CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000379 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
2 CVE-2017-1000378 Exec Code 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
3 CVE-2017-1000377 Bypass 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors), specifically the default stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects PAX Linux Kernel versions as of June 19, 2017 (specific version information is not available at this time).
4 CVE-2017-1000376 Exec Code 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. This affects libffi version 3.2.1.
5 CVE-2017-1000375 Exec Code 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
6 CVE-2017-1000374 Exec Code Bypass 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
7 CVE-2017-1000373 Exec Code 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions.
8 CVE-2017-1000372 Exec Code Bypass 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
9 CVE-2017-1000371 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.
10 CVE-2017-1000370 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.
11 CVE-2017-1000369 Exec Code 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.
12 CVE-2017-1000366 Exec Code 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
13 CVE-2017-1000365 Bypass 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.
14 CVE-2017-1000364 Bypass 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
15 CVE-2017-9782 DoS 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
16 CVE-2017-9781 XSS 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject arbitrary HTML or JavaScript via the _username parameter when attempting authentication to webapi.py, which is returned unencoded with content type text/html.
17 CVE-2017-9780 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.
18 CVE-2017-9778 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
19 CVE-2017-9774 Exec Code 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.
20 CVE-2017-9773 DoS 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.
21 CVE-2017-9771 Exec Code 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
install\save.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username parameter.
22 CVE-2017-9766 DoS 2017-06-21 2017-06-21
0.0
None ??? ??? ??? ??? ??? ???
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
23 CVE-2017-9763 DoS 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array.
24 CVE-2017-9762 DoS 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
25 CVE-2017-9761 DoS 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
26 CVE-2017-9759 Sql 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account.
27 CVE-2017-9757 CSRF 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
28 CVE-2017-9756 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
29 CVE-2017-9755 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
30 CVE-2017-9754 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
31 CVE-2017-9753 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
32 CVE-2017-9752 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file in the _bfd_vms_get_value and _bfd_vms_slurp_etir functions during "objdump -D" execution.
33 CVE-2017-9751 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
34 CVE-2017-9750 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
35 CVE-2017-9749 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
36 CVE-2017-9748 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
37 CVE-2017-9747 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
38 CVE-2017-9746 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution.
39 CVE-2017-9745 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
40 CVE-2017-9744 DoS Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
41 CVE-2017-9743 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
42 CVE-2017-9742 DoS Exec Code Overflow 2017-06-19 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
43 CVE-2017-9741 Exec Code 2017-06-18 2017-06-18
0.0
None ??? ??? ??? ??? ??? ???
install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration file.
44 CVE-2017-9736 Exec Code 2017-06-17 2017-06-17
0.0
None ??? ??? ??? ??? ??? ???
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution.
45 CVE-2017-9735 2017-06-16 2017-06-20
0.0
None ??? ??? ??? ??? ??? ???
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
46 CVE-2017-9731 +Info 2017-06-16 2017-06-16
0.0
None ??? ??? ??? ??? ??? ???
In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core - Pyro 2.3, attackers can obtain sensitive information by reading a URL in a Source entry in an ipk package.
47 CVE-2017-9730 Exec Code Sql 2017-06-19 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter.
48 CVE-2017-9729 2017-06-16 2017-06-16
0.0
None ??? ??? ??? ??? ??? ???
In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the check_dst_limits_calc_pos_1 function in misc/regex/regexec.c when processing a crafted regular expression.
49 CVE-2017-9728 2017-06-16 2017-06-16
0.0
None ??? ??? ??? ??? ??? ???
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression.
50 CVE-2017-9675 2017-06-15 2017-06-19
0.0
None ??? ??? ??? ??? ??? ???
On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.
Total number of vulnerabilities : 369   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.