# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
22051 |
CVE-2017-10002 |
|
|
|
2017-08-08 |
2019-10-02 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Vulnerability in the Oracle Hospitality Inventory Management component of Oracle Hospitality Applications (subcomponent: Settings and Config). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Hospitality Inventory Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). |
22052 |
CVE-2017-10001 |
|
|
|
2017-08-08 |
2019-10-02 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 1.7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Simphony First Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Simphony First Edition. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H). |
22053 |
CVE-2017-10000 |
269 |
|
|
2017-08-08 |
2019-10-02 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. While the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Reporting and Analytics. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). |
22054 |
CVE-2017-9998 |
20 |
|
DoS |
2017-06-28 |
2017-07-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. |
22055 |
CVE-2017-9996 |
119 |
|
DoS Overflow |
2017-06-28 |
2017-07-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. |
22056 |
CVE-2017-9995 |
119 |
|
DoS Overflow |
2017-06-28 |
2017-07-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. |
22057 |
CVE-2017-9994 |
119 |
|
DoS Overflow |
2017-06-28 |
2019-01-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. |
22058 |
CVE-2017-9993 |
200 |
|
+Info |
2017-06-28 |
2019-01-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data. |
22059 |
CVE-2017-9992 |
119 |
|
DoS Overflow |
2017-06-28 |
2017-11-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. |
22060 |
CVE-2017-9991 |
119 |
|
DoS Overflow |
2017-06-28 |
2017-07-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. |
22061 |
CVE-2017-9990 |
119 |
|
DoS Overflow |
2017-06-28 |
2017-07-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. |
22062 |
CVE-2017-9989 |
476 |
|
DoS |
2017-06-28 |
2019-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. |
22063 |
CVE-2017-9988 |
476 |
|
DoS |
2017-06-28 |
2019-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. |
22064 |
CVE-2017-9987 |
119 |
|
DoS Overflow |
2017-06-28 |
2019-09-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack. |
22065 |
CVE-2017-9982 |
20 |
|
DoS |
2017-06-27 |
2017-07-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. |
22066 |
CVE-2017-9979 |
79 |
|
XSS |
2017-08-28 |
2017-09-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. The response sent to the user isn't sanitized in this case. An attacker can leverage this issue by including arbitrary HTML or JavaScript code as a parameter, aka XSS. |
22067 |
CVE-2017-9978 |
200 |
|
+Info |
2017-08-28 |
2017-09-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system. An attacker could leverage this information to fine-tune and enumerate valid accounts on the system by searching for common usernames. |
22068 |
CVE-2017-9977 |
|
|
Bypass |
2017-07-12 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
AVG AntiVirus for MacOS with scan engine before 4668 might allow remote attackers to bypass malware detection by leveraging failure to scan inside disk image (aka DMG) files. |
22069 |
CVE-2017-9969 |
522 |
|
|
2018-02-12 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information. |
22070 |
CVE-2017-9968 |
295 |
|
|
2018-02-12 |
2018-03-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack. |
22071 |
CVE-2017-9967 |
|
|
|
2018-02-12 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security. |
22072 |
CVE-2017-9965 |
22 |
|
Dir. Trav. |
2018-01-01 |
2018-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files. |
22073 |
CVE-2017-9964 |
22 |
|
Dir. Trav. Bypass |
2018-01-01 |
2018-02-12 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting in authentication bypass or session hijack. |
22074 |
CVE-2017-9963 |
352 |
|
CSRF |
2018-02-12 |
2019-04-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type of attack requires some level of social engineering in order to get a legitimate user to click on or access a malicious link/site containing the CSRF attack. |
22075 |
CVE-2017-9962 |
119 |
|
Overflow |
2017-09-25 |
2018-12-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the Server Icon. |
22076 |
CVE-2017-9961 |
|
|
Exec Code |
2017-09-25 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to load arbitrary DLL and execute arbitrary code in the context of the process. |
22077 |
CVE-2017-9960 |
200 |
|
+Info |
2017-09-25 |
2017-09-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user. |
22078 |
CVE-2017-9959 |
|
|
DoS |
2017-09-25 |
2019-10-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition. |
22079 |
CVE-2017-9955 |
125 |
|
DoS |
2017-06-26 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. |
22080 |
CVE-2017-9954 |
125 |
|
DoS |
2017-06-26 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program. |
22081 |
CVE-2017-9953 |
416 |
|
DoS |
2017-06-26 |
2017-06-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. |
22082 |
CVE-2017-9951 |
|
|
DoS |
2017-07-17 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705. |
22083 |
CVE-2017-9949 |
787 |
|
DoS |
2017-06-26 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. |
22084 |
CVE-2017-9948 |
119 |
|
Overflow |
2017-06-26 |
2017-07-05 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box. |
22085 |
CVE-2017-9947 |
22 |
|
Dir. Trav. +Info |
2017-10-23 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices. |
22086 |
CVE-2017-9946 |
287 |
|
Bypass |
2017-10-23 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device. |
22087 |
CVE-2017-9945 |
20 |
|
|
2017-08-30 |
2017-09-12 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover. |
22088 |
CVE-2017-9942 |
|
|
|
2017-08-07 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems. |
22089 |
CVE-2017-9941 |
|
|
|
2017-08-07 |
2019-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass integrated clients to read or modify the network communication. |
22090 |
CVE-2017-9940 |
269 |
|
|
2017-08-07 |
2019-10-09 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network. |
22091 |
CVE-2017-9938 |
20 |
|
|
2017-08-07 |
2017-11-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically. |
22092 |
CVE-2017-9937 |
119 |
|
DoS Overflow |
2017-06-26 |
2017-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack. |
22093 |
CVE-2017-9936 |
772 |
|
DoS |
2017-06-26 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. |
22094 |
CVE-2017-9935 |
125 |
|
Exec Code Overflow Mem. Corr. |
2017-06-26 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution. |
22095 |
CVE-2017-9934 |
79 |
|
XSS CSRF |
2017-07-17 |
2017-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability. |
22096 |
CVE-2017-9933 |
200 |
|
+Info |
2017-07-17 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. |
22097 |
CVE-2017-9931 |
79 |
|
XSS |
2017-07-21 |
2017-07-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi. |
22098 |
CVE-2017-9930 |
352 |
|
CSRF |
2017-07-21 |
2017-07-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP. |
22099 |
CVE-2017-9929 |
119 |
|
DoS Overflow |
2017-06-26 |
2017-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. |
22100 |
CVE-2017-9928 |
119 |
|
DoS Overflow |
2017-06-26 |
2017-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. |