CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000383 2017-10-31 2017-11-07
0.0
None ??? ??? ??? ??? ??? ???
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
2 CVE-2017-1000382 2017-10-31 2017-11-06
0.0
None ??? ??? ??? ??? ??? ???
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
3 CVE-2017-1000257 2017-10-31 2017-11-05
0.0
None ??? ??? ??? ??? ??? ???
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.
4 CVE-2017-1000256 2017-10-31 2017-11-06
0.0
None ??? ??? ??? ??? ??? ???
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
5 CVE-2017-1000255 2017-10-30 2017-10-31
0.0
None ??? ??? ??? ??? ??? ???
On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry the content of the signal frame is written to the kernel stack, allowing an attacker to overwrite arbitrary locations with arbitrary values. The exception handling does produce an oops, and a panic if panic_on_oops=1, but only after kernel memory has been over written. This flaw was introduced in commit: "5d176f751ee3 (powerpc: tm: Enable transactional memory (TM) lazily for userspace)" which was merged upstream into v4.9-rc1. Please note that kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.
6 CVE-2017-1000248 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
7 CVE-2017-1000247 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
8 CVE-2017-1000246 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
9 CVE-2017-1000245 2017-11-01 2017-11-01
0.0
None ??? ??? ??? ??? ??? ???
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.
10 CVE-2017-1000241 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
11 CVE-2017-1000240 XSS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting (XSS) vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML.
12 CVE-2017-1000239 XSS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site Scripting resulting in allowing an authenticated user to inject malicious client side script which will be executed in the browser of users if they visit the manipulated site.
13 CVE-2017-1000238 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver.
14 CVE-2017-1000237 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
15 CVE-2017-1000236 XSS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.
16 CVE-2017-1000235 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
17 CVE-2017-1000234 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter
18 CVE-2017-1000232 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
19 CVE-2017-1000231 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
20 CVE-2017-1000230 DoS 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
21 CVE-2017-1000229 DoS Exec Code Overflow 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
22 CVE-2017-1000228 Exec Code 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
23 CVE-2017-1000227 XSS 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can
24 CVE-2017-1000226 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
25 CVE-2017-1000225 XSS 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can
26 CVE-2017-1000224 CSRF 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
CSRF in YouTube (WordPress plugin) could allow unauthenticated attacker to change any setting within the plugin
27 CVE-2017-1000223 XSS 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
A stored web content injection vulnerability (WCI, a.k.a XSS) is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an escalation of privileges providing complete administrative control over the CMS.
28 CVE-2017-1000221 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X.
29 CVE-2017-1000220 Exec Code 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
30 CVE-2017-1000219 Exec Code 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
31 CVE-2017-1000218 DoS Exec Code Overflow 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
32 CVE-2017-1000217 Exec Code 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.
33 CVE-2017-1000215 Exec Code 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
34 CVE-2017-1000213 XSS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
35 CVE-2017-1000212 Exec Code 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
36 CVE-2017-1000211 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
Lynx version 2.8.8 and older is vulnerable to a use after free in the HTML parser resulting in memory disclosure.
37 CVE-2017-1000210 DoS Exec Code Overflow 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
38 CVE-2017-1000209 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate.
39 CVE-2017-1000208 Exec Code 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
40 CVE-2017-1000206 Exec Code Overflow 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
41 CVE-2017-1000203 Exec Code 2017-11-17 2017-11-17
0.0
None ??? ??? ??? ??? ??? ???
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
42 CVE-2017-1000201 DoS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
43 CVE-2017-1000200 DoS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
44 CVE-2017-1000199 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
45 CVE-2017-1000198 DoS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
46 CVE-2017-1000197 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
47 CVE-2017-1000196 Exec Code 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
48 CVE-2017-1000195 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server.
49 CVE-2017-1000194 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server.
50 CVE-2017-1000193 Exec Code XSS 2017-11-16 2017-11-16
0.0
None ??? ??? ??? ??? ??? ???
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser.
Total number of vulnerabilities : 751   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.