CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1001004 20 Exec Code 2017-11-27 2017-12-20
6.8
None Remote Medium Not required Partial Partial Partial
typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
2 CVE-2017-1001003 20 2017-11-27 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
3 CVE-2017-1001002 94 Exec Code 2017-11-27 2018-01-10
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
4 CVE-2017-1001001 79 XSS 2017-11-01 2017-11-18
3.5
None Remote Medium Single system None Partial None
PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges.
5 CVE-2017-1000406 254 2017-11-30 2017-12-20
5.0
None Remote Low Not required None Partial None
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
6 CVE-2017-1000405 362 2017-11-30 2018-02-12
6.9
None Local Medium Not required Complete Complete Complete
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.
7 CVE-2017-1000248 502 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
8 CVE-2017-1000247 20 2017-11-16 2017-12-04
5.0
None Remote Low Not required None Partial None
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
9 CVE-2017-1000246 310 2017-11-16 2017-12-04
5.0
None Remote Low Not required Partial None None
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
10 CVE-2017-1000245 255 2017-11-01 2017-11-22
5.0
None Remote Low Not required Partial None None
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.
11 CVE-2017-1000244 352 CSRF 2017-11-01 2017-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification
12 CVE-2017-1000243 275 2017-11-01 2017-11-24
4.0
None Remote Low Single system None Partial None
Jenkins Favorite Plugin 2.1.4 and older does not perform permission checks when changing favorite status, allowing any user to set any other user's favorites
13 CVE-2017-1000242 200 +Info 2017-11-01 2017-11-24
2.1
None Local Low Not required Partial None None
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure
14 CVE-2017-1000241 264 2017-11-16 2017-11-30
6.5
None Remote Low Single system Partial Partial Partial
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
15 CVE-2017-1000240 79 XSS 2017-11-16 2017-11-30
3.5
None Remote Medium Single system None Partial None
The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting (XSS) vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML.
16 CVE-2017-1000239 79 XSS 2017-11-16 2017-11-29
3.5
None Remote Medium Single system None Partial None
InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site Scripting resulting in allowing an authenticated user to inject malicious client side script which will be executed in the browser of users if they visit the manipulated site.
17 CVE-2017-1000238 434 2017-11-16 2017-11-30
6.5
None Remote Low Single system Partial Partial Partial
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver.
18 CVE-2017-1000237 918 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
19 CVE-2017-1000236 79 XSS 2017-11-16 2017-11-29
4.3
None Remote Medium Not required None Partial None
I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.
20 CVE-2017-1000235 78 2017-11-16 2017-11-29
10.0
None Remote Low Not required Complete Complete Complete
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
21 CVE-2017-1000234 200 +Info 2017-11-16 2017-11-29
5.0
None Remote Low Not required Partial None None
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter
22 CVE-2017-1000232 415 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
23 CVE-2017-1000231 415 2017-11-16 2018-02-03
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
24 CVE-2017-1000230 20 DoS 2017-11-17 2017-12-02
5.0
None Remote Low Not required None None Partial
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
25 CVE-2017-1000229 190 DoS Exec Code Overflow 2017-11-17 2018-02-03
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
26 CVE-2017-1000228 20 Exec Code 2017-11-16 2017-11-30
10.0
None Remote Low Not required Complete Complete Complete
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
27 CVE-2017-1000227 79 XSS 2017-11-17 2017-12-03
3.5
None Remote Medium Single system None Partial None
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can
28 CVE-2017-1000226 200 +Info 2017-11-17 2017-12-04
5.0
None Remote Low Not required Partial None None
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
29 CVE-2017-1000225 79 XSS 2017-11-17 2017-12-01
4.3
None Remote Medium Not required None Partial None
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can
30 CVE-2017-1000224 352 CSRF 2017-11-16 2017-12-03
4.3
None Remote Medium Not required None Partial None
CSRF in YouTube (WordPress plugin) could allow unauthenticated attacker to change any setting within the plugin
31 CVE-2017-1000223 79 XSS 2017-11-17 2017-12-01
3.5
None Remote Medium Single system None Partial None
A stored web content injection vulnerability (WCI, a.k.a XSS) is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an escalation of privileges providing complete administrative control over the CMS.
32 CVE-2017-1000221 284 2017-11-17 2017-12-05
4.0
None Remote Low Single system Partial None None
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X.
33 CVE-2017-1000220 77 Exec Code 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
34 CVE-2017-1000219 77 Exec Code 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
35 CVE-2017-1000218 119 DoS Exec Code Overflow 2017-11-16 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
36 CVE-2017-1000217 74 Exec Code 2017-11-17 2017-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.
37 CVE-2017-1000215 77 Exec Code 2017-11-17 2017-12-01
10.0
None Remote Low Not required Complete Complete Complete
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
38 CVE-2017-1000214 78 2017-11-27 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
GitPHP by xiphux is vulnerable to OS Command Injections
39 CVE-2017-1000213 79 XSS 2017-11-16 2017-11-29
3.5
None Remote Medium Single system None Partial None
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
40 CVE-2017-1000212 264 Exec Code 2017-11-17 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
41 CVE-2017-1000211 416 2017-11-17 2018-02-03
5.0
None Remote Low Not required Partial None None
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.
42 CVE-2017-1000210 119 DoS Exec Code Overflow 2017-11-16 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
43 CVE-2017-1000209 295 2017-11-16 2017-12-05
4.3
None Remote Medium Not required Partial None None
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate.
44 CVE-2017-1000208 17 Exec Code 2017-11-16 2017-12-08
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
45 CVE-2017-1000207 17 Exec Code 2017-11-27 2017-12-08
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
46 CVE-2017-1000206 119 Exec Code Overflow 2017-11-17 2017-12-01
7.5
None Remote Low Not required Partial Partial Partial
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
47 CVE-2017-1000203 77 Exec Code 2017-11-17 2017-12-04
9.0
None Remote Low Single system Complete Complete Complete
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
48 CVE-2017-1000201 20 DoS 2017-11-16 2017-12-01
2.1
None Local Low Not required None None Partial
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
49 CVE-2017-1000200 476 DoS 2017-11-16 2017-12-01
5.0
None Remote Low Not required None None Partial
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
50 CVE-2017-1000199 200 +Info 2017-11-16 2017-12-01
5.0
None Remote Low Not required Partial None None
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
Total number of vulnerabilities : 1061   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.