CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2051 CVE-2017-15849 416 2018-01-10 2018-01-29
9.3
None Remote Medium Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.
2052 CVE-2017-15817 20 2018-02-23 2018-03-12
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
2053 CVE-2017-15815 119 Overflow 2018-03-15 2018-04-06
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame.
2054 CVE-2017-15673 434 Exec Code 2017-11-28 2017-12-20
9.0
None Remote Low Single system Complete Complete Complete
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page.
2055 CVE-2017-15655 119 Overflow 2018-01-31 2018-02-21
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.
2056 CVE-2017-15637 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
2057 CVE-2017-15636 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
2058 CVE-2017-15635 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
2059 CVE-2017-15634 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
2060 CVE-2017-15633 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
2061 CVE-2017-15632 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
2062 CVE-2017-15631 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
2063 CVE-2017-15630 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
2064 CVE-2017-15629 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
2065 CVE-2017-15628 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
2066 CVE-2017-15627 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
2067 CVE-2017-15626 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
2068 CVE-2017-15625 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
2069 CVE-2017-15624 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
2070 CVE-2017-15623 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
2071 CVE-2017-15622 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
2072 CVE-2017-15621 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
2073 CVE-2017-15620 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
2074 CVE-2017-15619 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
2075 CVE-2017-15618 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
2076 CVE-2017-15617 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
2077 CVE-2017-15616 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
2078 CVE-2017-15615 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
2079 CVE-2017-15614 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
2080 CVE-2017-15613 Exec Code 2018-01-11 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
2081 CVE-2017-15597 119 DoS Overflow Mem. Corr. +Info 2017-10-30 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
2082 CVE-2017-15550 22 Dir. Trav. 2018-01-05 2018-01-18
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal.
2083 CVE-2017-15549 434 2018-01-05 2018-01-18
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system.
2084 CVE-2017-15548 287 Bypass 2018-01-05 2018-01-18
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.
2085 CVE-2017-15400 93 Exec Code 2018-02-07 2018-07-12
9.3
None Remote Medium Not required Complete Complete Complete
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
2086 CVE-2017-15399 416 2018-08-28 2018-11-07
9.3
None Remote Medium Not required Complete Complete Complete
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2087 CVE-2017-15376 94 Exec Code 2017-10-16 2017-11-07
10.0
None Remote Low Not required Complete Complete Complete
The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23.
2088 CVE-2017-15366 532 2017-10-26 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required.
2089 CVE-2017-15325 190 Exec Code Overflow 2018-03-23 2018-04-19
9.3
None Remote Medium Not required Complete Complete Complete
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.
2090 CVE-2017-15316 415 Exec Code 2017-12-22 2018-01-05
9.3
None Remote Medium Not required Complete Complete Complete
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which triggers double free and causes a system crash or arbitrary code execution.
2091 CVE-2017-15295 287 2017-10-16 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.
2092 CVE-2017-15293 287 2017-10-16 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.
2093 CVE-2017-15126 416 2018-01-14 2018-05-06
9.3
None Remote Medium Not required Complete Complete Complete
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().
2094 CVE-2017-15114 295 +Priv 2017-11-27 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
2095 CVE-2017-15103 20 Exec Code 2017-12-18 2019-10-09
9.0
None Remote Low Single system Complete Complete Complete
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation.
2096 CVE-2017-15049 78 Exec Code 2017-12-19 2018-01-08
9.3
None Remote Medium Not required Complete Complete Complete
The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.
2097 CVE-2017-15043 20 Exec Code +Priv 2018-05-04 2018-06-13
9.0
None Remote Low Single system Complete Complete Complete
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.5 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9 could allow an authenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. This vulnerability is due to insufficient input validation on user-controlled input in an HTTP request to the targeted device. An attacker in possession of router login credentials could exploit this vulnerability by sending a crafted HTTP request to an affected system.
2098 CVE-2017-14918 416 2017-12-05 2017-12-20
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.
2099 CVE-2017-14917 119 Overflow 2017-12-05 2017-12-20
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
2100 CVE-2017-14916 119 Overflow 2017-12-05 2017-12-20
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.