CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3551 CVE-2017-8907 264 Exec Code 2017-06-14 2017-07-05
6.5
None Remote Low Single system Partial Partial Partial
Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan with a green build, to create a deployment project and execute arbitrary code on an available Bamboo Agent. By default a local agent is enabled; this means that code execution can occur on the system hosting Bamboo as the user running Bamboo.
3552 CVE-2017-8905 264 Exec Code 2017-05-11 2017-07-10
6.8
None Local Low Single system Complete Complete Complete
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
3553 CVE-2017-8904 264 Exec Code 2017-05-11 2017-07-10
6.8
None Local Low Single system Complete Complete Complete
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
3554 CVE-2017-8899 264 XSS 2017-05-11 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation.
3555 CVE-2017-8894 444 Exec Code 2017-07-02 2017-07-07
6.8
None Remote Medium Not required Partial Partial Partial
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.
3556 CVE-2017-8874 352 CSRF 2017-05-10 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
3557 CVE-2017-8872 125 DoS 2017-05-10 2017-05-15
6.4
None Remote Low Not required Partial None Partial
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
3558 CVE-2017-8870 119 Exec Code Overflow 2017-07-27 2017-08-03
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file.
3559 CVE-2017-8869 119 Exec Code Overflow 2017-07-27 2017-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
3560 CVE-2017-8854 119 Overflow 2017-05-09 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
3561 CVE-2017-8853 22 Dir. Trav. 2017-05-09 2017-05-17
6.4
None Remote Low Not required None Partial Partial
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.
3562 CVE-2017-8852 119 Overflow 2017-05-10 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
3563 CVE-2017-8844 119 DoS Overflow 2017-05-08 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
3564 CVE-2017-8836 352 Exec Code CSRF 2017-06-05 2017-08-12
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
3565 CVE-2017-8829 502 Exec Code 2017-05-08 2017-05-16
6.8
None Remote Medium Not required Partial Partial Partial
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.
3566 CVE-2017-8827 287 DoS 2017-05-08 2017-05-12
6.4
None Remote Low Not required None Partial Partial
forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.
3567 CVE-2017-8826 119 Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
3568 CVE-2017-8823 416 2017-12-03 2017-12-21
6.8
None Remote Medium Not required Partial Partial Partial
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
3569 CVE-2017-8807 119 Overflow +Info 2017-11-15 2017-12-04
6.4
None Remote Low Not required Partial None Partial
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
3570 CVE-2017-8805 22 Dir. Trav. 2017-10-17 2017-11-08
6.4
None Remote Low Not required Partial Partial None
Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.
3571 CVE-2017-8803 119 Exec Code Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands.
3572 CVE-2017-8794 918 2017-05-05 2017-05-17
6.4
None Remote Low Not required Partial Partial None
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/[email protected]/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.
3573 CVE-2017-8793 264 Bypass 2017-05-05 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site access with a bypass of the Same Origin Policy.
3574 CVE-2017-8787 119 DoS Overflow 2017-05-05 2017-05-17
6.8
None Remote Medium Not required Partial Partial Partial
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
3575 CVE-2017-8785 119 Overflow 2017-07-05 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
3576 CVE-2017-8781 119 Exec Code Overflow 2017-07-05 2017-07-10
6.8
None Remote Medium Not required Partial Partial Partial
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue.
3577 CVE-2017-8766 119 Exec Code Overflow 2017-07-05 2017-07-12
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.
3578 CVE-2017-8714 20 Exec Code 2017-09-12 2017-09-19
6.9
None Local Medium Not required Complete Complete Complete
The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".
3579 CVE-2017-8694 264 2017-10-13 2017-10-27
6.9
None Local Medium Not required Complete Complete Complete
The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8689.
3580 CVE-2017-8689 264 2017-10-13 2017-10-27
6.9
None Local Medium Not required Complete Complete Complete
The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8694.
3581 CVE-2017-8675 119 Overflow 2017-09-12 2017-09-21
6.9
None Local Medium Not required Complete Complete Complete
The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".. This CVE ID is unique from CVE-2017-8720.
3582 CVE-2017-8625 254 Bypass 2017-08-08 2017-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability".
3583 CVE-2017-8623 20 DoS 2017-08-08 2017-08-14
6.8
None Remote Low Single system None None Complete
Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability".
3584 CVE-2017-8613 264 +Priv 2017-06-29 2017-07-05
6.8
None Remote Medium Not required Partial Partial Partial
Azure AD Connect Password writeback, if misconfigured during enablement, allows an attacker to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts aka "Azure AD Connect Elevation of Privilege Vulnerability."
3585 CVE-2017-8593 264 2017-08-08 2017-08-14
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
3586 CVE-2017-8580 264 2017-07-11 2017-07-14
6.2
None Local High Not required Complete Complete Complete
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8577, CVE-2017-8578, CVE-2017-8581, and CVE-2017-8467.
3587 CVE-2017-8579 264 2017-06-29 2017-07-03
6.9
None Local Medium Not required Complete Complete Complete
The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "DirectX Elevation of Privilege Vulnerability."
3588 CVE-2017-8577 264 2017-07-11 2017-07-14
6.9
None Local Medium Not required Complete Complete Complete
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8578, CVE-2017-8580, CVE-2017-8581, and CVE-2017-8467.
3589 CVE-2017-8576 264 2017-06-29 2017-07-03
6.9
None Local Medium Not required Complete Complete Complete
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability."
3590 CVE-2017-8574 264 2017-07-11 2017-07-17
6.9
None Local Medium Not required Complete Complete Complete
Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556.
3591 CVE-2017-8573 264 2017-07-11 2017-07-20
6.9
None Local Medium Not required Complete Complete Complete
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8574 and CVE-2017-8556.
3592 CVE-2017-8571 264 Bypass 2017-08-01 2017-08-04
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka "Microsoft Office Outlook Security Feature Bypass Vulnerability".
3593 CVE-2017-8569 264 XSS 2017-07-11 2017-07-14
6.5
None Remote Low Single system Partial Partial Partial
Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request to an affected SharePoint server, aka "SharePoint Server XSS Vulnerability".
3594 CVE-2017-8562 264 2017-07-11 2017-07-20
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".
3595 CVE-2017-8561 264 2017-07-11 2017-07-14
6.9
None Local Medium Not required Complete Complete Complete
Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability".
3596 CVE-2017-8556 264 2017-07-11 2017-07-20
6.9
None Local Medium Not required Complete Complete Complete
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8574.
3597 CVE-2017-8495 287 Bypass 2017-07-11 2017-07-17
6.0
None Remote Medium Single system Partial Partial Partial
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with the SNAME field during ticket exchange, aka "Kerberos SNAME Security Feature Bypass Vulnerability" or Orpheus' Lyre.
3598 CVE-2017-8494 264 2017-06-14 2017-06-21
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".
3599 CVE-2017-8467 264 2017-07-11 2017-07-20
6.9
None Local Medium Not required Complete Complete Complete
Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
3600 CVE-2017-8461 284 Exec Code 2017-06-15 2017-07-06
6.9
None Local Medium Not required Complete Complete Complete
Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability."
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.