# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
23701 |
CVE-2017-7361 |
79 |
|
XSS |
2017-03-31 |
2017-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Pixie 1.0.4 allows an admin/index.php s=publish&m=static&x= XSS attack. |
23702 |
CVE-2017-7360 |
79 |
|
XSS |
2017-03-31 |
2017-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Pixie 1.0.4 allows an admin/index.php s=settings&x= XSS attack. |
23703 |
CVE-2017-7359 |
79 |
|
XSS |
2017-03-31 |
2017-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Pixie 1.0.4 allows an admin/index.php s=login&m= XSS attack. |
23704 |
CVE-2017-7358 |
22 |
|
Dir. Trav. |
2017-04-05 |
2017-08-15 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. |
23705 |
CVE-2017-7357 |
434 |
|
Exec Code |
2017-04-14 |
2018-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file. |
23706 |
CVE-2017-7352 |
79 |
|
XSS |
2017-10-11 |
2017-10-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen. |
23707 |
CVE-2017-7351 |
89 |
|
Sql |
2018-02-08 |
2018-02-26 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
A SQL injection issue exists in a file upload handler in REDCap 7.x before 7.0.11 via a trailing substring to SendITController:upload. |
23708 |
CVE-2017-7346 |
20 |
|
DoS |
2017-03-30 |
2017-11-03 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device. |
23709 |
CVE-2017-7345 |
200 |
|
+Info |
2017-04-10 |
2017-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. |
23710 |
CVE-2017-7343 |
601 |
|
Exec Code |
2017-05-26 |
2017-05-31 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter. |
23711 |
CVE-2017-7339 |
79 |
|
Exec Code XSS |
2017-05-26 |
2017-05-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality. |
23712 |
CVE-2017-7338 |
200 |
|
+Info |
2017-05-26 |
2017-05-31 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View. |
23713 |
CVE-2017-7337 |
732 |
|
CSRF |
2017-05-26 |
2019-10-02 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion request. |
23714 |
CVE-2017-7335 |
79 |
|
XSS |
2017-10-26 |
2017-11-17 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests. |
23715 |
CVE-2017-7327 |
426 |
|
|
2018-01-19 |
2018-02-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll. |
23716 |
CVE-2017-7326 |
362 |
|
Mem. Corr. |
2018-01-19 |
2018-02-01 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page |
23717 |
CVE-2017-7325 |
20 |
|
|
2018-01-19 |
2018-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open. |
23718 |
CVE-2017-7323 |
|
|
Exec Code |
2017-03-30 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier use http://rest.modx.com by default, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code by leveraging the lack of the HTTPS protection mechanism. |
23719 |
CVE-2017-7322 |
295 |
|
Exec Code |
2017-03-30 |
2017-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code via a crafted certificate. |
23720 |
CVE-2017-7320 |
79 |
|
DoS XSS Http R.Spl. |
2017-03-30 |
2017-03-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier does not properly constrain the language parameter, which allows remote attackers to conduct Cookie-Bombing attacks and cause a denial of service (cookie quota exhaustion), or conduct HTTP Response Splitting attacks with resultant XSS, via an invalid parameter value. |
23721 |
CVE-2017-7318 |
|
|
Exec Code |
2017-03-30 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as usernames and plaintext passwords from the device with no authentication. |
23722 |
CVE-2017-7316 |
79 |
|
XSS |
2017-07-03 |
2017-07-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page. |
23723 |
CVE-2017-7314 |
287 |
|
|
2017-06-07 |
2017-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available. |
23724 |
CVE-2017-7313 |
200 |
|
+Info |
2017-06-07 |
2017-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, it is possible to read any customer name, master Customer Id, and email address. In other words, anyone can search for users/customers in the system - no authentication is required. |
23725 |
CVE-2017-7310 |
119 |
|
Exec Code Overflow |
2017-03-29 |
2018-03-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element. |
23726 |
CVE-2017-7309 |
79 |
|
XSS |
2017-03-31 |
2017-07-11 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3. |
23727 |
CVE-2017-7306 |
521 |
|
|
2017-04-04 |
2019-10-02 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs. |
23728 |
CVE-2017-7305 |
521 |
|
|
2017-04-04 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
** DISPUTED ** Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for a bootloader password; however, this password is optional to meet different customers' needs. |
23729 |
CVE-2017-7304 |
125 |
|
|
2017-03-29 |
2017-03-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. |
23730 |
CVE-2017-7303 |
125 |
|
|
2017-03-29 |
2017-03-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. |
23731 |
CVE-2017-7302 |
125 |
|
|
2017-03-29 |
2017-03-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. |
23732 |
CVE-2017-7301 |
20 |
|
|
2017-03-29 |
2017-03-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. |
23733 |
CVE-2017-7300 |
125 |
|
|
2017-03-29 |
2017-03-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. |
23734 |
CVE-2017-7299 |
125 |
|
|
2017-03-29 |
2017-03-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. |
23735 |
CVE-2017-7298 |
79 |
|
XSS |
2017-03-29 |
2018-05-17 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element. |
23736 |
CVE-2017-7297 |
|
|
|
2017-03-28 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3. |
23737 |
CVE-2017-7296 |
79 |
|
XSS |
2017-05-27 |
2017-06-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka mqtt.html) of cc26xx-web-demo. The cc26xx-web-demo features a webserver that runs on a constrained device. That particular page allows a user to remotely configure that device's operation by sending HTTP POST requests. The vulnerability consists of improper input sanitisation of the text fields on the MQTT/IBM Cloud config page, allowing for JavaScript code injection. |
23738 |
CVE-2017-7290 |
89 |
|
Exec Code Sql |
2017-03-30 |
2017-04-03 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program. |
23739 |
CVE-2017-7288 |
79 |
|
XSS |
2017-05-23 |
2017-05-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
23740 |
CVE-2017-7284 |
287 |
|
|
2017-04-12 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. This allows for an account takeover. |
23741 |
CVE-2017-7281 |
434 |
|
Exec Code |
2017-04-12 |
2017-04-20 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload. |
23742 |
CVE-2017-7277 |
125 |
|
DoS +Info |
2017-03-28 |
2017-03-31 |
6.6 |
None |
Local |
Low |
Not required |
Complete |
None |
Complete |
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c. |
23743 |
CVE-2017-7276 |
79 |
|
XSS |
2017-07-04 |
2017-07-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before 7.03.019. |
23744 |
CVE-2017-7275 |
119 |
|
DoS Overflow |
2017-03-27 |
2017-03-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. |
23745 |
CVE-2017-7274 |
476 |
|
DoS |
2017-03-27 |
2017-03-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file. |
23746 |
CVE-2017-7273 |
|
|
DoS |
2017-03-27 |
2017-04-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. |
23747 |
CVE-2017-7272 |
918 |
|
|
2017-03-27 |
2018-02-25 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function. |
23748 |
CVE-2017-7271 |
79 |
|
XSS |
2017-03-27 |
2017-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen. |
23749 |
CVE-2017-7266 |
601 |
|
|
2017-03-26 |
2017-03-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header. |
23750 |
CVE-2017-7264 |
416 |
|
DoS |
2017-03-26 |
2017-03-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. |