CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2851 CVE-2017-1001003 20 2017-11-27 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
2852 CVE-2017-1001002 94 Exec Code 2017-11-27 2018-01-10
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
2853 CVE-2017-1000501 22 Exec Code Dir. Trav. 2018-01-03 2019-05-03
7.5
None Remote Low Not required Partial Partial Partial
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
2854 CVE-2017-1000497 611 DoS Exec Code 2018-01-03 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
2855 CVE-2017-1000493 74 Sql 2018-01-02 2019-05-01
7.5
None Remote Low Not required Partial Partial Partial
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
2856 CVE-2017-1000487 77 2018-01-03 2018-05-04
7.5
None Remote Low Not required Partial Partial Partial
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
2857 CVE-2017-1000486 326 Exec Code 2018-01-03 2018-01-24
7.5
None Remote Low Not required Partial Partial Partial
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
2858 CVE-2017-1000480 94 2018-01-03 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
2859 CVE-2017-1000476 400 DoS 2018-01-03 2019-05-14
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
2860 CVE-2017-1000474 89 Sql XSS 2018-01-24 2018-03-22
7.5
None Remote Low Not required Partial Partial Partial
Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.
2861 CVE-2017-1000473 78 Exec Code 2018-01-03 2018-01-19
7.2
None Local Low Not required Complete Complete Complete
Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root.
2862 CVE-2017-1000471 476 DoS Mem. Corr. 2018-01-03 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.
2863 CVE-2017-1000458 787 DoS 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
2864 CVE-2017-1000453 74 Exec Code 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
2865 CVE-2017-1000444 89 Exec Code Sql 2018-01-02 2018-01-11
7.5
None Remote Low Not required Partial Partial Partial
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution
2866 CVE-2017-1000437 119 Exec Code Overflow 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.
2867 CVE-2017-1000430 119 Overflow 2018-01-02 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
2868 CVE-2017-1000423 20 Exec Code 2018-01-02 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
2869 CVE-2017-1000421 416 Exec Code 2018-01-02 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
2870 CVE-2017-1000408 399 2018-01-31 2019-04-04
7.2
None Local Low Not required Complete Complete Complete
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
2871 CVE-2017-1000379 264 2017-06-19 2018-01-04
7.2
Admin Local Low Not required Complete Complete Complete
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
2872 CVE-2017-1000378 399 Exec Code 2017-06-19 2017-06-29
7.5
None Remote Low Not required Partial Partial Partial
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
2873 CVE-2017-1000375 119 Exec Code Overflow 2017-06-19 2017-08-11
7.5
None Remote Low Not required Partial Partial Partial
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
2874 CVE-2017-1000374 284 Exec Code Bypass 2017-06-19 2017-06-29
7.5
None Remote Low Not required Partial Partial Partial
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
2875 CVE-2017-1000372 284 Exec Code Bypass 2017-06-19 2017-06-29
7.5
None Remote Low Not required Partial Partial Partial
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
2876 CVE-2017-1000371 264 2017-06-19 2017-11-05
7.2
None Local Low Not required Complete Complete Complete
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.
2877 CVE-2017-1000370 264 2017-06-19 2017-11-05
7.2
Admin Local Low Not required Complete Complete Complete
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.
2878 CVE-2017-1000368 20 Exec Code 2017-06-05 2019-05-29
7.2
None Local Low Not required Complete Complete Complete
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
2879 CVE-2017-1000366 119 Exec Code Overflow 2017-06-19 2019-04-26
7.2
None Local Low Not required Complete Complete Complete
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
2880 CVE-2017-1000365 264 Bypass 2017-06-19 2017-11-03
7.2
Admin Local Low Not required Complete Complete Complete
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.
2881 CVE-2017-1000363 787 Overflow 2017-07-17 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.
2882 CVE-2017-1000353 502 Exec Code Bypass 2018-01-29 2018-02-15
7.5
None Remote Low Not required Partial Partial Partial
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We're fixing this issue by adding `SignedObject` to the blacklist. We're also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default.
2883 CVE-2017-1000253 119 Overflow 2017-10-04 2017-12-08
7.2
None Local Low Not required Complete Complete Complete
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
2884 CVE-2017-1000248 502 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
2885 CVE-2017-1000237 918 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
2886 CVE-2017-1000232 415 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
2887 CVE-2017-1000231 415 2017-11-16 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
2888 CVE-2017-1000220 77 Exec Code 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
2889 CVE-2017-1000219 77 Exec Code 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
2890 CVE-2017-1000218 119 DoS Exec Code Overflow 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
2891 CVE-2017-1000212 264 Exec Code 2017-11-17 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
2892 CVE-2017-1000210 119 DoS Exec Code Overflow 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
2893 CVE-2017-1000206 119 Exec Code Overflow 2017-11-17 2017-12-01
7.5
None Remote Low Not required Partial Partial Partial
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
2894 CVE-2017-1000197 417 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
2895 CVE-2017-1000196 94 Exec Code 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
2896 CVE-2017-1000194 434 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server.
2897 CVE-2017-1000191 400 2017-11-17 2017-12-04
7.8
None Remote Low Not required None None Complete
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
2898 CVE-2017-1000173 119 Exec Code Overflow 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow.
2899 CVE-2017-1000172 416 Exec Code 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.
2900 CVE-2017-1000158 119 Exec Code Overflow 2017-11-17 2019-05-08
7.5
None Remote Low Not required Partial Partial Partial
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
Total number of vulnerabilities : 26271   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 (This Page)59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.