017-7558 |
125 |
|
+Info |
2018-07-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. |
16089 |
CVE-2017-7551 |
640 |
|
|
2017-08-16 |
2018-01-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. |
16090 |
CVE-2017-7550 |
532 |
|
|
2017-11-21 |
2021-09-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation. |
16091 |
CVE-2017-7539 |
20 |
|
DoS |
2018-07-26 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service. |
16092 |
CVE-2017-7537 |
798 |
|
Bypass |
2018-07-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. |
16093 |
CVE-2017-7529 |
190 |
|
Overflow +Info |
2017-07-13 |
2022-01-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. |
16094 |
CVE-2017-7524 |
522 |
|
|
2017-06-27 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC. |
16095 |
CVE-2017-7523 |
119 |
|
Overflow |
2017-07-21 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string. |
16096 |
CVE-2017-7513 |
295 |
|
|
2018-08-22 |
2019-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate. |
16097 |
CVE-2017-7508 |
617 |
|
|
2017-06-27 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. |
16098 |
CVE-2017-7507 |
476 |
|
|
2017-06-16 |
2018-01-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. |
16099 |
CVE-2017-7502 |
476 |
|
DoS |
2017-05-30 |
2018-01-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. |
16100 |
CVE-2017-7490 |
668 |
|
|
2017-05-15 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing. |