# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
24501 |
CVE-2017-13082 |
330 |
|
|
2017-10-17 |
2019-10-02 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
24502 |
CVE-2017-13077 |
330 |
|
|
2017-10-16 |
2019-10-02 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
24503 |
CVE-2017-13073 |
79 |
|
XSS |
2018-04-23 |
2018-05-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML. |
24504 |
CVE-2017-13072 |
79 |
|
XSS |
2018-06-21 |
2018-08-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code. |
24505 |
CVE-2017-13071 |
77 |
|
|
2017-11-22 |
2017-12-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier. |
24506 |
CVE-2017-13070 |
426 |
|
Exec Code |
2017-12-11 |
2017-12-26 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines. |
24507 |
CVE-2017-13069 |
77 |
|
|
2017-10-06 |
2017-11-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS. |
24508 |
CVE-2017-13068 |
89 |
|
Sql +Info |
2017-10-06 |
2017-10-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. |
24509 |
CVE-2017-13067 |
|
|
Exec Code |
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a transcoding service on port 9251. A remote user does not require any privileges to successfully execute an attack. |
24510 |
CVE-2017-13066 |
772 |
|
|
2017-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. |
24511 |
CVE-2017-13065 |
476 |
|
|
2017-08-22 |
2019-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. |
24512 |
CVE-2017-13064 |
119 |
|
Overflow |
2017-08-22 |
2019-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. |
24513 |
CVE-2017-13063 |
119 |
|
Overflow |
2017-08-22 |
2019-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. |
24514 |
CVE-2017-13062 |
772 |
|
DoS |
2017-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file. |
24515 |
CVE-2017-13061 |
20 |
|
DoS |
2017-08-22 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. |
24516 |
CVE-2017-13060 |
772 |
|
DoS |
2017-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. |
24517 |
CVE-2017-13059 |
772 |
|
DoS |
2017-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file. |
24518 |
CVE-2017-13058 |
772 |
|
DoS |
2017-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. |
24519 |
CVE-2017-13056 |
20 |
|
Exec Code |
2017-12-27 |
2018-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. |
24520 |
CVE-2017-13055 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). |
24521 |
CVE-2017-13054 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). |
24522 |
CVE-2017-13053 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). |
24523 |
CVE-2017-13052 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). |
24524 |
CVE-2017-13051 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
24525 |
CVE-2017-13050 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). |
24526 |
CVE-2017-13049 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). |
24527 |
CVE-2017-13048 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
24528 |
CVE-2017-13047 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). |
24529 |
CVE-2017-13046 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). |
24530 |
CVE-2017-13045 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). |
24531 |
CVE-2017-13044 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print(). |
24532 |
CVE-2017-13043 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn(). |
24533 |
CVE-2017-13042 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print(). |
24534 |
CVE-2017-13041 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). |
24535 |
CVE-2017-13040 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. |
24536 |
CVE-2017-13039 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. |
24537 |
CVE-2017-13038 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). |
24538 |
CVE-2017-13037 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). |
24539 |
CVE-2017-13036 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). |
24540 |
CVE-2017-13035 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). |
24541 |
CVE-2017-13034 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). |
24542 |
CVE-2017-13033 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). |
24543 |
CVE-2017-13032 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string(). |
24544 |
CVE-2017-13031 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). |
24545 |
CVE-2017-13030 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions. |
24546 |
CVE-2017-13029 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options(). |
24547 |
CVE-2017-13028 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). |
24548 |
CVE-2017-13027 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). |
24549 |
CVE-2017-13026 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions. |
24550 |
CVE-2017-13025 |
125 |
|
|
2017-09-14 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). |