Vulnerability Summary for the Week of July 3, 2017
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
cisco -- elastic_services_controller | A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634. | 2017-07-05 | 9.0 | CVE-2017-6712 BID CONFIRM |
cisco -- elastic_services_controller | A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between installations. An attacker who can extract the static credentials from an existing installation of Cisco ESC could generate an admin session token that allows access to all instances of the ESC web UI. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76627. | 2017-07-05 | 10.0 | CVE-2017-6713 BID CONFIRM |
cisco -- ios_xr | A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb99384. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases: 6.2.11.3i.ROUT 6.2.1.29i.ROUT 6.2.1.26i.ROUT. | 2017-07-03 | 7.2 | CVE-2017-6718 BID SECTRACK CONFIRM |
cisco -- ios_xr | A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges, aka Command Injection. More Information: CSCvb99406. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases: 6.2.1.28i.BASE 6.2.1.22i.BASE 6.1.32.8i.BASE 6.1.31.3i.BASE 6.1.3.10i.BASE. | 2017-07-03 | 7.2 | CVE-2017-6719 BID SECTRACK CONFIRM |
cisco -- staros | A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930. | 2017-07-05 | 7.2 | CVE-2017-6707 BID SECTRACK CONFIRM |
cisco -- ultra_services_framework | A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of validation checks for the input that is used to create symbolic links. This vulnerability affects all releases of the Cisco Ultra Services Framework prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76654. | 2017-07-05 | 7.5 | CVE-2017-6708 CONFIRM |
cisco -- ultra_services_framework_staging_server | A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability by crafting CLI command inputs to execute Linux shell commands as the root user. This vulnerability affects all releases of Cisco Ultra Services Framework Staging Server prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76673. | 2017-07-05 | 10.0 | CVE-2017-6714 BID CONFIRM |
google -- android | The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess. | 2017-06-30 | 7.2 | CVE-2017-10709 MISC MISC MISC MISC MISC |
humaxdigital -- hg100r_firmware | An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin. | 2017-07-03 | 10.0 | CVE-2017-7315 MISC |
humaxdigital -- hg100r_firmware | An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin. | 2017-07-03 | 10.0 | CVE-2017-7317 MISC |
puppet -- mcollective | Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior. | 2017-06-30 | 7.5 | CVE-2017-2292 CONFIRM |
videolan -- vlc_media_player | avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution. | 2017-06-30 | 7.5 | CVE-2017-10699 SECTRACK CONFIRM |
xen -- xen | Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. | 2017-07-04 | 10.0 | CVE-2017-10912 BID CONFIRM |
xen -- xen | Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221. | 2017-07-04 | 9.4 | CVE-2017-10917 BID CONFIRM |
xen -- xen | Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222. | 2017-07-04 | 10.0 | CVE-2017-10918 BID CONFIRM |
xoev -- osci_transport_library | An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET), exploitable by sending a crafted standard-conforming OSCI message from within the infrastructure. | 2017-06-30 | 7.5 | CVE-2017-10670 MISC MISC |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
aeroadmin -- aeroadmin | AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service. | 2017-07-02 | 5.0 | CVE-2017-8893 MISC |
aeroadmin -- aeroadmin | AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine. | 2017-07-02 | 6.8 | CVE-2017-8894 MISC |
antiy -- antivirus_engine | Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl call. | 2017-06-30 | 4.9 | CVE-2017-10674 MISC |
bestpractical -- request_tracker | Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2, when the AlwaysDownloadAttachments config setting is not in use, allows remote attackers to inject arbitrary web script or HTML via a file upload with an unspecified content type. | 2017-07-03 | 4.3 | CVE-2016-6127 DEBIAN BID CONFIRM |
bestpractical -- request_tracker | Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel attack. | 2017-07-03 | 4.3 | CVE-2017-5361 DEBIAN DEBIAN CONFIRM |
bestpractical -- request_tracker | Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote attackers to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL. | 2017-07-03 | 6.8 | CVE-2017-5943 DEBIAN BID CONFIRM |
bestpractical -- request_tracker | The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name. | 2017-07-03 | 6.5 | CVE-2017-5944 DEBIAN BID CONFIRM |
cisco -- evolved_programmable_network_manager | A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc24616 CSCvc35363 CSCvc49574. Known Affected Releases: 3.1(1) 2.0(4.0.45B). | 2017-07-03 | 4.3 | CVE-2017-6699 BID SECTRACK CONFIRM |
cisco -- identity_services_engine | A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvd49141. Known Affected Releases: 2.1(102.101). | 2017-07-03 | 4.3 | CVE-2017-6701 BID SECTRACK CONFIRM |
cisco -- prime_collaboration_provisioning | A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1. | 2017-07-03 | 4.0 | CVE-2017-6703 BID SECTRACK CONFIRM |
cisco -- prime_collaboration_provisioning | A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1. | 2017-07-03 | 4.0 | CVE-2017-6704 BID SECTRACK CONFIRM |
cisco -- prime_infrastructure | A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc23892 CSCvc35270 CSCvc35626 CSCvc35630 CSCvc49568. Known Affected Releases: 3.1(1) 2.0(4.0.45B). | 2017-07-03 | 5.5 | CVE-2017-6698 BID SECTRACK CONFIRM |
cisco -- prime_infrastructure | A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) based (environment or client-side) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc24620 CSCvc49586. Known Affected Releases: 3.1(1) 2.0(4.0.45B). | 2017-07-03 | 4.3 | CVE-2017-6700 BID SECTRACK CONFIRM |
cisco -- prime_infrastructure | A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCuw65843. Known Affected Releases: 3.1(0.0). | 2017-07-03 | 4.3 | CVE-2017-6724 BID SECTRACK CONFIRM |
cisco -- prime_infrastructure | A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCuw65833 CSCuw65837. Known Affected Releases: 2.2(2). | 2017-07-03 | 4.3 | CVE-2017-6725 BID SECTRACK CONFIRM |
cisco -- socialminer | A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCve15285. Known Affected Releases: 11.5(1). | 2017-07-03 | 4.3 | CVE-2017-6702 BID SECTRACK CONFIRM |
cisco -- staros | A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. Affected Products: ASR 5000 Series Routers, Virtualized Packet Core (VPC) Software. More Information: CSCvc21129. Known Affected Releases: 21.1.0 21.1.M0.65601 21.1.v0. Known Fixed Releases: 21.2.A0.65754 21.1.b0.66164 21.1.V0.66014 21.1.R0.65759 21.1.M0.65749 21.1.0.66030 21.1.0. | 2017-07-03 | 5.0 | CVE-2017-3865 BID SECTRACK CONFIRM |
cisco -- ultra_services_framework | A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (ESC) and Cisco OpenStack deployments in an affected system. The vulnerability exists because the affected software logs administrative credentials in clear text for Cisco ESC and Cisco OpenStack deployment purposes. An attacker could exploit this vulnerability by accessing the AutoVNF URL for the location where the log files are stored and subsequently accessing the administrative credentials that are stored in clear text in those log files. This vulnerability affects all releases of the Cisco Ultra Services Framework prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76659. | 2017-07-05 | 5.0 | CVE-2017-6709 CONFIRM |
cisco -- ultra_services_framework | A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the affected software. An attacker could exploit this vulnerability by accessing the affected device through the orchestrator network. An exploit could allow the attacker to gain access to ZooKeeper data nodes (znodes) and influence the behavior of the system's high-availability feature. This vulnerability affects all releases of Cisco Ultra Services Framework UAS prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvd29395. | 2017-07-05 | 6.4 | CVE-2017-6711 BID CONFIRM |
cisco -- unified_contact_center_express | A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legitimate user, aka a Clear Text Authentication Vulnerability. More Information: CSCuw86638. Known Affected Releases: 10.6(1). Known Fixed Releases: 11.5(1.10000.61). | 2017-07-03 | 5.5 | CVE-2017-6722 BID SECTRACK CONFIRM |
cisco -- wide_area_application_services | A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information: CSCvc57428. Known Affected Releases: 6.3(1). Known Fixed Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22). | 2017-07-03 | 5.0 | CVE-2017-6721 BID SECTRACK CONFIRM |
ektron -- ektron_content_management_system | Cross-site scripting (XSS) vulnerability in Ektron Content Management System (CMS) before 9.1.0.184 SP3 (9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the ContType parameter in a ViewContentByCategory action to WorkArea/content.aspx. | 2017-07-03 | 4.3 | CVE-2016-6201 MISC |
elasticsearch -- kibana | In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials could then be viewed by untrusted parties or logged into the Kibana access logs. | 2017-06-30 | 4.3 | CVE-2017-8443 CONFIRM |
graphicsmagick -- graphicsmagick | When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | 2017-07-02 | 4.3 | CVE-2017-10794 BID CONFIRM |
graphicsmagick -- graphicsmagick | When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | 2017-07-02 | 4.3 | CVE-2017-10799 CONFIRM BID |
graphicsmagick -- graphicsmagick | When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | 2017-07-02 | 4.3 | CVE-2017-10800 CONFIRM BID |
humaxdigital -- hg100r_firmware | An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page. | 2017-07-03 | 4.3 | CVE-2017-7316 MISC |
intelliants -- subrion_cms | Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote attackers to inject arbitrary web script or HTML via the body to blog/add/, a different vulnerability than CVE-2017-6069. | 2017-07-02 | 4.3 | CVE-2017-10795 BID MISC |
netapp -- altavault | NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. | 2017-07-03 | 5.1 | CVE-2016-3998 CONFIRM |
netapp -- clustered_data_ontap | NetApp Clustered Data ONTAP allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service by leveraging failure to enable SMB signing enforcement in its default state. | 2017-07-03 | 6.8 | CVE-2016-3997 CONFIRM CONFIRM |
netapp -- data_ontap | NetApp Data ONTAP, when operating in 7-Mode 8.1 and 8.2, allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. | 2017-07-03 | 6.8 | CVE-2016-3400 CONFIRM BID MISC CONFIRM |
netapp -- oncommand_system_manager | NetApp OnCommand System Manager before 9.0 allows remote attackers to obtain sensitive credentials via vectors related to cluster peering setup. | 2017-07-03 | 6.8 | CVE-2016-5045 CONFIRM |
objectplanet -- opinio | In ObjectPlanet Opinio before 7.6.4, there is XSS. | 2017-07-02 | 4.3 | CVE-2017-10798 CONFIRM |
puppetlabs -- mcollective-sshkey-security | The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem". | 2017-06-30 | 4.3 | CVE-2017-2298 CONFIRM CONFIRM CONFIRM |
winamp -- winamp | Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Code Flow starting at in_flv!winampGetInModule2+0x00000000000009a8." | 2017-07-05 | 4.4 | CVE-2017-10725 MISC |
xen -- xen | Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. | 2017-07-04 | 5.0 | CVE-2017-10919 BID CONFIRM |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!FindSortHashNode+0x0000000000000040." | 2017-07-05 | 4.6 | CVE-2017-10774 MISC |
xoev -- osci_transport_library | A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the transport encryption. | 2017-06-30 | 4.3 | CVE-2017-10668 MISC MISC |
xoev -- osci_transport_library | Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs. | 2017-06-30 | 6.4 | CVE-2017-10669 MISC MISC |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
antiy -- antivirus_engine | When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP archive, it crashes with a stack-based buffer overflow because a fixed path length is used. | 2017-07-02 | 2.1 | CVE-2017-10706 MISC |
cisco -- firepower_management_center | A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. Affected Products: Cisco Firepower Management Center Releases 5.4.1.x and prior. More Information: CSCuy88951. Known Affected Releases: 5.4.1.6. | 2017-07-03 | 3.5 | CVE-2017-6715 BID CONFIRM |
cisco -- firepower_management_center | A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software Releases prior to 6.0.0.0. More Information: CSCuy88785. Known Affected Releases: 5.4.1.6. | 2017-07-03 | 3.5 | CVE-2017-6716 BID CONFIRM |
cisco -- firepower_management_center | A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc38801. Known Affected Releases: 6.0.1.3 6.2.1. Known Fixed Releases: 6.2.1. | 2017-07-03 | 3.5 | CVE-2017-6717 BID CONFIRM |
cisco -- identity_services_engine | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc85415. Known Affected Releases: 2.1(0.800). | 2017-07-03 | 3.5 | CVE-2017-6605 BID SECTRACK CONFIRM |
cisco -- prime_collaboration_provisioning | A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known Affected Releases: 12.1. | 2017-07-03 | 2.1 | CVE-2017-6705 BID SECTRACK CONFIRM |
cisco -- prime_collaboration_provisioning | A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1. | 2017-07-03 | 3.6 | CVE-2017-6706 BID SECTRACK CONFIRM |
synology -- audio_station | Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title. | 2017-06-30 | 3.5 | CVE-2015-9104 MISC CONFIRM |
synology -- note_station | Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments. | 2017-06-30 | 3.5 | CVE-2015-9103 MISC MISC CONFIRM |
synology -- photo_station | Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) album name, (2) file name of uploaded photos, (3) description of photos, or (4) tag of the photos. | 2017-06-30 | 3.5 | CVE-2015-9102 MISC MISC MISC MISC CONFIRM |
synology -- video_station | Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before 1.6-0847 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) file name or (2) collection name of videos. | 2017-06-30 | 3.5 | CVE-2015-9105 MISC MISC CONFIRM |
Severity Not Yet Assigned
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
acquisition_technology_&_logistics_agency -- electronic_tendering_and_bid_opening_system | Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2208 MISC JVN |
apache -- etherpad | Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests. | 2017-07-07 | not yet calculated | CVE-2015-3297 MLIST MLIST BID CONFIRM |
apache -- solr | Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected. | 2017-07-07 | not yet calculated | CVE-2017-7660 MLIST |
apple -- quicktime_for_windows | Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2218 JVN MISC |
brother_industries -- mfc-j960dwn_firmware | Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN firmware ver.D and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2244 JVN CONFIRM |
c-ares -- c-ares | The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. | 2017-07-07 | not yet calculated | CVE-2017-1000381 CONFIRM CONFIRM |
cacti -- cacti | Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php. | 2017-07-06 | not yet calculated | CVE-2017-10970 CONFIRM |
catdoc -- catdoc | The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer. | 2017-07-08 | not yet calculated | CVE-2017-11110 MISC |
charamin_steering_committee --installer_of_charamin_omp | Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2227 JVN |
cybozu -- garoon | Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page. | 2017-07-07 | not yet calculated | CVE-2017-2144 JVN CONFIRM |
cybozu -- garoon | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. | 2017-07-07 | not yet calculated | CVE-2017-2146 JVN CONFIRM |
cybozu -- garoon | Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2145 JVN CONFIRM |
cybozu -- kunai | Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2172 JVN CONFIRM |
d-link -- d-link_dir-615 | On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page that sends a POST request to Form2File.htm that tries to upload Firmware to victim's Router. This causes the router to reboot/crash resulting in Denial of Service. An attacker may succeed in uploading malicious Firmware. | 2017-07-07 | not yet calculated | CVE-2017-7404 MISC MISC |
d-link -- d-link_dir-615 | On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim's host, an attacker might be able to take over the administrative session without being prompted for authentication credentials. An attacker can get the victim's and router's IP addresses by simply sniffing the network traffic. Moreover, if the victim has web access enabled on his router and is accessing the web interface from a different network that is behind the NAT/Proxy, an attacker can sniff the network traffic to know the public IP address of the victim's router and take over his session as he won't be prompted for credentials. | 2017-07-07 | not yet calculated | CVE-2017-7405 MISC MISC |
d-link -- d-link_dir-615 | The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages. Also, it doesn't allow the user to generate his own SSL Certificate. An attacker can simply monitor network traffic to steal a user's credentials and/or credentials of users being added while sniffing the traffic. | 2017-07-07 | not yet calculated | CVE-2017-7406 MISC MISC |
dbd::mysql -- dbd::mysql | The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples. | 2017-07-01 | not yet calculated | CVE-2017-10788 MISC BID MISC |
dbd::mysql -- dbd::mysql | The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be encrypted" statement), which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152. | 2017-07-01 | not yet calculated | CVE-2017-10789 BID MISC MISC |
dfactory -- responsive_lightbox | Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2243 JVN CONFIRM |
elastic -- elasticsearch_x-pack_security | Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details. | 2017-07-07 | not yet calculated | CVE-2017-8442 CONFIRM |
emc -- rsa_archer | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other users' discussion forum messages. | 2017-07-06 | not yet calculated | CVE-2017-4999 CONFIRM BID SECTRACK |
emc -- rsa_archer | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the vulnerability to execute unauthorized requests on behalf of the victim, using the authenticated user's privileges. | 2017-07-06 | not yet calculated | CVE-2017-4998 CONFIRM BID SECTRACK |
emc -- rsa_archer | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack. | 2017-07-06 | not yet calculated | CVE-2017-5001 CONFIRM BID SECTRACK |
emc -- rsa_archer | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the RSA Archer application without the victims realizing an attack occurred. | 2017-07-06 | not yet calculated | CVE-2017-5002 CONFIRM BID SECTRACK |
emc -- rsa_archer | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more focused attack. | 2017-07-06 | not yet calculated | CVE-2017-5000 CONFIRM BID SECTRACK |
fastone -- image_viewer | FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | 2017-07-05 | not yet calculated | CVE-2017-8826 MISC |
fastone -- image_viewer | FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | 2017-07-05 | not yet calculated | CVE-2017-8785 MISC |
finecms -- finecms | In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters. | 2017-07-06 | not yet calculated | CVE-2017-10967 CONFIRM |
finecms -- finecms | In FineCMS through 2017-07-07, application\core\controller\template.php allows remote PHP code execution by placing the code after "<?php" in a route=template request. | 2017-07-07 | not yet calculated | CVE-2017-10968 MISC |
finecms -- finecms | In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header. | 2017-07-06 | not yet calculated | CVE-2017-10973 CONFIRM CONFIRM |
foxit -- foxit_reader_and_phantompdf | Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document. | 2017-07-07 | not yet calculated | CVE-2017-10994 CONFIRM |
golang -- go | A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. | 2017-07-06 | not yet calculated | CVE-2017-8932 SUSE SUSE MISC CONFIRM CONFIRM CONFIRM MLIST FEDORA |
google -- android | A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809. | 2017-07-06 | not yet calculated | CVE-2017-0699 CONFIRM |
google -- android | A information disclosure vulnerability in the HTC sensor hub driver. Product: Android. Versions: Android kernel. Android ID: A-35468048. | 2017-07-06 | not yet calculated | CVE-2017-0709 CONFIRM |
google -- android | A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177. | 2017-07-06 | not yet calculated | CVE-2017-0670 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151. | 2017-07-06 | not yet calculated | CVE-2017-0678 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36215950. | 2017-07-06 | not yet calculated | CVE-2017-0689 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414. | 2017-07-06 | not yet calculated | CVE-2017-0665 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231. | 2017-07-06 | not yet calculated | CVE-2017-0686 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35584425. | 2017-07-06 | not yet calculated | CVE-2017-0688 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689. | 2017-07-06 | not yet calculated | CVE-2017-0666 CONFIRM |
google -- android | A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579. | 2017-07-06 | not yet calculated | CVE-2017-0668 CONFIRM |
google -- android | A information disclosure vulnerability in the Android framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34114752. | 2017-07-06 | not yet calculated | CVE-2017-0669 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202. | 2017-07-06 | not yet calculated | CVE-2017-0690 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37094889. | 2017-07-06 | not yet calculated | CVE-2017-0695 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278. | 2017-07-06 | not yet calculated | CVE-2017-0664 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291. | 2017-07-06 | not yet calculated | CVE-2017-0693 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37008096. | 2017-07-06 | not yet calculated | CVE-2017-0680 CONFIRM |
google -- android | Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a name parameter of an MTP request. | 2017-07-07 | not yet calculated | CVE-2014-7954 MISC FULLDISC BUGTRAQ BID |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008. | 2017-07-06 | not yet calculated | CVE-2017-0683 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422. | 2017-07-06 | not yet calculated | CVE-2017-0682 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566. | 2017-07-06 | not yet calculated | CVE-2017-0681 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34203195. | 2017-07-06 | not yet calculated | CVE-2017-0685 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318. | 2017-07-06 | not yet calculated | CVE-2017-0694 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824. | 2017-07-06 | not yet calculated | CVE-2017-0667 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407. | 2017-07-06 | not yet calculated | CVE-2017-0692 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978. | 2017-07-06 | not yet calculated | CVE-2017-0679 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453. | 2017-07-06 | not yet calculated | CVE-2017-0691 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35421151. | 2017-07-06 | not yet calculated | CVE-2017-0684 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207120. | 2017-07-06 | not yet calculated | CVE-2017-0696 CONFIRM |
google -- android | A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781. | 2017-07-06 | not yet calculated | CVE-2017-0711 BID CONFIRM |
google -- android | Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | 2017-07-07 | not yet calculated | CVE-2014-7953 FULLDISC BUGTRAQ BID CONFIRM |
google -- android | A elevation of privilege vulnerability in the Upstream Linux tcb. Product: Android. Versions: Android kernel. Android ID: A-34951864. | 2017-07-06 | not yet calculated | CVE-2017-0710 CONFIRM |
google -- android | A elevation of privilege vulnerability in the HTC led driver. Product: Android. Versions: Android kernel. Android ID: A-36088467. | 2017-07-06 | not yet calculated | CVE-2017-0707 CONFIRM |
google -- android | A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35467458. | 2017-07-06 | not yet calculated | CVE-2017-0698 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882. | 2017-07-06 | not yet calculated | CVE-2017-0703 CONFIRM |
google -- android | A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442. | 2017-07-06 | not yet calculated | CVE-2017-0702 CONFIRM |
google -- android | A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36385715. | 2017-07-06 | not yet calculated | CVE-2017-0701 CONFIRM |
google -- android | A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138. | 2017-07-06 | not yet calculated | CVE-2017-0700 CONFIRM |
google -- android | A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013. | 2017-07-06 | not yet calculated | CVE-2017-0697 CONFIRM |
google -- android | An elevation of privilege vulnerability in the NVIDIA Libnvparser component due to a memcpy into a fixed sized buffer with a user-controlled size could lead to a memory corruption and possible remote code execution. This issue is rated as High. Product: Android. Version: N/A. Android ID: A-33968204. References: N-CVE-2017-0340. | 2017-07-07 | not yet calculated | CVE-2017-0340 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-34973477. References: B-RB#119898. | 2017-07-06 | not yet calculated | CVE-2017-0705 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227. | 2017-07-06 | not yet calculated | CVE-2017-0675 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074. | 2017-07-06 | not yet calculated | CVE-2017-0677 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431. | 2017-07-06 | not yet calculated | CVE-2017-0676 CONFIRM |
google -- android | An information disclosure vulnerability in the NVIDIA Video Driver due to an out-of-bounds read function in the Tegra Display Controller driver could result in possible information disclosure. This issue is rated as Moderate. Product: Android. Version: N/A. Android ID: A-33718700. References: N-CVE-2017-0326. | 2017-07-07 | not yet calculated | CVE-2017-0326 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163. | 2017-07-06 | not yet calculated | CVE-2017-0674 CONFIRM |
google -- android | A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762. | 2017-07-06 | not yet calculated | CVE-2017-0671 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-33059280. | 2017-07-06 | not yet calculated | CVE-2017-0704 CONFIRM |
google -- android | A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879. | 2017-07-06 | not yet calculated | CVE-2017-0708 CONFIRM |
google -- android | A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623. | 2017-07-06 | not yet calculated | CVE-2017-0673 CONFIRM |
google -- android | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532. | 2017-07-06 | not yet calculated | CVE-2017-0706 CONFIRM |
google -- android | A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578. | 2017-07-06 | not yet calculated | CVE-2017-0672 CONFIRM |
graphicsmagick -- graphicsmagick | The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structrure. | 2017-07-07 | not yet calculated | CVE-2017-11102 CONFIRM CONFIRM |
i-o_data_device -- multiple_products | Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2223 MISC JVN |
ibm -- jazz_foundation | IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528. | 2017-07-05 | not yet calculated | CVE-2016-9700 CONFIRM MISC |
ibm -- jazz_foundation | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120553. | 2017-07-05 | not yet calculated | CVE-2016-9987 CONFIRM BID MISC |
ibm -- jazz_foundation | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120554. | 2017-07-05 | not yet calculated | CVE-2016-9988 CONFIRM BID MISC |
ibm -- jazz_foundation | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120552. | 2017-07-05 | not yet calculated | CVE-2016-9986 CONFIRM BID MISC |
ibm -- jazz_foundation | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120555. | 2017-07-05 | not yet calculated | CVE-2016-9989 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409 | 2017-07-05 | not yet calculated | CVE-2016-0238 CONFIRM BID MISC |
ibm -- team_concert | IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119762. | 2017-07-05 | not yet calculated | CVE-2016-9733 CONFIRM BID MISC |
ibm -- team_concert | IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119821. | 2017-07-05 | not yet calculated | CVE-2016-9746 CONFIRM BID MISC |
ibm -- team_concert | IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119529. | 2017-07-05 | not yet calculated | CVE-2016-9701 CONFIRM BID MISC |
ibm -- jazz_reporting_service | IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656. | 2017-07-05 | not yet calculated | CVE-2017-1096 CONFIRM BID MISC |
ibm -- jazz_reporting_service | IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788. | 2017-07-05 | not yet calculated | CVE-2017-1157 CONFIRM BID MISC |
ibm -- maximo_asset_management | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. IBM X-Force ID: 123299. | 2017-07-05 | not yet calculated | CVE-2017-1176 CONFIRM BID MISC |
ibm -- maximo_asset_management | IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123778. | 2017-07-05 | not yet calculated | CVE-2017-1208 CONFIRM BID MISC |
ibm -- rational_team_concert | IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121151. | 2017-07-05 | not yet calculated | CVE-2017-1113 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 124633. | 2017-07-05 | not yet calculated | CVE-2017-1253 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 124634. | 2017-07-05 | not yet calculated | CVE-2017-1254 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124678 | 2017-07-05 | not yet calculated | CVE-2017-1256 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0 does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. IBM X-Force ID: 124739. | 2017-07-05 | not yet calculated | CVE-2017-1264 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744 | 2017-07-05 | not yet calculated | CVE-2017-1269 CONFIRM BID MISC |
ibm -- security_guardium | IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685 | 2017-07-05 | not yet calculated | CVE-2017-1258 CONFIRM BID MISC |
ibm -- websphere_message_broker | IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123777. | 2017-07-05 | not yet calculated | CVE-2017-1207 CONFIRM BID MISC |
ibm -- websphere_message_broker | IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. | 2017-07-05 | not yet calculated | CVE-2017-1144 CONFIRM BID MISC |
ibm -- websphere_mq | IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. IBM X-Force ID: 124354 | 2017-07-06 | not yet calculated | CVE-2017-1236 CONFIRM MISC |
ibm -- websphere_portal | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123857 | 2017-07-05 | not yet calculated | CVE-2017-1217 CONFIRM BID SECTRACK MISC |
ibm --maximo_asset_management | IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123297. | 2017-07-05 | not yet calculated | CVE-2017-1175 CONFIRM BID MISC |
imagemagick -- imagemagick | The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | 2017-07-07 | not yet calculated | CVE-2017-10995 CONFIRM |
imagemagick -- imagemagick | In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | 2017-07-05 | not yet calculated | CVE-2017-10928 CONFIRM |
information-technology_promotion_agency_japan -- icodechecker | Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2194 JVN MISC |
information-technology_promotion_agency_japan -- installer_of_casl_ii_simulator | Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2220 JVN MISC |
internet_security_association_and_key_management_ protocol -- internet_security_association_and_key_management_ protocol | The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place. | 2017-07-05 | not yet calculated | CVE-2016-10396 CONFIRM CONFIRM CONFIRM |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c998." | 2017-07-05 | not yet calculated | CVE-2017-9877 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121." | 2017-07-05 | not yet calculated | CVE-2017-10729 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResGetMappingSize+0x00000000000003cc." | 2017-07-05 | not yet calculated | CVE-2017-9921 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpCompareResourceNames_U+0x0000000000000062." | 2017-07-05 | not yet calculated | CVE-2017-9922 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS plugin 4.50 allows attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "Read Access Violation on Block Data Move starting at ntdll_77df0000!memcpy+0x0000000000000033." | 2017-07-05 | not yet calculated | CVE-2017-9915 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393." | 2017-07-05 | not yet calculated | CVE-2017-9892 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlFreeHandle+0x00000000000001b6." | 2017-07-05 | not yet calculated | CVE-2017-9916 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." | 2017-07-05 | not yet calculated | CVE-2017-9920 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!RtlFreeHandle+0x0000000000000218." | 2017-07-05 | not yet calculated | CVE-2017-9917 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000087." | 2017-07-05 | not yet calculated | CVE-2017-9919 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80." | 2017-07-05 | not yet calculated | CVE-2017-10731 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceTypesInternal+0x0000000000000589." | 2017-07-05 | not yet calculated | CVE-2017-9923 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96." | 2017-07-05 | not yet calculated | CVE-2017-10730 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca." | 2017-07-05 | not yet calculated | CVE-2017-10735 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x000000000000176c." | 2017-07-05 | not yet calculated | CVE-2017-9531 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x0000000000001555." | 2017-07-05 | not yet calculated | CVE-2017-9532 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53." | 2017-07-05 | not yet calculated | CVE-2017-9528 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000150." | 2017-07-05 | not yet calculated | CVE-2017-9530 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53." | 2017-07-05 | not yet calculated | CVE-2017-9535 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b." | 2017-07-05 | not yet calculated | CVE-2017-9533 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426." | 2017-07-05 | not yet calculated | CVE-2017-9534 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2." | 2017-07-05 | not yet calculated | CVE-2017-9873 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Block Data Move starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b84f." | 2017-07-05 | not yet calculated | CVE-2017-9882 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429." | 2017-07-05 | not yet calculated | CVE-2017-10732 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!QueryOptionalDelayLoadedAPI+0x0000000000000c42." | 2017-07-05 | not yet calculated | CVE-2017-9918 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053." | 2017-07-05 | not yet calculated | CVE-2017-9891 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007216." | 2017-07-05 | not yet calculated | CVE-2017-9883 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f." | 2017-07-05 | not yet calculated | CVE-2017-9886 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d." | 2017-07-05 | not yet calculated | CVE-2017-9887 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714." | 2017-07-05 | not yet calculated | CVE-2017-9889 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6." | 2017-07-05 | not yet calculated | CVE-2017-9884 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000006a98." | 2017-07-05 | not yet calculated | CVE-2017-9885 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file. | 2017-07-05 | not yet calculated | CVE-2017-8369 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721. | 2017-07-05 | not yet calculated | CVE-2017-8370 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014eb." | 2017-07-05 | not yet calculated | CVE-2017-9536 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-10734 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000031a0." | 2017-07-05 | not yet calculated | CVE-2017-9888 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue. | 2017-07-05 | not yet calculated | CVE-2017-8766 MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls subsequent Write Address starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a525." | 2017-07-05 | not yet calculated | CVE-2017-9879 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at FPX+0x000000000000153a." | 2017-07-05 | not yet calculated | CVE-2017-9890 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031." | 2017-07-05 | not yet calculated | CVE-2017-10733 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c99a." | 2017-07-05 | not yet calculated | CVE-2017-9878 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007236." | 2017-07-05 | not yet calculated | CVE-2017-9880 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995." | 2017-07-05 | not yet calculated | CVE-2017-9876 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb." | 2017-07-05 | not yet calculated | CVE-2017-9875 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014e7." | 2017-07-05 | not yet calculated | CVE-2017-9881 CONFIRM MISC |
irfanview -- irfanview | IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822." | 2017-07-05 | not yet calculated | CVE-2017-9874 CONFIRM MISC |
irfanview -- irfanview | IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae." | 2017-07-05 | not yet calculated | CVE-2017-10925 MISC |
irfanview -- irfanview | IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-10926 MISC |
irfanview -- irfanview | IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529." | 2017-07-05 | not yet calculated | CVE-2017-10924 MISC |
irssi -- irssi | An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | 2017-07-07 | not yet calculated | CVE-2017-10965 CONFIRM CONFIRM |
irssi -- irssi | An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table. | 2017-07-07 | not yet calculated | CVE-2017-10966 CONFIRM CONFIRM |
jabberd -- jabberd | JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled. | 2017-07-04 | not yet calculated | CVE-2017-10807 CONFIRM CONFIRM CONFIRM |
jython -- jython | Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object. | 2017-07-06 | not yet calculated | CVE-2016-4000 CONFIRM DEBIAN CONFIRM CONFIRM CONFIRM MISC MISC |
kddi -- home_spot_cube2 | HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings. | 2017-07-07 | not yet calculated | CVE-2017-2183 JVN CONFIRM |
kddi -- home_spot_cube2 | HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI. | 2017-07-07 | not yet calculated | CVE-2017-2186 JVN CONFIRM |
kddi -- home_spot_cube2 | HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. | 2017-07-07 | not yet calculated | CVE-2017-2185 JVN CONFIRM |
kddi -- home_spot_cube2 | Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI. | 2017-07-07 | not yet calculated | CVE-2017-2184 JVN CONFIRM |
knot-dns -- knot-dns | Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check. | 2017-07-08 | not yet calculated | CVE-2017-11104 MISC MISC MISC |
linux -- linux_kernel | The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system. | 2017-07-02 | not yet calculated | CVE-2017-8797 MISC MISC MISC MISC BID SECTRACK MISC MISC MISC |
linux -- linux_kernel | Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. | 2017-07-04 | not yet calculated | CVE-2017-10810 CONFIRM BID CONFIRM CONFIRM |
linux -- linux_kernel | The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216. | 2017-07-04 | not yet calculated | CVE-2017-10911 CONFIRM CONFIRM BID CONFIRM CONFIRM |
lutim -- lutim | Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in an upload notification and in the myfiles component, if the attacker can convince the victim to proceed with an upload despite the appearance of an XSS payload in the filename. | 2017-07-06 | not yet calculated | CVE-2017-10975 MISC |
ministry_of_agriculture_forestry_and_fisheries -- denshinouhin_check_system | Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2188 MISC JVN |
ministry_of_education_culture_sports_science_and_technology -- ebidsettingchecker.exe | Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2225 JVN MISC |
ministry_of_justice -- installer_of_pdf_digital_signature_plugin | Untrusted search path vulnerability in Installer of PDF Digital Signature Plugin (G2.30) and earlier, distributed till June 29, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2233 JVN |
ministry_of_justice -- installer_of_shinseiyo_sogo_soft | Untrusted search path vulnerability in Installer of Shinseiyo Sogo Soft (4.8A) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2232 JVN |
ministry_of_land_infrastructure_transport_and_tourism,_japan -- mlit_denshiseikabutsusakuseishienkensa | Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2231 JVN MISC MISC |
national_institute_for_land_and_infrastructure_management -- douro_kouji_kanseizutou_check | Untrusted search path vulnerability in Douro Kouji Kanseizutou Check Program Ver3.1 (cdrw_checker_3.1.0.lzh) and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2230 JVN MISC MISC |
national_institute_for_land_and_infrastructure_management -- douroshisetu_data_sakusei_system | Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei System Ver1.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2229 JVN MISC MISC |
national_tax_agency -- setup_file_of_advance_preparation | Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2215 MISC JVN MISC |
national_tax_agency -- installer_of_setup_file_of_advance_preparation_for_e-tax_software | Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB version) (1.17.1) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2017-07-07 | not yet calculated | CVE-2017-2226 JVN |
ncurses -- ncurses | In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data. | 2017-07-08 | not yet calculated | CVE-2017-11113 MISC |
ncurses -- ncurses | In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data. | 2017-07-08 | not yet calculated | CVE-2017-11112 MISC |
netwide_assembler -- netwide_assembler | In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 2017-07-08 | not yet calculated | CVE-2017-11111 MISC |
newport -- xps-cx_and_xps-qx | An Improper Authentication issue was discovered in Newport XPS-Cx and XPS-Qx. An attacker may bypass authentication by accessing a specific uniform resource locator (URL). | 2017-07-03 | not yet calculated | CVE-2017-7919 BID MISC |
nitro_pro -- nitro_pro | Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file. | 2017-07-07 | not yet calculated | CVE-2017-7950 CONFIRM |
notepad-plus-plus -- notepad++ | Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands. | 2017-07-05 | not yet calculated | CVE-2017-8803 MISC |
nvidia -- nvidia_sound_driver | An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process in the kernel. Product: Android. Versions: N/A. Android ID: A-34386301. References: N-CVE-2017-6247. | 2017-07-06 | not yet calculated | CVE-2017-6247 BID SECTRACK CONFIRM |
nvidia -- nvidia_sound_driver | An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34372667. References: N-CVE-2017-6248. | 2017-07-06 | not yet calculated | CVE-2017-6248 BID SECTRACK CONFIRM |
odoo -- odoo | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used. | 2017-07-04 | not yet calculated | CVE-2017-10803 CONFIRM |
odoo -- odoo | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users. | 2017-07-04 | not yet calculated | CVE-2017-10805 CONFIRM |
odoo -- odoo | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before 2.6.3 is used. | 2017-07-04 | not yet calculated | CVE-2017-10804 CONFIRM CONFIRM CONFIRM |
phpldapadmin -- phpldapadmin | phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter. | 2017-07-08 | not yet calculated | CVE-2017-11107 MISC MISC |
puppet -- puppet_enterprise | Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen anymore. | 2017-07-05 | not yet calculated | CVE-2017-2294 CONFIRM |
puppet -- puppet | Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML. | 2017-07-05 | not yet calculated | CVE-2017-2295 BID CONFIRM |
quick_emulator -- quick_emulator | The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. | 2017-07-06 | not yet calculated | CVE-2017-9524 MLIST MLIST MLIST |
radare2 -- radare2 | The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02. | 2017-07-05 | not yet calculated | CVE-2017-10929 CONFIRM CONFIRM |
red_hat -- rh-3scale_api_management_platform | Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512 maps to an OpenVPN vulnerability. The proper CVE ID for that OpenVPN vulnerability is CVE-2017-7521. Specifically, CVE-2017-7521 is the correct CVE ID for TWO closely related findings in OpenVPN. Any source that lists BOTH CVE-2017-7512 and CVE-2017-7521 for OpenVPN should have listed ONLY CVE-2017-7521. | 2017-07-07 | not yet calculated | CVE-2017-7512 CONFIRM CONFIRM |
schneider electric -- wonderware archestra logger | A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable). | 2017-07-07 | not yet calculated | CVE-2017-9631 MISC MISC |
schneider electric -- wonderware archestra logger | An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. | 2017-07-07 | not yet calculated | CVE-2017-9627 MISC MISC |
schneider electric -- wonderware archestra logger | A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context of a highly privileged account. | 2017-07-07 | not yet calculated | CVE-2017-9629 MISC MISC |
siemens -- simatic_cp_44x-1_rna | An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA's CPU. | 2017-07-07 | not yet calculated | CVE-2017-6868 MISC |
sqlite -- sqlite | The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | 2017-07-07 | not yet calculated | CVE-2017-10989 MISC MISC MISC MISC MISC |
stdutility -- stdu_viewer | STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands. | 2017-07-05 | not yet calculated | CVE-2017-8387 MISC |
sublime_text -- sublime_text | Sublime Text 3 Build 3126 might allow user-assisted attackers to execute code via a crafted .mkv file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands, as demonstrated by Ctrl-A, Delete, and Ctrl-Z. | 2017-07-05 | not yet calculated | CVE-2017-8368 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c. | 2017-07-07 | not yet calculated | CVE-2017-11096 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in lib/q.c. | 2017-07-07 | not yet calculated | CVE-2017-11097 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. | 2017-07-07 | not yet calculated | CVE-2017-11101 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to a Segmentation Violation in the png_load() function in lib/png.c. | 2017-07-07 | not yet calculated | CVE-2017-11098 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wav_convert2mono() function in lib/wav.c. | 2017-07-07 | not yet calculated | CVE-2017-11099 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c. | 2017-07-06 | not yet calculated | CVE-2017-10976 MISC |
swftools -- swftools | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b5fe." | 2017-07-05 | not yet calculated | CVE-2017-9927 MISC |
swftools -- swftools | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image00000000_00400000+0x000000000001b596." | 2017-07-05 | not yet calculated | CVE-2017-9926 MISC |
swftools -- swftools | When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. | 2017-07-07 | not yet calculated | CVE-2017-11100 MISC |
swftools -- swftools | SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malformed TTF file that is mishandled by font2swf. Attackers could exploit this issue for DoS (Access Violation). | 2017-07-05 | not yet calculated | CVE-2017-8420 MISC |
swftools -- swftools | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-9925 MISC |
swftools -- swftools | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at image00000000_00400000+0x000000000001b72a." | 2017-07-05 | not yet calculated | CVE-2017-9924 MISC |
systemd -- systemd | systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended. | 2017-07-07 | not yet calculated | CVE-2017-1000082 MLIST CONFIRM |
tcpdump -- tcpdump | tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. | 2017-07-08 | not yet calculated | CVE-2017-11108 MISC |
teamspeak -- teamspeak_server | A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. | 2017-07-06 | not yet calculated | CVE-2017-8290 MISC |
telerik -- telerik.web.ui.dll | Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise. | 2017-07-03 | not yet calculated | CVE-2017-9248 CONFIRM CONFIRM |
teltonika -- rut9xx_routers | The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request. | 2017-07-03 | not yet calculated | CVE-2017-8116 MISC MISC MISC |
topdesk -- topdesk | There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before 7.03.019. | 2017-07-04 | not yet calculated | CVE-2017-7276 CONFIRM |
tor_project -- tor | Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families. | 2017-07-02 | not yet calculated | CVE-2017-0377 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
toshiba -- home_gateway_hem-gw16a_and_hem_gw26a_firmware | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges. | 2017-07-07 | not yet calculated | CVE-2017-2236 JVN |
toshiba -- home_gateway_hem-gw16a_and_hem_gw26a_firmware | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2237 JVN |
toshiba -- home_gateway_hem-gw16a_and_hem_gw26a_firmware | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2235 JVN |
toshiba -- home_gateway_hem-gw16a_and_hem_gw26a_firmware | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges. | 2017-07-07 | not yet calculated | CVE-2017-2234 JVN |
toshiba -- home_gateway_hem-gw16a_and_hem_gw26a_firmware | Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2238 JVN |
tp-link -- nc250 | On TP-Link NC250 devices with firmware through 1.2.1 build 170515, anyone can view video and audio without authentication via an rtsp://admin@yourip:554/h264_hd.sdp URL. | 2017-07-02 | not yet calculated | CVE-2017-10796 MISC |
vim -- vim | Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance. | 2017-07-08 | not yet calculated | CVE-2017-11109 MISC |
vladimir_anokhin -- shortcodes_ultimate | Directory traversal vulnerability in Shortcodes Ultimate prior to version 4.10.0 allows remote attackers to read arbitrary files via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2245 JVN CONFIRM CONFIRM |
w3_eden -- wordpress_download_manager | Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2216 JVN CONFIRM CONFIRM |
w3_eden -- wordpress_download_manager | Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2217 JVN CONFIRM CONFIRM |
web-dorado -- event_calendar_wd | Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2222 JVN CONFIRM CONFIRM |
web-dorado -- event_calendar_wd | Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2017-07-07 | not yet calculated | CVE-2017-2224 JVN CONFIRM CONFIRM |
webmin -- webmin | Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to view_man.cgi, the referers parameter to change_referers.cgi, or the name parameter to save_user.cgi. NOTE: these issues were not fixed in 1.840. | 2017-07-03 | not yet calculated | CVE-2017-9313 MISC BID SECTRACK MISC MISC MISC |
winamp -- winamp | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address may be used as a return value starting at f263!GetWinamp5SystemComponent+0x0000000000001951." | 2017-07-05 | not yet calculated | CVE-2017-10726 MISC |
winamp -- winamp | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-10728 MISC |
winamp -- winamp | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Branch Selection starting at in_mp3!DeleteAudioDecoder+0x000000000000762f." | 2017-07-05 | not yet calculated | CVE-2017-10727 MISC |
windjview -- windjview | WinDjView 2.1 might allow user-assisted attackers to execute code via a crafted .djvu file, because of a "User Mode Write AV near NULL" in WinDjView.exe. One threat model is a victim who obtains an untrusted .djvu file from a remote location and issues several "zoom in" (e.g., Ctrl + Plus) commands. | 2017-07-05 | not yet calculated | CVE-2017-7894 MISC |
wordpress -- wordpress | The WP Statistics plugin through 12.0.9 for WordPress has XSS in the rangestart and rangeend parameters on the wps_referrers_page page. | 2017-07-07 | not yet calculated | CVE-2017-10991 MISC |
x.org -- x_server | In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. | 2017-07-06 | not yet calculated | CVE-2017-10971 MISC MISC MISC MISC |
x.org -- x_server | Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server. | 2017-07-06 | not yet calculated | CVE-2017-10972 MISC MISC |
xen -- xen | The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. | 2017-07-04 | not yet calculated | CVE-2017-10915 BID CONFIRM |
xen -- xen | The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2. | 2017-07-04 | not yet calculated | CVE-2017-10914 BID CONFIRM |
xen -- xen | The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1. | 2017-07-04 | not yet calculated | CVE-2017-10913 BID CONFIRM |
xen -- xen | The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2. | 2017-07-04 | not yet calculated | CVE-2017-10921 CONFIRM |
xen -- xen | The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1. | 2017-07-04 | not yet calculated | CVE-2017-10920 CONFIRM |
xen -- xen | Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. | 2017-07-04 | not yet calculated | CVE-2017-10923 BID CONFIRM |
xen -- xen | The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220. | 2017-07-04 | not yet calculated | CVE-2017-10916 CONFIRM |
xen -- xen | The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. | 2017-07-04 | not yet calculated | CVE-2017-10922 CONFIRM |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f." | 2017-07-05 | not yet calculated | CVE-2017-10752 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByMapping+0x0000000000000046." | 2017-07-05 | not yet calculated | CVE-2017-10753 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue. | 2017-07-05 | not yet calculated | CVE-2017-8781 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe. | 2017-07-05 | not yet calculated | CVE-2017-8381 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393." | 2017-07-05 | not yet calculated | CVE-2017-10783 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByName+0x00000000000000a5." | 2017-07-05 | not yet calculated | CVE-2017-10781 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca." | 2017-07-05 | not yet calculated | CVE-2017-10782 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000372b4a." | 2017-07-05 | not yet calculated | CVE-2017-10780 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000013a20." | 2017-07-05 | not yet calculated | CVE-2017-10779 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (without RPC initialization). | 2017-07-05 | not yet calculated | CVE-2017-10769 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at MSCTF!_CtfImeCreateThreadMgr+0x00000000000000a8." | 2017-07-05 | not yet calculated | CVE-2017-10773 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCreateSplitBlock+0x000000000000053a." | 2017-07-05 | not yet calculated | CVE-2017-10770 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at ntdll_77df0000!LdrShutdownProcess+0x0000000000000130." | 2017-07-05 | not yet calculated | CVE-2017-10776 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb." | 2017-07-05 | not yet calculated | CVE-2017-10775 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (with RPC initialization). | 2017-07-05 | not yet calculated | CVE-2017-10772 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000022bf8d." | 2017-07-05 | not yet calculated | CVE-2017-10748 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000372b24." | 2017-07-05 | not yet calculated | CVE-2017-10777 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCreateSplitBlock+0x0000000000000510." | 2017-07-05 | not yet calculated | CVE-2017-10771 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000233125." | 2017-07-05 | not yet calculated | CVE-2017-10778 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-10749 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByHandle+0x0000000000000031." | 2017-07-05 | not yet calculated | CVE-2017-10763 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAnalyse+0x00000000000001c8." | 2017-07-05 | not yet calculated | CVE-2017-10766 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at IMM32!ImmLockImeDpi+0x0000000000000050." | 2017-07-05 | not yet calculated | CVE-2017-10765 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at COMCTL32!Tab_OnGetItem+0x000000000000002f." | 2017-07-05 | not yet calculated | CVE-2017-10764 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x000000000000042f." | 2017-07-05 | not yet calculated | CVE-2017-10762 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429." | 2017-07-05 | not yet calculated | CVE-2017-10761 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at COMCTL32!SetStatusText+0x0000000000000029." | 2017-07-05 | not yet calculated | CVE-2017-10760 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInsertDependencyRecord+0x0000000000000039." | 2017-07-05 | not yet calculated | CVE-2017-10759 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6." | 2017-07-05 | not yet calculated | CVE-2017-10757 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031." | 2017-07-05 | not yet calculated | CVE-2017-10754 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca." | 2017-07-05 | not yet calculated | CVE-2017-10768 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpRemoveUCRBlock+0x0000000000000046." | 2017-07-05 | not yet calculated | CVE-2017-10756 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!GenericEngineGetGlyphs+0x0000000000000133." | 2017-07-05 | not yet calculated | CVE-2017-10751 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd." | 2017-07-05 | not yet calculated | CVE-2017-9529 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000004b4." | 2017-07-05 | not yet calculated | CVE-2017-10758 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012." | 2017-07-05 | not yet calculated | CVE-2017-10750 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInitializeThread+0x000000000000010b." | 2017-07-05 | not yet calculated | CVE-2017-10755 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .bie file, related to a "Read Access Violation on Block Data Move starting at Xjbig+0x000000000000121b." | 2017-07-05 | not yet calculated | CVE-2017-9914 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at Xfpx!gffGetFormatInfo+0x00000000000228e8." | 2017-07-05 | not yet calculated | CVE-2017-9905 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012." | 2017-07-05 | not yet calculated | CVE-2017-10746 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0." | 2017-07-05 | not yet calculated | CVE-2017-10745 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx!gffGetFormatInfo+0x0000000000029272." | 2017-07-05 | not yet calculated | CVE-2017-9894 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at Xfpx!gffGetFormatInfo+0x0000000000013e8a." | 2017-07-05 | not yet calculated | CVE-2017-9896 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!StateObjectListFind+0x0000000000000005." | 2017-07-05 | not yet calculated | CVE-2017-10767 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at Xfpx!gffGetFormatInfo+0x0000000000020e95." | 2017-07-05 | not yet calculated | CVE-2017-9895 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032." | 2017-07-05 | not yet calculated | CVE-2017-10744 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx!gffGetFormatInfo+0x0000000000012548." | 2017-07-05 | not yet calculated | CVE-2017-9893 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f." | 2017-07-05 | not yet calculated | CVE-2017-9904 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x000000000002e388." | 2017-07-05 | not yet calculated | CVE-2017-9899 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x000000000002e385." | 2017-07-05 | not yet calculated | CVE-2017-9900 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004cbb." | 2017-07-05 | not yet calculated | CVE-2017-9898 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx+0x00000000000117ff." | 2017-07-05 | not yet calculated | CVE-2017-9903 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls subsequent Write Address starting at Xfpx!gffGetFormatInfo+0x000000000002bfd5." | 2017-07-05 | not yet calculated | CVE-2017-9901 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x0000000000020e91." | 2017-07-05 | not yet calculated | CVE-2017-9902 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at Xfpx+0x0000000000010e81." | 2017-07-05 | not yet calculated | CVE-2017-9911 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x000000000000dcab." | 2017-07-05 | not yet calculated | CVE-2017-9897 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Possible Stack Corruption starting at Xfpx!gffGetFormatInfo+0x0000000000022e1f." | 2017-07-05 | not yet calculated | CVE-2017-9907 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at Xfpx+0x000000000000d6da." | 2017-07-05 | not yet calculated | CVE-2017-9908 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." | 2017-07-05 | not yet calculated | CVE-2017-10739 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to an "Error Code (0xc000041d) starting at wow64!Wow64NotifyDebugger+0x000000000000001d." | 2017-07-05 | not yet calculated | CVE-2017-9910 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393." | 2017-07-05 | not yet calculated | CVE-2017-9912 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at Xfpx!gffGetFormatInfo+0x0000000000028508." | 2017-07-05 | not yet calculated | CVE-2017-9906 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!TpAllocCleanupGroup+0x00000000000003d7." | 2017-07-05 | not yet calculated | CVE-2017-9913 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b." | 2017-07-05 | not yet calculated | CVE-2017-10743 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlAddAccessAllowedAce+0x000000000000027a." | 2017-07-05 | not yet calculated | CVE-2017-9909 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x00000000380a0500 called from ntdll_77df0000!LdrxCallInitRoutine+0x0000000000000016." | 2017-07-05 | not yet calculated | CVE-2017-10742 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlRbInsertNodeEx+0x000000000000002d." | 2017-07-05 | not yet calculated | CVE-2017-10740 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KERNELBASE!CompareStringW+0x0000000000000082." | 2017-07-05 | not yet calculated | CVE-2017-10738 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121." | 2017-07-05 | not yet calculated | CVE-2017-10741 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a." | 2017-07-05 | not yet calculated | CVE-2017-10736 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000037a8aa." | 2017-07-05 | not yet calculated | CVE-2017-10747 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6." | 2017-07-05 | not yet calculated | CVE-2017-10737 MISC |
xnview -- xnview | XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mov file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe. | 2017-07-05 | not yet calculated | CVE-2017-8282 MISC |
yaws -- yaws | Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. | 2017-07-07 | not yet calculated | CVE-2017-10974 MISC EXPLOIT-DB |
yuki_hattori -- marp | Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript. | 2017-07-07 | not yet calculated | CVE-2017-2239 JVN |
gnu_pspp -- gnu_pspp
| There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP 0.10.5-pre2. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. | 2017-07-01 | not yet calculated | CVE-2017-10792 BID MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.