| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
20201 |
CVE-2017-13771 |
522 |
|
+Info |
2017-09-07 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet. |
|
20202 |
CVE-2017-13769 |
125 |
|
DoS |
2017-08-30 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. |
|
20203 |
CVE-2017-13768 |
476 |
|
DoS |
2017-08-30 |
2019-05-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. |
|
20204 |
CVE-2017-13766 |
787 |
|
|
2017-08-30 |
2017-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. |
|
20205 |
CVE-2017-13765 |
125 |
|
|
2017-08-30 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. |
|
20206 |
CVE-2017-13764 |
476 |
|
|
2017-08-30 |
2017-09-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation. |
|
20207 |
CVE-2017-13763 |
770 |
|
|
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited. |
|
20208 |
CVE-2017-13762 |
79 |
|
XSS |
2017-08-29 |
2017-09-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. |
|
20209 |
CVE-2017-13761 |
200 |
|
+Info |
2017-09-14 |
2017-09-26 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses. |
|
20210 |
CVE-2017-13760 |
119 |
|
Overflow |
2017-08-29 |
2017-09-01 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a. |
|
20211 |
CVE-2017-13758 |
119 |
|
Overflow |
2017-08-29 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c. |
|
20212 |
CVE-2017-13757 |
125 |
|
DoS |
2017-08-29 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. |
|
20213 |
CVE-2017-13756 |
835 |
|
|
2017-08-29 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. |
|
20214 |
CVE-2017-13755 |
119 |
|
Overflow |
2017-08-29 |
2017-09-01 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. |
|
20215 |
CVE-2017-13754 |
79 |
|
XSS |
2017-09-07 |
2018-10-09 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html. |
|
20216 |
CVE-2017-13753 |
20 |
|
DoS |
2017-08-29 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function JPC_NOMINALGAIN() in jpc/jpc_t1cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20217 |
CVE-2017-13752 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20218 |
CVE-2017-13751 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20219 |
CVE-2017-13750 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20220 |
CVE-2017-13749 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20221 |
CVE-2017-13748 |
772 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. |
|
20222 |
CVE-2017-13747 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20223 |
CVE-2017-13746 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
20224 |
CVE-2017-13745 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. |
|
20225 |
CVE-2017-13744 |
125 |
|
|
2017-08-29 |
2017-12-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0. |
|
20226 |
CVE-2017-13743 |
119 |
|
DoS Overflow |
2017-08-29 |
2017-12-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack. |
|
20227 |
CVE-2017-13742 |
119 |
|
DoS Overflow |
2017-08-29 |
2017-12-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile() in compileTranslationTable.c, that will lead to a remote denial of service attack. |
|
20228 |
CVE-2017-13741 |
416 |
|
DoS |
2017-08-29 |
2017-12-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack. |
|
20229 |
CVE-2017-13740 |
119 |
|
DoS Overflow |
2017-08-29 |
2017-12-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. |
|
20230 |
CVE-2017-13739 |
119 |
|
DoS Exec Code Overflow |
2017-08-29 |
2017-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. |
|
20231 |
CVE-2017-13738 |
125 |
|
|
2017-08-29 |
2017-12-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. |
|
20232 |
CVE-2017-13737 |
416 |
|
DoS |
2017-08-29 |
2019-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. |
|
20233 |
CVE-2017-13736 |
772 |
|
DoS |
2017-08-29 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. |
|
20234 |
CVE-2017-13735 |
20 |
|
DoS |
2017-08-29 |
2017-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. |
|
20235 |
CVE-2017-13734 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack. |
|
20236 |
CVE-2017-13733 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. |
|
20237 |
CVE-2017-13732 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. |
|
20238 |
CVE-2017-13731 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. |
|
20239 |
CVE-2017-13730 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. |
|
20240 |
CVE-2017-13729 |
119 |
|
DoS Overflow |
2017-08-29 |
2018-10-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack. |
|
20241 |
CVE-2017-13728 |
835 |
|
DoS |
2017-08-29 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. |
|
20242 |
CVE-2017-13727 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. |
|
20243 |
CVE-2017-13726 |
617 |
|
DoS |
2017-08-29 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. |
|
20244 |
CVE-2017-13724 |
79 |
|
XSS |
2017-09-13 |
2017-09-21 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page. |
|
20245 |
CVE-2017-13723 |
119 |
|
Overflow |
2017-10-09 |
2018-02-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. |
|
20246 |
CVE-2017-13722 |
125 |
|
|
2017-10-11 |
2017-11-12 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
|
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. |
|
20247 |
CVE-2017-13721 |
269 |
|
|
2017-10-09 |
2019-10-02 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. |
|
20248 |
CVE-2017-13720 |
125 |
|
DoS |
2017-10-11 |
2017-11-12 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
|
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters. |
|
20249 |
CVE-2017-13718 |
254 |
|
|
2019-06-10 |
2019-06-11 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. It was identified that the device uses custom Python code called "rodman" that allows the mobile appication to interact with the device. The APIs that are a part of this rodman Python file allow the mobile application to interact with the device using a secret, which is a uuid4 based session identifier generated by the device the first time it is set up. However, in some cases, these APIs can also use a security code. This security code is nothing but the PIN number set by the user to interact with the device when using the touch interface on the router. This allows an attacker on the Internet to interact with the router's HTTP interface when a user navigates to the attacker's website, and brute force the credentials. Also, since the device's server sets the Access-Control-Allow-Origin header to "*", an attacker can easily interact with the JSON payload returned by the device and steal sensitive information about the device. |
|
20250 |
CVE-2017-13717 |
255 |
|
|
2019-06-10 |
2019-06-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device. In this case, a user's Wi-Fi credentials are stored in clear text on the device and can be pulled easily. |
