CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000363 Overflow 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.
2 CVE-2017-1000362 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the backup directory, if present. Upgrading from before 1.498 will no longer create a backup directory. Administrators relying on file access permissions in their manually created backups are advised to check them for the directory $JENKINS_HOME/jenkins.security.RekeySecretAdminMonitor/backups, and delete it if present.
3 CVE-2017-1000071 Bypass 2017-07-17 2017-07-18
0.0
None ??? ??? ??? ??? ??? ???
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
4 CVE-2017-1000068 DoS 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field.
5 CVE-2017-1000061 DoS 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
6 CVE-2017-1000056 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
7 CVE-2017-1000053 Exec Code 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session.
8 CVE-2017-1000052 Bypass 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.
9 CVE-2017-1000048 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.
10 CVE-2017-1000045 Bypass CSRF 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Mautic SSO/OAuth2 plugins are vulnerable to CSRF of the state parameter resulting in authentication bypass through clickjacking
11 CVE-2017-1000037 Exec Code 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically installs gems as specified by files in $PWD resulting in code execution RVM automatically does "bundle install" on a Gemfile specified by .versions.conf in $PWD resulting in code execution
12 CVE-2017-1000034 Exec Code 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.
13 CVE-2017-1000025 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
14 CVE-2017-1000024 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to a information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
15 CVE-2017-1000020 Bypass 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. An attacker can take complete advantage of this bug and take over the device remotely or locally. The bug has been successfully tested and reproduced in some versions of SOHO Routers manufactured by TOTOLINK, GREATEK and others."
16 CVE-2017-1000016 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
17 CVE-2017-1000009 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.
18 CVE-2017-1000008 CSRF 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password.
19 CVE-2017-1000007 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and information disclosure.
20 CVE-2017-1000006 XSS 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.
21 CVE-2017-1000004 Exec Code Sql 2017-07-17 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search, Social Friend Search, Social Group Search, File Comment, Gradebook Test Title, User Group Membership, Inbox/Sent Items, Sent Messages, Links, Photo Album, Poll, Social Application, Social Profile, Test, Content Menu, Auto-Login, and Gradebook components resulting in information disclosure, database modification, or potential code execution.
22 CVE-2017-1000003 2017-07-17 2017-07-18
0.0
None ??? ??? ??? ??? ??? ???
ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.
23 CVE-2017-1000002 Exec Code Dir. Trav. Bypass 2017-07-17 2017-07-18
0.0
None ??? ??? ??? ??? ??? ???
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure.
24 CVE-2017-1000001 2017-07-17 2017-07-17
0.0
None ??? ??? ??? ??? ??? ???
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on.
25 CVE-2017-11523 DoS 2017-07-22 2017-07-22
0.0
None ??? ??? ??? ??? ??? ???
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
26 CVE-2017-11522 DoS 2017-07-22 2017-07-22
0.0
None ??? ??? ??? ??? ??? ???
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
27 CVE-2017-11521 DoS 2017-07-22 2017-07-22
0.0
None ??? ??? ??? ??? ??? ???
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections.
28 CVE-2017-11519 2017-07-21 2017-07-21
0.0
None ??? ??? ??? ??? ??? ???
passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511.
29 CVE-2017-11517 Exec Code Overflow 2017-07-21 2017-07-21
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request.
30 CVE-2017-11516 XSS 2017-07-21 2017-07-21
0.0
None ??? ??? ??? ??? ??? ???
An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception->errorInfo is mishandled.
31 CVE-2017-11505 DoS 2017-07-21 2017-07-21
0.0
None ??? ??? ??? ??? ??? ???
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
32 CVE-2017-11503 XSS 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php.
33 CVE-2017-11502 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321.
34 CVE-2017-11501 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP. The users.ldap NixOS module implements user authentication against LDAP servers via a PAM module. It was found that if TLS is enabled to connect to the LDAP server with users.ldap.useTLS, peer verification will be unconditionally disabled in /etc/ldap.conf.
35 CVE-2017-11500 Dir. Trav. 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to delete any .zip file via the filenames parameter to /admin/system/database/filedown.php.
36 CVE-2017-11495 Exec Code 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.
37 CVE-2017-11478 DoS 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
38 CVE-2017-11473 Overflow +Priv 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table.
39 CVE-2017-11472 Bypass +Info 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
40 CVE-2017-11471 Sql 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
41 CVE-2017-11470 Sql 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
42 CVE-2017-11469 Dir. Trav. 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
43 CVE-2017-11468 DoS 2017-07-20 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.
44 CVE-2017-11467 Exec Code 2017-07-19 2017-07-20
0.0
None ??? ??? ??? ??? ??? ???
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
45 CVE-2017-11466 Exec Code Dir. Trav. 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajax_file_upload. This results in arbitrary code execution by requesting the .jsp file at a /assets URI.
46 CVE-2017-11465 DoS Bypass 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism.
47 CVE-2017-11464 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
48 CVE-2017-11456 Dir. Trav. 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
49 CVE-2017-11441 XSS 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297.
50 CVE-2017-11436 2017-07-19 2017-07-19
0.0
None ??? ??? ??? ??? ??? ???
D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection.
Total number of vulnerabilities : 310   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.