CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3201 CVE-2017-16545 476 DoS 2017-11-05 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.
3202 CVE-2017-16544 94 Exec Code 2017-11-20 2019-04-03
6.5
None Remote Low Single system Partial Partial Partial
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
3203 CVE-2017-16542 89 Sql 2017-11-05 2018-08-06
6.5
None Remote Low Single system Partial Partial Partial
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
3204 CVE-2017-16524 434 Exec Code 2017-11-06 2017-11-29
6.5
None Remote Low Single system Partial Partial Partial
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.
3205 CVE-2017-16358 125 2017-11-01 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.
3206 CVE-2017-16357 119 Overflow Mem. Corr. 2017-11-01 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.
3207 CVE-2017-16352 119 Overflow 2017-11-01 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
3208 CVE-2017-16244 352 Bypass CSRF 2017-10-31 2017-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an attacker to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF headers and CSRF tokens via a certain _handler postback variable.
3209 CVE-2017-16021 400 2018-06-04 2018-07-20
6.8
None Remote Low Single system None None Complete
uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require("uri-js").parse()` where a user is able to send their own input. This affects uri-js 2.1.1 and earlier.
3210 CVE-2017-16000 89 Exec Code Sql 2017-10-29 2017-11-16
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
3211 CVE-2017-15996 119 DoS Overflow 2017-10-29 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.
3212 CVE-2017-15957 434 2017-10-29 2017-11-17
6.5
None Remote Low Single system Partial Partial Partial
my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.
3213 CVE-2017-15950 119 Exec Code Overflow 2017-10-31 2017-11-21
6.8
None Remote Medium Not required Partial Partial Partial
Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.
3214 CVE-2017-15949 89 Sql 2017-10-27 2017-11-14
6.5
None Remote Low Single system Partial Partial Partial
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.
3215 CVE-2017-15933 89 Exec Code Sql 2017-10-27 2017-11-14
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.
3216 CVE-2017-15932 125 2017-10-27 2017-11-01
6.8
None Remote Medium Not required Partial Partial Partial
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.
3217 CVE-2017-15931 125 2017-10-27 2017-11-01
6.8
None Remote Medium Not required Partial Partial Partial
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems.
3218 CVE-2017-15930 476 2017-10-27 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
3219 CVE-2017-15914 284 2018-02-08 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.
3220 CVE-2017-15913 426 2018-01-07 2018-06-15
6.8
None Remote Medium Not required Partial Partial Partial
The Installer in Whale allows DLL hijacking.
3221 CVE-2017-15896 388 Bypass 2017-12-11 2017-12-29
6.4
None Remote Low Not required Partial Partial None
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
3222 CVE-2017-15889 77 Exec Code 2017-12-04 2017-12-21
6.5
None Remote Low Single system Partial Partial Partial
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
3223 CVE-2017-15884 264 2017-10-31 2017-12-19
6.9
Admin Local Medium Not required Complete Complete Complete
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
3224 CVE-2017-15880 89 Exec Code Sql 2017-10-24 2017-11-14
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group).
3225 CVE-2017-15879 20 2017-10-24 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.
3226 CVE-2017-15829 362 2018-02-23 2018-03-12
6.9
None Local Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
3227 CVE-2017-15808 352 CSRF 2017-10-23 2017-10-25
6.8
None Remote Medium Not required Partial Partial Partial
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
3228 CVE-2017-15806 94 Exec Code 2017-11-15 2017-12-02
6.8
None Remote Medium Not required Partial Partial Partial
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php."
3229 CVE-2017-15803 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150."
3230 CVE-2017-15802 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087."
3231 CVE-2017-15801 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e."
3232 CVE-2017-15800 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls subsequent Write Address starting at ntdll!memcpy+0x00000000000000a0."
3233 CVE-2017-15799 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceNamesInternal+0x000000000000074a."
3234 CVE-2017-15798 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceNamesInternal+0x0000000000000609."
3235 CVE-2017-15797 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation on Block Data Move starting at TOOLS!IVLoadImage_W+0x00000000000020b9."
3236 CVE-2017-15796 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpSearchResourceSection_U+0x0000000000000386."
3237 CVE-2017-15795 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpSearchResourceSection_U+0x00000000000002bd."
3238 CVE-2017-15794 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpResSearchResourceInsideDirectory+0x0000000000000257."
3239 CVE-2017-15793 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls subsequent Write Address starting at ntdll!memcpy+0x00000000000000a5."
3240 CVE-2017-15792 119 DoS Overflow 2017-10-22 2017-10-25
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceTypesInternal+0x00000000000007b2."
3241 CVE-2017-15791 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll!LdrpResCompareResourceNames+0x00000000000000de."
3242 CVE-2017-15790 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to a "Read Access Violation starting at ntdll!LdrpResCompareResourceNames+0x0000000000000120."
3243 CVE-2017-15789 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."
3244 CVE-2017-15788 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83."
3245 CVE-2017-15787 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063."
3246 CVE-2017-15786 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x00000000001a78db."
3247 CVE-2017-15785 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."
3248 CVE-2017-15784 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnview+0x0000000000370074."
3249 CVE-2017-15783 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1."
3250 CVE-2017-15782 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.