CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3801 CVE-2017-1002009 89 Sql 2017-09-14 2017-09-21
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function.
3802 CVE-2017-1002008 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
3803 CVE-2017-1002003 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
3804 CVE-2017-1002002 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
3805 CVE-2017-1002001 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
3806 CVE-2017-1002000 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
3807 CVE-2017-1001003 20 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
3808 CVE-2017-1001002 94 Exec Code 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
3809 CVE-2017-1000501 22 Exec Code Dir. Trav. 2018-01-03 2019-05-03
7.5
None Remote Low Not required Partial Partial Partial
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
3810 CVE-2017-1000497 611 DoS Exec Code 2018-01-03 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
3811 CVE-2017-1000493 74 Sql 2018-01-02 2019-05-01
7.5
None Remote Low Not required Partial Partial Partial
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
3812 CVE-2017-1000487 78 2018-01-03 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
3813 CVE-2017-1000486 326 Exec Code 2018-01-03 2018-01-24
7.5
None Remote Low Not required Partial Partial Partial
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
3814 CVE-2017-1000480 94 2018-01-03 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
3815 CVE-2017-1000476 400 DoS 2018-01-03 2019-05-14
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
3816 CVE-2017-1000474 89 Sql XSS 2018-01-24 2018-03-22
7.5
None Remote Low Not required Partial Partial Partial
Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.
3817 CVE-2017-1000473 78 Exec Code 2018-01-03 2018-01-19
7.2
None Local Low Not required Complete Complete Complete
Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root.
3818 CVE-2017-1000471 476 DoS Mem. Corr. 2018-01-03 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.
3819 CVE-2017-1000458 787 DoS 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
3820 CVE-2017-1000453 74 Exec Code 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
3821 CVE-2017-1000444 89 Exec Code Sql 2018-01-02 2018-01-11
7.5
None Remote Low Not required Partial Partial Partial
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution
3822 CVE-2017-1000437 119 Exec Code Overflow 2018-01-02 2018-01-16
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.
3823 CVE-2017-1000430 119 Overflow 2018-01-02 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
3824 CVE-2017-1000423 20 Exec Code 2018-01-02 2018-01-17
7.5
None Remote Low Not required Partial Partial Partial
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
3825 CVE-2017-1000421 416 Exec Code 2018-01-02 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
3826 CVE-2017-1000408 772 2018-01-31 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
3827 CVE-2017-1000379 2017-06-19 2019-10-02
7.2
Admin Local Low Not required Complete Complete Complete
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
3828 CVE-2017-1000378 400 Exec Code 2017-06-19 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
3829 CVE-2017-1000375 119 Exec Code Overflow 2017-06-19 2017-08-11
7.5
None Remote Low Not required Partial Partial Partial
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
3830 CVE-2017-1000374 Exec Code Bypass 2017-06-19 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
3831 CVE-2017-1000372 Exec Code Bypass 2017-06-19 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
3832 CVE-2017-1000371 2017-06-19 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.
3833 CVE-2017-1000370 2017-06-19 2019-10-02
7.2
Admin Local Low Not required Complete Complete Complete
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.
3834 CVE-2017-1000368 20 Exec Code 2017-06-05 2019-05-29
7.2
None Local Low Not required Complete Complete Complete
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
3835 CVE-2017-1000366 119 Exec Code Overflow 2017-06-19 2019-09-04
7.2
None Local Low Not required Complete Complete Complete
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
3836 CVE-2017-1000365 Bypass 2017-06-19 2019-10-02
7.2
Admin Local Low Not required Complete Complete Complete
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.
3837 CVE-2017-1000363 787 Overflow 2017-07-17 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.
3838 CVE-2017-1000353 502 Exec Code Bypass 2018-01-29 2018-02-15
7.5
None Remote Low Not required Partial Partial Partial
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We're fixing this issue by adding `SignedObject` to the blacklist. We're also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default.
3839 CVE-2017-1000253 119 Overflow 2017-10-04 2017-12-08
7.2
None Local Low Not required Complete Complete Complete
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
3840 CVE-2017-1000248 502 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
3841 CVE-2017-1000237 918 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
3842 CVE-2017-1000232 415 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
3843 CVE-2017-1000231 415 2017-11-16 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
3844 CVE-2017-1000220 78 Exec Code 2017-11-16 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
3845 CVE-2017-1000219 78 Exec Code 2017-11-16 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
3846 CVE-2017-1000218 119 DoS Exec Code Overflow 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
3847 CVE-2017-1000212 Exec Code 2017-11-17 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
3848 CVE-2017-1000210 119 DoS Exec Code Overflow 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
3849 CVE-2017-1000206 119 Exec Code Overflow 2017-11-17 2017-12-01
7.5
None Remote Low Not required Partial Partial Partial
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
3850 CVE-2017-1000197 417 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
Total number of vulnerabilities : 27369   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 (This Page)78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.