CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4201 CVE-2017-9875 119 DoS Exec Code Overflow 2017-07-05 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb."
4202 CVE-2017-9874 119 DoS Exec Code Overflow 2017-07-05 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822."
4203 CVE-2017-9873 119 DoS Exec Code Overflow 2017-07-05 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2."
4204 CVE-2017-9872 119 DoS Overflow 2017-06-25 2017-08-11
6.8
None Remote Medium Not required Partial Partial Partial
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
4205 CVE-2017-9871 119 DoS Overflow 2017-06-25 2017-06-28
6.8
None Remote Medium Not required Partial Partial Partial
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
4206 CVE-2017-9863 352 CSRF 2017-08-05 2017-08-21
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user password). All Sunny Explorer settings available to the authenticated user are also available to the attacker. (In some cases, this also includes changing settings that the user has no access to.) This may result in complete compromise of the device. NOTE: the vendor reports that exploitation is unlikely because Sunny Explorer is used only rarely. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected.
4207 CVE-2017-9846 22 Exec Code Dir. Trav. 2017-06-24 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php move_folder_file call to move a .php file from the FTP folder into a web folder.
4208 CVE-2017-9840 434 Exec Code 2017-06-25 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.
4209 CVE-2017-9839 89 Sql 2018-04-10 2018-05-16
6.5
None Remote Low Single system Partial Partial Partial
Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).
4210 CVE-2017-9835 119 DoS Overflow 2017-07-26 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.
4211 CVE-2017-9822 20 Exec Code 2017-07-20 2017-12-20
6.5
None Remote Low Single system Partial Partial Partial
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
4212 CVE-2017-9810 254 CSRF 2017-07-17 2017-08-11
6.8
None Remote Medium Not required Partial Partial Partial
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.
4213 CVE-2017-9806 787 DoS Exec Code Mem. Corr. 2017-11-20 2017-12-05
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
4214 CVE-2017-9805 502 Exec Code 2017-09-15 2017-11-09
6.8
None Remote Medium Not required Partial Partial Partial
The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
4215 CVE-2017-9803 287 2017-09-18 2017-10-04
6.0
None Remote Medium Single system Partial Partial Partial
Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g. SaslZkACLProvider). Firstly, access to the security configuration can be leaked to users other than the solr super user. Secondly, malicious users can exploit this leaked configuration for privilege escalation to further expose/modify private data and/or disrupt operations in the Solr cluster. The vulnerability is fixed from Solr 6.6.1 onwards.
4216 CVE-2017-9795 200 Exec Code +Info 2018-01-09 2018-02-02
6.0
None Remote Medium Single system Partial Partial Partial
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a user could invoke methods that allow remote code execution.
4217 CVE-2017-9788 20 DoS +Info 2017-07-13 2019-05-10
6.4
None Remote Low Not required Partial None Partial
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
4218 CVE-2017-9776 190 DoS Overflow 2017-06-22 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
4219 CVE-2017-9774 94 Exec Code 2017-06-21 2018-08-18
6.5
None Remote Low Single system Partial Partial Partial
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.
4220 CVE-2017-9765 190 DoS Exec Code Overflow 2017-07-19 2017-09-16
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document, aka Devil's Ivy. NOTE: the large document would be blocked by many common web-server configurations on general-purpose computers.
4221 CVE-2017-9759 89 Sql 2017-06-19 2017-06-22
6.5
None Remote Low Single system Partial Partial Partial
SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account.
4222 CVE-2017-9757 77 CSRF 2017-06-19 2017-06-28
6.5
None Remote Low Single system Partial Partial Partial
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
4223 CVE-2017-9756 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4224 CVE-2017-9755 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4225 CVE-2017-9754 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4226 CVE-2017-9753 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4227 CVE-2017-9752 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file in the _bfd_vms_get_value and _bfd_vms_slurp_etir functions during "objdump -D" execution.
4228 CVE-2017-9751 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4229 CVE-2017-9750 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4230 CVE-2017-9749 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4231 CVE-2017-9748 119 DoS Overflow 2017-06-19 2017-08-11
6.8
None Remote Medium Not required Partial Partial Partial
The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
4232 CVE-2017-9747 119 DoS Overflow 2017-06-19 2017-08-12
6.8
None Remote Medium Not required Partial Partial Partial
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
4233 CVE-2017-9746 119 DoS Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution.
4234 CVE-2017-9745 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4235 CVE-2017-9744 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4236 CVE-2017-9743 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4237 CVE-2017-9742 119 DoS Exec Code Overflow 2017-06-19 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
4238 CVE-2017-9740 119 DoS Overflow 2017-07-26 2019-04-17
6.8
None Remote Medium Not required Partial Partial Partial
The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
4239 CVE-2017-9739 119 DoS Overflow 2017-07-26 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
4240 CVE-2017-9727 119 DoS Overflow 2017-07-26 2019-04-17
6.8
None Remote Medium Not required Partial Partial Partial
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
4241 CVE-2017-9726 119 DoS Overflow 2017-07-26 2019-04-17
6.8
None Remote Medium Not required Partial Partial Partial
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
4242 CVE-2017-9720 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.
4243 CVE-2017-9677 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, race conditions will happen. If "ddp->params_length" is set to a big number, a buffer overflow will occur.
4244 CVE-2017-9673 352 CSRF 2017-06-15 2017-06-22
6.8
None Remote Medium Not required Partial Partial Partial
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password.
4245 CVE-2017-9671 119 DoS Exec Code Overflow 2017-07-17 2017-07-20
6.8
None Remote Medium Not required Partial Partial Partial
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
4246 CVE-2017-9670 824 DoS Mem. Corr. 2017-06-15 2017-07-05
6.8
None Remote Medium Not required Partial Partial Partial
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.
4247 CVE-2017-9669 119 DoS Exec Code Overflow 2017-07-17 2017-07-20
6.8
None Remote Medium Not required Partial Partial Partial
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
4248 CVE-2017-9660 119 Exec Code Overflow 2017-08-14 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution.
4249 CVE-2017-9659 119 Exec Code Overflow 2017-08-14 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution.
4250 CVE-2017-9658 19 2018-04-30 2018-06-12
6.1
None Local Network Low Not required None None Complete
Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this state, the Philips IntelliVue MX40 Version B.06.18 can either connect to an alternative access point within signal range for association to a central monitoring station, or it can remain in local monitoring mode until the device is reset by hospital staff. CVSS v3 base score: 6.5, CVSS vector string: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Philips has released software update, Version B.06.18, to fix the improper cleanup on thrown exception vulnerability, and implement mitigations to reduce the risk associated with the improper handling of exceptional conditions vulnerability. The software update implements messaging and alarming on the MX40 and at the central monitoring station, when the MX40 disconnects from the access point.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.