CVE-2017-9625 CVSS:0.0
An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view information and modify settings or execute code remotely. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-8805 CVSS:0.0
Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-6273 CVSS:0.0
NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-5531 CVSS:0.0
Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed File Transfer Internet Server versions 8.0.0 and 8.0.1 that enable the Administrator Service may be affected by a vulnerability which may allow any authenticated user to gain administrative control of Managed File Transfer web applications. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-3761 CVSS:0.0
The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-3760 CVSS:0.0
The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-3759 CVSS:0.0
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-3758 CVSS:0.0
Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-15565 CVSS:0.0
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. (Last Update:2017-10-17) (Publish Update:2017-10-17)
CVE-2017-15539 CVSS:0.0
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php. (Last Update:2017-10-17) (Publish Update:2017-10-17)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com