CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-20

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1002153 20 2017-10-06 2017-10-25
5.0
None Remote Low Not required None Partial None
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.
2 CVE-2017-1002012 20 2017-09-14 2017-09-20
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.
3 CVE-2017-1002005 20 2017-09-14 2017-09-18
5.0
None Remote Low Not required None Partial None
Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query.
4 CVE-2017-1002004 20 2017-09-14 2017-09-18
5.0
None Remote Low Not required None Partial None
Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query.
5 CVE-2017-1000368 20 Exec Code 2017-06-05 2017-10-30
7.2
None Local Low Not required Complete Complete Complete
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
6 CVE-2017-1000367 20 Exec Code 2017-06-05 2017-08-12
6.9
None Local Medium Not required Complete Complete Complete
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
7 CVE-2017-1000252 20 DoS 2017-09-26 2017-11-05
2.1
None Local Low Not required None None Partial
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
8 CVE-2017-1000247 20 2017-11-16 2017-12-04
5.0
None Remote Low Not required None Partial None
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
9 CVE-2017-1000230 20 DoS 2017-11-17 2017-12-02
5.0
None Remote Low Not required None None Partial
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
10 CVE-2017-1000228 20 Exec Code 2017-11-16 2017-11-30
10.0
None Remote Low Not required Complete Complete Complete
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
11 CVE-2017-1000201 20 DoS 2017-11-16 2017-12-01
2.1
None Local Low Not required None None Partial
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
12 CVE-2017-1000189 20 2017-11-16 2017-11-30
5.0
None Remote Low Not required None None Partial
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile()
13 CVE-2017-1000169 20 Exec Code 2017-11-17 2017-12-02
10.0
None Remote Low Not required Complete Complete Complete
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.
14 CVE-2017-1000122 20 DoS 2017-11-01 2017-11-21
5.0
None Remote Low Not required None None Partial
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products.
15 CVE-2017-1000082 20 2017-07-07 2017-07-22
10.0
Admin Remote Low Not required Complete Complete Complete
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
16 CVE-2017-1000048 20 2017-07-17 2017-08-04
5.0
None Remote Low Not required None None Partial
the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.
17 CVE-2017-1000039 20 Exec Code 2017-07-17 2017-07-19
7.5
None Remote Low Not required Partial Partial Partial
Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution
18 CVE-2017-1000018 20 2017-07-17 2017-07-19
5.0
None Remote Low Not required None None Partial
phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name
19 CVE-2017-1000016 20 2017-07-17 2017-07-26
5.0
None Remote Low Not required None Partial None
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
20 CVE-2017-1000014 20 2017-07-17 2017-07-19
5.0
None Remote Low Not required None None Partial
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality
21 CVE-2017-1000001 20 2017-07-17 2017-07-26
5.0
None Remote Low Not required None Partial None
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on.
22 CVE-2017-16837 20 Exec Code 2017-11-15 2017-12-04
4.6
None Local Low Not required Partial Partial Partial
Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
23 CVE-2017-16637 20 2017-11-06 2017-11-29
2.1
None Local Low Not required None None Partial
In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. Although the mechanism malfunctions and an error occurs during the runtime with the stack trace being issued, the software process is not properly terminated. The software client is still attempting to maintain the connection even though the network connection information is being reset live. In that insecure mode, the "FrmAdvancedProtection" component crashes, but the process continues to run with different errors and process corruptions. This local corruption vulnerability can be exploited by local attackers.
24 CVE-2017-16547 20 DoS 2017-11-06 2017-11-07
6.8
None Remote Medium Not required Partial Partial Partial
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
25 CVE-2017-16538 20 DoS 2017-11-03 2017-11-16
7.2
None Local Low Not required Complete Complete Complete
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner).
26 CVE-2017-16237 20 2017-11-03 2017-11-22
4.6
None Local Low Not required Partial Partial Partial
In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C.
27 CVE-2017-16227 20 DoS 2017-10-29 2017-11-18
5.0
None Remote Low Not required None None Partial
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message.
28 CVE-2017-15956 20 2017-10-29 2017-11-17
5.0
None Remote Low Not required Partial None None
ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php.
29 CVE-2017-15951 20 DoS 2017-10-27 2017-11-13
7.2
None Local Low Not required Complete Complete Complete
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
30 CVE-2017-15928 20 2017-10-27 2017-11-16
5.0
None Remote Low Not required None None Partial
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication.
31 CVE-2017-15908 20 2017-10-26 2017-11-08
5.0
None Remote Low Not required None None Partial
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
32 CVE-2017-15879 20 2017-10-24 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.
33 CVE-2017-15651 20 Exec Code 2017-10-19 2017-10-31
6.5
None Remote Low Single system Partial Partial Partial
PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.
34 CVE-2017-15591 20 DoS 2017-10-18 2017-10-31
4.9
None Local Low Not required None None Complete
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
35 CVE-2017-15285 20 Exec Code 2017-10-12 2017-11-03
6.5
None Remote Low Single system Partial Partial Partial
X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. This vulnerability can be exploited by anyone with Vendor access or higher. One attack methodology is to upload an image file in the Attachments section of a product catalog, upload a .php file with an "Add File Via URL" action, and change the image's Description URL to reference the .php URL in the attachments/ directory.
36 CVE-2017-15270 20 2017-11-15 2017-12-02
5.0
None Remote Low Not required None Partial None
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' and '\r' are not escaped and can be used to add new entries to the log.
37 CVE-2017-15185 20 DoS 2017-10-09 2017-11-05
4.3
None Remote Medium Not required None None Partial
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
38 CVE-2017-15024 20 DoS 2017-10-04 2017-10-11
4.3
None Remote Medium Not required None None Partial
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
39 CVE-2017-15012 20 2017-10-13 2017-11-02
6.5
None Remote Low Single system Partial Partial Partial
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation.
40 CVE-2017-14992 20 DoS 2017-11-01 2017-11-22
4.3
None Remote Medium Not required None None Partial
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.
41 CVE-2017-14961 20 2017-11-15 2017-12-04
7.2
None Local Low Not required Complete Complete Complete
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
42 CVE-2017-14944 20 2017-09-29 2017-10-11
5.0
None Remote Low Not required None Partial None
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060.
43 CVE-2017-14935 20 +Info 2017-09-29 2017-10-06
5.0
None Remote Low Not required Partial None None
Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly validate requests, which allows remote users to query and obtain sensitive information.
44 CVE-2017-14933 20 DoS 2017-09-29 2017-10-10
4.3
None Remote Medium Not required None None Partial
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.
45 CVE-2017-14932 20 DoS 2017-09-29 2017-10-03
4.3
None Remote Medium Not required None None Partial
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.
46 CVE-2017-14919 20 DoS 2017-10-30 2017-11-21
5.0
None Remote Low Not required None None Partial
Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.
47 CVE-2017-14867 20 Exec Code 2017-09-28 2017-10-11
9.0
None Remote Low Single system Complete Complete Complete
Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support.
48 CVE-2017-14771 20 2017-10-02 2017-10-11
3.6
None Local Low Not required None Partial Partial
Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the application. During a debugger-pause state, a local authenticated attacker can upload an arbitrary file and overwrite existing files within the scope of the affected application.
49 CVE-2017-14741 20 DoS 2017-09-25 2017-09-28
4.3
None Remote Medium Not required None None Partial
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
50 CVE-2017-14696 20 DoS 2017-10-24 2017-11-15
5.0
None Remote Low Not required None None Partial
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.
Total number of vulnerabilities : 5001   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.