CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4451 CVE-2017-13740 119 DoS Overflow 2017-08-29 2017-12-01
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.
4452 CVE-2017-13739 119 DoS Exec Code Overflow 2017-08-29 2017-09-06
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.
4453 CVE-2017-13738 125 2017-08-29 2017-12-01
6.8
None Remote Medium Not required Partial Partial Partial
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
4454 CVE-2017-13718 254 2019-06-10 2019-06-11
6.0
None Remote Medium Single system Partial Partial Partial
The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. It was identified that the device uses custom Python code called "rodman" that allows the mobile appication to interact with the device. The APIs that are a part of this rodman Python file allow the mobile application to interact with the device using a secret, which is a uuid4 based session identifier generated by the device the first time it is set up. However, in some cases, these APIs can also use a security code. This security code is nothing but the PIN number set by the user to interact with the device when using the touch interface on the router. This allows an attacker on the Internet to interact with the router's HTTP interface when a user navigates to the attacker's website, and brute force the credentials. Also, since the device's server sets the Access-Control-Allow-Origin header to "*", an attacker can easily interact with the JSON payload returned by the device and steal sensitive information about the device.
4455 CVE-2017-13713 77 Exec Code 2017-09-07 2017-09-14
6.5
None Remote Low Single system Partial Partial Partial
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
4456 CVE-2017-13709 20 2017-08-27 2017-09-06
6.4
None Remote Low Not required None Partial Partial
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.
4457 CVE-2017-13706 611 DoS +Info 2017-10-10 2017-11-05
6.5
None Remote Low Single system Partial Partial Partial
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705.
4458 CVE-2017-13667 918 2019-05-23 2019-05-28
6.5
None Remote Low Single system Partial Partial Partial
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
4459 CVE-2017-13276 119 Exec Code Overflow 2018-04-04 2018-05-09
6.8
None Remote Medium Not required Partial Partial Partial
In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70637599.
4460 CVE-2017-13273 264 2018-02-14 2018-03-12
6.9
None Local Medium Not required Complete Complete Complete
In xt_qtaguid.c, there is a race condition due to insufficient locking. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-65853158.
4461 CVE-2017-13183 362 Exec Code 2018-01-12 2018-02-02
6.2
None Local High Not required Complete Complete Complete
In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.1. Android ID: A-38118127.
4462 CVE-2017-13147 20 2017-08-23 2017-08-25
6.8
None Remote Medium Not required Partial Partial Partial
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
4463 CVE-2017-13146 119 Overflow 2017-08-23 2017-11-12
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
4464 CVE-2017-13136 190 Overflow 2017-11-15 2017-12-02
6.8
None Remote Medium Not required Partial Partial Partial
The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference.
4465 CVE-2017-13135 476 2017-11-15 2017-12-04
6.8
None Remote Medium Not required Partial Partial Partial
A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.
4466 CVE-2017-13129 352 CSRF 2017-09-26 2017-10-03
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
4467 CVE-2017-13127 200 +Info 2017-10-20 2017-11-08
6.8
None Remote Medium Not required Partial Partial Partial
The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack.
4468 CVE-2017-13083 254 Exec Code 2017-10-18 2017-11-07
6.8
None Remote Medium Not required Partial Partial Partial
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code
4469 CVE-2017-13056 20 Exec Code 2017-12-27 2018-01-09
6.8
None Remote Medium Not required Partial Partial Partial
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
4470 CVE-2017-12983 119 DoS Overflow 2017-08-21 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
4471 CVE-2017-12977 89 Sql 2017-08-20 2019-07-08
6.5
None Remote Low Single system Partial Partial Partial
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
4472 CVE-2017-12976 20 Exec Code 2017-08-20 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.
4473 CVE-2017-12970 352 CSRF 2017-08-23 2019-05-03
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack the authentication of authenticated users for requests that (1) add or (2) delete user accounts via a request to phpsftpd/users.php.
4474 CVE-2017-12969 119 DoS Exec Code Overflow 2017-11-09 2018-08-13
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
4475 CVE-2017-12955 787 DoS Overflow 2017-08-18 2017-08-22
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
4476 CVE-2017-12949 89 Sql CSRF 2017-08-18 2017-08-24
6.5
None Remote Low Single system Partial Partial Partial
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
4477 CVE-2017-12947 89 Sql 2017-08-18 2017-08-22
6.5
None Remote Low Single system Partial Partial Partial
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
4478 CVE-2017-12946 89 Sql 2017-08-18 2017-08-22
6.5
None Remote Low Single system Partial Partial Partial
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
4479 CVE-2017-12937 119 Overflow 2017-08-18 2019-06-29
6.8
None Remote Medium Not required Partial Partial Partial
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
4480 CVE-2017-12936 416 2017-08-18 2019-06-29
6.8
None Remote Medium Not required Partial Partial Partial
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
4481 CVE-2017-12935 125 2017-08-18 2019-06-29
6.8
None Remote Medium Not required Partial Partial Partial
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
4482 CVE-2017-12929 434 Exec Code 2017-09-21 2017-09-29
6.5
None Remote Low Single system Partial Partial Partial
Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
4483 CVE-2017-12892 426 2017-08-16 2017-08-26
6.8
None Remote Medium Not required Partial Partial Partial
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
4484 CVE-2017-12883 119 DoS Overflow 2017-09-19 2018-04-27
6.4
None Remote Low Not required Partial None Partial
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape.
4485 CVE-2017-12881 352 CSRF 2017-08-18 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
4486 CVE-2017-12864 190 DoS Exec Code Overflow 2017-08-15 2018-07-23
6.8
None Remote Medium Not required Partial Partial Partial
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
4487 CVE-2017-12863 190 DoS Exec Code Overflow 2017-08-15 2018-07-23
6.8
None Remote Medium Not required Partial Partial Partial
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
4488 CVE-2017-12862 119 DoS Exec Code Overflow 2017-08-15 2018-07-23
6.8
None Remote Medium Not required Partial Partial Partial
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
4489 CVE-2017-12853 352 CSRF 2017-08-14 2017-08-25
6.8
None Remote Medium Not required Partial Partial Partial
The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
4490 CVE-2017-12847 264 Exec Code 2017-08-23 2019-05-10
6.3
None Local Medium Not required None Complete Complete
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill `cat /pathname/nagios.lock`" command.
4491 CVE-2017-12839 125 2019-05-09 2019-05-10
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file.
4492 CVE-2017-12838 352 CSRF 2017-09-07 2017-09-13
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that (1) send manas via a request to mybonus.php or (2) add administrators via unspecified vectors.
4493 CVE-2017-12824 119 Exec Code Overflow 2017-11-08 2018-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Special crafted InPage document leads to arbitrary code execution in InPage reader.
4494 CVE-2017-12799 119 DoS Overflow 2017-08-10 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
4495 CVE-2017-12789 352 CSRF 2019-05-10 2019-05-13
6.8
None Remote Medium Not required Partial Partial Partial
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.
4496 CVE-2017-12760 89 Exec Code Sql 2019-05-09 2019-05-10
6.5
None Remote Low Single system Partial Partial Partial
Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution (remote).
4497 CVE-2017-12756 77 2017-08-09 2017-08-20
6.5
None Remote Low Single system Partial Partial Partial
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter.
4498 CVE-2017-12754 119 Exec Code Overflow 2017-08-09 2017-12-19
6.5
None Remote Low Single system Partial Partial Partial
Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by sending a crafted http GET request packet that includes a long delete_offline_client parameter in the url.
4499 CVE-2017-12725 798 2018-02-15 2018-03-02
6.8
None Remote Medium Not required Partial Partial Partial
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-coded credentials to automatically establish a wireless network connection. The pump will establish a wireless network connection even if the pump is Ethernet connected and active; however, if the wireless association is established and the Ethernet cable is attached, the pump does not attach the network stack to the wireless network. In this scenario, all network traffic is instead directed over the wired Ethernet connection.
4500 CVE-2017-12724 798 2018-02-15 2018-03-02
6.8
None Remote Medium Not required Partial Partial Partial
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured to allow FTP connections.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.