CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4851 CVE-2017-6590 284 Exec Code 2017-03-09 2017-07-17
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer and the Wi-Fi must be turned on. An access point that lets you use a certificate to login is required as well, but it's easy to create one. Then, it's possible to open a nautilus window and browse directories. One also can open some applications such as Firefox, which is useful for downloading malicious binaries.
4852 CVE-2017-6578 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email.
4853 CVE-2017-6577 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.
4854 CVE-2017-6576 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.
4855 CVE-2017-6575 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id.
4856 CVE-2017-6574 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list.
4857 CVE-2017-6573 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.
4858 CVE-2017-6572 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.
4859 CVE-2017-6571 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.
4860 CVE-2017-6570 89 Sql 2017-03-09 2017-03-13
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.
4861 CVE-2017-6565 284 2017-05-01 2017-05-12
6.5
None Remote Low Single system Partial Partial Partial
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.
4862 CVE-2017-6557 89 Exec Code Sql 2017-05-05 2017-05-17
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in ArrayOS before AG 9.4.0.135, when the portal bookmark function is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
4863 CVE-2017-6543 254 +Priv 2017-03-08 2017-03-13
6.0
None Remote Medium Single system Partial Partial Partial
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows.
4864 CVE-2017-6529 613 2017-03-09 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
4865 CVE-2017-6520 417 DoS +Info 2017-04-30 2017-05-16
6.4
None Remote Low Not required Partial None Partial
The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
4866 CVE-2017-6519 284 DoS +Info 2017-04-30 2017-05-12
6.4
None Remote Low Not required Partial None Partial
avahi-daemon in Avahi through 0.6.32 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
4867 CVE-2017-6513 275 2017-03-11 2017-04-12
6.5
None Remote Low Single system Partial Partial Partial
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.
4868 CVE-2017-6460 119 Overflow 2017-03-27 2017-10-23
6.5
None Remote Low Single system Partial Partial Partial
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
4869 CVE-2017-6458 119 Overflow 2017-03-27 2017-10-23
6.5
None Remote Low Single system Partial Partial Partial
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
4870 CVE-2017-6448 119 DoS Overflow 2017-04-03 2017-04-10
6.8
None Remote Medium Not required Partial Partial Partial
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
4871 CVE-2017-6429 119 Overflow 2017-03-15 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
4872 CVE-2017-6424 264 2018-04-04 2018-05-04
6.9
None Local Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-32086742. References: QC-CR#1102648.
4873 CVE-2017-6423 264 2018-04-04 2018-05-04
6.9
None Local Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the Qualcomm kyro L2 driver. Product: Android. Versions: Android kernel. Android ID: A-32831370. References: QC-CR#1103158.
4874 CVE-2017-6419 119 DoS Overflow 2017-08-06 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
4875 CVE-2017-6412 384 2017-03-30 2017-04-14
6.8
None Remote Medium Not required Partial Partial Partial
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
4876 CVE-2017-6411 352 CSRF 2017-03-06 2017-03-07
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password.
4877 CVE-2017-6381 284 Exec Code 2017-03-16 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren't vulnerable, you can remove the <siteroot>/vendor/phpunit directory from your production deployments
4878 CVE-2017-6369 284 Exec Code 2017-03-24 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
4879 CVE-2017-6366 352 Exec Code CSRF 2017-03-15 2017-03-29
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.
4880 CVE-2017-6346 416 DoS 2017-03-01 2017-11-03
6.9
None Local Medium Not required Complete Complete Complete
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
4881 CVE-2017-6328 352 CSRF 2017-08-11 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser.
4882 CVE-2017-6327 264 Exec Code +Priv 2017-08-11 2017-09-15
6.5
None Remote Low Single system Partial Partial Partial
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.
4883 CVE-2017-6325 94 Exec Code File Inclusion 2017-06-26 2017-07-06
6.0
None Remote Medium Single system Partial Partial Partial
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application.
4884 CVE-2017-6319 119 DoS Overflow 2017-03-01 2017-03-03
6.8
None Remote Medium Not required Partial Partial Partial
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
4885 CVE-2017-6310 125 2017-02-23 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.
4886 CVE-2017-6309 125 2017-02-23 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
4887 CVE-2017-6308 190 Overflow 2017-02-23 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
4888 CVE-2017-6307 125 2017-02-23 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
4889 CVE-2017-6306 22 Dir. Trav. 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."
4890 CVE-2017-6305 125 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."
4891 CVE-2017-6304 125 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."
4892 CVE-2017-6303 190 Overflow 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."
4893 CVE-2017-6302 190 Overflow 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
4894 CVE-2017-6301 125 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."
4895 CVE-2017-6300 119 Overflow 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
4896 CVE-2017-6298 476 2017-02-23 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
4897 CVE-2017-6262 416 Exec Code 2017-12-06 2017-12-21
6.9
None Local Medium Not required Complete Complete Complete
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38045794. References: N-CVE-2017-6262.
4898 CVE-2017-6227 399 DoS 2018-02-08 2018-03-15
6.1
None Local Network Low Not required None None Complete
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.
4899 CVE-2017-6198 400 DoS 2018-02-06 2018-03-13
6.8
None Remote Low Single system None None Complete
The Supervisor in Sandstorm doesn't set and enforce the resource limits of a process. This allows remote attackers to cause a denial of service by launching a fork bomb in the sandbox, or by using a large amount of disk space.
4900 CVE-2017-6196 416 DoS 2017-02-23 2017-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.