Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Vulnerability Summary for the Week of July 3, 2017 The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
cisco -- elastic_services_controller
A vulnerability in certain
commands of Cisco Elastic
Services Controller could
allow an authenticated,
remote attacker to elevate
privileges to root and run
dangerous commands on
the server. The
vulnerability occurs
because a "tomcat" user on
the system can run certain
shell commands, allowing
the user to overwrite any
file on the filesystem and
elevate privileges to root.
This vulnerability affects
Cisco Elastic Services
Controller prior to releases
2.3.1.434 and 2.3.2. Cisco
Bug IDs: CSCvc76634.
2017-07-
05 9.0
CVE-2017-6712
BID(link is
external)
CONFIRM(link
is external)
cisco -- elastic_services_controller
A vulnerability in the Play
Framework of Cisco Elastic
Services Controller (ESC)
could allow an
unauthenticated, remote
attacker to gain full access
to the affected system. The
vulnerability is due to
static, default credentials
for the Cisco ESC UI that
2017-07-
05 10.0
CVE-2017-6713
BID(link is
external)
CONFIRM(link
is external)
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
are shared between
installations. An attacker
who can extract the static
credentials from an existing
installation of Cisco ESC
could generate an admin
session token that allows
access to all instances of
the ESC web UI. This
vulnerability affects Cisco
Elastic Services Controller
prior to releases 2.3.1.434
and 2.3.2. Cisco Bug IDs:
CSCvc76627.
cisco -- ios_xr
A vulnerability in the CLI
of Cisco IOS XR Software
could allow an
authenticated, local attacker
to elevate privileges to the
root level. More
Information: CSCvb99384.
Known Affected Releases:
6.2.1.BASE. Known Fixed
Releases: 6.2.11.3i.ROUT
6.2.1.29i.ROUT
6.2.1.26i.ROUT.
2017-07-
03 7.2
CVE-2017-6718
BID(link is
external)
SECTRACK(link
is external)
CONFIRM(link
is external)
cisco -- ios_xr
A vulnerability in the CLI
of Cisco IOS XR Software
could allow an
authenticated, local attacker
to execute arbitrary
commands on the host
operating system with root
privileges, aka Command
Injection. More
Information: CSCvb99406.
Known Affected Releases:
6.2.1.BASE. Known Fixed
Releases: 6.2.1.28i.BASE
6.2.1.22i.BASE
6.1.32.8i.BASE
6.1.31.3i.BASE
6.1.3.10i.BASE.
2017-07-
03 7.2
CVE-2017-6719
BID(link is
external)
SECTRACK(link
is external)
CONFIRM(link
is external)
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
cisco -- staros
A vulnerability in the CLI
command-parsing code of
the Cisco StarOS operating
system for Cisco ASR 5000
Series 11.0 through 21.0,
5500 Series, and 5700
Series devices and Cisco
Virtualized Packet Core
(VPC) Software could
allow an authenticated,
local attacker to break from
the StarOS CLI of an
affected system and execute
arbitrary shell commands as
a Linux root user on the
system, aka Command
Injection. The vulnerability
exists because the affected
operating system does not
sufficiently sanitize
commands before inserting
them into Linux shell
commands. An attacker
could exploit this
vulnerability by submitting
a crafted CLI command for
execution in a Linux shell
command as a root user.
Cisco Bug IDs:
CSCvc69329,
CSCvc72930.
2017-07-
05 7.2
CVE-2017-6707
BID(link is
external)
SECTRACK(link
is external)
CONFIRM(link
is external)
cisco -- ultra_services_framework
A vulnerability in the
symbolic link (symlink)
creation functionality of the
AutoVNF tool for the Cisco
Ultra Services Framework
could allow an
unauthenticated, remote
attacker to read sensitive
files or execute malicious
code on an affected system.
The vulnerability is due to
the absence of validation
checks for the input that is
2017-07-
05 7.5
CVE-2017-6708
CONFIRM(link
is external)
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
used to create symbolic
links. This vulnerability
affects all releases of the
Cisco Ultra Services
Framework prior to
Releases 5.0.3 and 5.1.
Cisco Bug IDs:
CSCvc76654.
cisco --
ultra_services_framework_staging_server
A vulnerability in the
AutoIT service of Cisco
Ultra Services Framework
Staging Server could allow
an unauthenticated, remote
attacker to execute arbitrary
shell commands as the
Linux root user. The
vulnerability is due to
improper shell invocations.
An attacker could exploit
this vulnerability by
crafting CLI command
inputs to execute Linux
shell commands as the root
user. This vulnerability
affects all releases of Cisco
Ultra Services Framework
Staging Server prior to
Releases 5.0.3 and 5.1.
Cisco Bug IDs:
CSCvc76673.
2017-07-
05 10.0
CVE-2017-6714
BID(link is
external)
CONFIRM(link
is external)
google -- android
The lockscreen on
Elephone P9000 devices
(running Android 6.0)
allows physically proximate
attackers to bypass a
wrong-PIN lockout feature
by pressing backspace after
each PIN guess.
2017-06-
30 7.2
CVE-2017-10709
MISC(link is
external)
MISC(link is
external)
MISC(link is
external)
MISC(link is
external)
MISC(link is
external)
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
humaxdigital -- hg100r_firmware
An issue was discovered on
Humax Digital HG100R
2.0.6 devices. To download
the backup file it's not
necessary to use
credentials, and the router
credentials are stored in
plaintext inside the backup,
aka GatewaySettings.bin.
2017-07-
03 10.0
CVE-2017-7315
MISC
humaxdigital -- hg100r_firmware
An issue was discovered on
Humax Digital HG100
2.0.6 devices. The attacker
can find the root credentials
in the backup file, aka
GatewaySettings.bin.
2017-07-
03 10.0
CVE-2017-7317
MISC
puppet -- mcollective
Versions of MCollective
prior to 2.10.4 deserialized
YAML from agents without
calling safe_load, allowing
the potential for arbitrary
code execution on the
server. The fix for this is to
call YAML.safe_load on
input. This has been tested
in all Puppet-supplied
MCollective plugins, but
there is a chance that third-
party plugins could rely on
this insecure behavior.
2017-06-
30 7.5
CVE-2017-2292
CONFIRM(link
is external)
videolan -- vlc_media_player
avcodec 2.2.x, as used in
VideoLAN VLC media
player 2.2.7-x before 2017-
06-29, allows out-of-
bounds heap memory write
due to calling memcpy()
with a wrong size, leading
to a denial of service
(application crash) or
possibly code execution.
2017-06-
30 7.5
CVE-2017-10699
SECTRACK(link
is external)
CONFIRM
xen -- xen
Xen through 4.8.x
mishandles page transfer,
which allows guest OS
2017-07-
04 10.0
CVE-2017-10912
BID(link is
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
users to obtain privileged
host OS access, aka XSA-
217.
external)
CONFIRM
xen -- xen
Xen through 4.8.x does not
validate the port numbers of
polled event channel ports,
which allows guest OS
users to cause a denial of
service (NULL pointer
dereference and host OS
crash) or possibly obtain
sensitive information, aka
XSA-221.
2017-07-
04 9.4
CVE-2017-10917
BID(link is
external)
CONFIRM
xen -- xen
Xen through 4.8.x does not
validate memory
allocations during certain
P2M operations, which
allows guest OS users to
obtain privileged host OS
access, aka XSA-222.
2017-07-
04 10.0
CVE-2017-10918
BID(link is
external)
CONFIRM
xoev -- osci_transport_library
An XML External Entity
(XXE) issue exists in
OSCI-Transport 1.2 as used
in OSCI Transport Library
1.6.1 (Java) and OSCI
Transport Library 1.6
(.NET), exploitable by
sending a crafted standard-
conforming OSCI message
from within the
infrastructure.
2017-06-
30 7.5
CVE-2017-10670
MISC(link is
external)
MISC
Medium Vulnerabilities
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
aeroadmin -- aeroadmin AeroAdmin 4.1 uses a function to copy data
between two pointers where the size of the
2017-
07-02 5.0
CVE-2017-
8893
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
data copied is taken directly from a network
packet. This can cause a buffer overflow and
denial of service.
MISC(link is
external)
aeroadmin -- aeroadmin
AeroAdmin 4.1 uses an insecure protocol
(HTTP) to perform software updates. An
attacker can hijack an update via man-in-the-
middle in order to execute code in the
machine.
2017-
07-02 6.8
CVE-2017-
8894
MISC(link is
external)
antiy -- antivirus_engine
Antiy Antivirus Engine 5.0.0.06281654
allows local users to cause a denial of service
(BSOD) via a long third argument in a
DeviceIoControl call.
2017-
06-30 4.9
CVE-2017-
10674
MISC(link is
external)
bestpractical -- request_tracker
Cross-site scripting (XSS) vulnerability in
Request Tracker (RT) 4.x before 4.0.25, 4.2.x
before 4.2.14, and 4.4.x before 4.4.2, when
the AlwaysDownloadAttachments config
setting is not in use, allows remote attackers
to inject arbitrary web script or HTML via a
file upload with an unspecified content type.
2017-
07-03 4.3
CVE-2016-
6127
DEBIAN
BID(link is
external)
CONFIRM(l
ink is
external)
bestpractical -- request_tracker
Request Tracker (RT) 4.x before 4.0.25, 4.2.x
before 4.2.14, and 4.4.x before 4.4.2 does not
use a constant-time comparison algorithm for
secrets, which makes it easier for remote
attackers to obtain sensitive user password
information via a timing side-channel attack.
2017-
07-03 4.3
CVE-2017-
5361
DEBIAN
DEBIAN
CONFIRM(l
ink is
external)
bestpractical -- request_tracker
Request Tracker (RT) 4.x before 4.0.25, 4.2.x
before 4.2.14, and 4.4.x before 4.4.2 allows
remote attackers to obtain sensitive
information about cross-site request forgery
(CSRF) verification tokens via a crafted URL.
2017-
07-03 6.8
CVE-2017-
5943
DEBIAN
BID(link is
external)
CONFIRM(l
ink is
external)
bestpractical -- request_tracker
The dashboard subscription interface in
Request Tracker (RT) 4.x before 4.0.25, 4.2.x
before 4.2.14, and 4.4.x before 4.4.2 might
allow remote authenticated users with certain
2017-
07-03 6.5
CVE-2017-
5944
DEBIAN
BID(link is
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
privileges to execute arbitrary code via a
crafted saved search name.
external)
CONFIRM(l
ink is
external)
cisco --
evolved_programmable_networ
k_manager
A vulnerability in the web-based management
interface of Cisco Prime Infrastructure (PI)
and Evolved Programmable Network
Manager (EPNM) could allow an
unauthenticated, remote attacker to conduct a
reflected cross-site scripting (XSS) attack
against a user of the web-based management
interface of an affected device. More
Information: CSCvc24616 CSCvc35363
CSCvc49574. Known Affected Releases:
3.1(1) 2.0(4.0.45B).
2017-
07-03 4.3
CVE-2017-
6699
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco --
identity_services_engine
A vulnerability in the web application
interface of the Cisco Identity Services Engine
(ISE) portal could allow an unauthenticated,
remote attacker to conduct a stored cross-site
scripting (XSS) attack against a user of the
web interface of an affected system. More
Information: CSCvd49141. Known Affected
Releases: 2.1(102.101).
2017-
07-03 4.3
CVE-2017-
6701
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco --
prime_collaboration_provisioni
ng
A vulnerability in the web application in the
Cisco Prime Collaboration Provisioning tool
could allow an unauthenticated, remote
attacker to hijack another user's session. More
Information: CSCvc90346. Known Affected
Releases: 12.1.
2017-
07-03 4.0
CVE-2017-
6703
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco --
prime_collaboration_provisioni
ng
A vulnerability in the web application in the
Cisco Prime Collaboration Provisioning tool
could allow an authenticated, remote attacker
to perform arbitrary file downloads that could
allow the attacker to read files from the
2017-
07-03 4.0
CVE-2017-
6704
BID(link is
external)
SECTRACK
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
underlying filesystem. More Information:
CSCvc90335. Known Affected Releases:
12.1.
(link is
external)
CONFIRM(l
ink is
external)
cisco -- prime_infrastructure
A vulnerability in the Cisco Prime
Infrastructure (PI) and Evolved Programmable
Network Manager (EPNM) SQL database
interface could allow an authenticated, remote
attacker to impact the confidentiality and
integrity of the application by executing
arbitrary SQL queries, aka SQL Injection.
More Information: CSCvc23892 CSCvc35270
CSCvc35626 CSCvc35630 CSCvc49568.
Known Affected Releases: 3.1(1)
2.0(4.0.45B).
2017-
07-03 5.5
CVE-2017-
6698
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco -- prime_infrastructure
A vulnerability in the web-based management
interface of Cisco Prime Infrastructure (PI)
and Evolved Programmable Network
Manager (EPNM) could allow an
unauthenticated, remote attacker to conduct a
Document Object Model (DOM) based
(environment or client-side) cross-site
scripting (XSS) attack against a user of the
web-based management interface of an
affected device. More Information:
CSCvc24620 CSCvc49586. Known Affected
Releases: 3.1(1) 2.0(4.0.45B).
2017-
07-03 4.3
CVE-2017-
6700
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco -- prime_infrastructure
A vulnerability in the web framework code of
Cisco Prime Infrastructure could allow an
unauthenticated, remote attacker to conduct a
cross-site scripting (XSS) attack against a user
of the web interface of an affected system.
More Information: CSCuw65843. Known
Affected Releases: 3.1(0.0).
2017-
07-03 4.3
CVE-2017-
6724
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco -- prime_infrastructure A vulnerability in the web framework code of
Cisco Prime Infrastructure could allow an
2017-
07-03 4.3
CVE-2017-
6725
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
unauthenticated, remote attacker to conduct a
cross-site scripting (XSS) attack against a user
of the web interface of an affected system.
More Information: CSCuw65833
CSCuw65837. Known Affected Releases:
2.2(2).
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco -- socialminer
A vulnerability in the web framework of
Cisco SocialMiner could allow an
unauthenticated, remote attacker to conduct a
cross-site scripting (XSS) attack against a user
of the web interface of an affected system.
More Information: CSCve15285. Known
Affected Releases: 11.5(1).
2017-
07-03 4.3
CVE-2017-
6702
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco -- staros
A vulnerability in the IPsec component of
Cisco StarOS for Cisco ASR 5000 Series
Routers could allow an unauthenticated,
remote attacker to terminate all active IPsec
VPN tunnels and prevent new tunnels from
establishing, resulting in a denial of service
(DoS) condition. Affected Products: ASR
5000 Series Routers, Virtualized Packet Core
(VPC) Software. More Information:
CSCvc21129. Known Affected Releases:
21.1.0 21.1.M0.65601 21.1.v0. Known Fixed
Releases: 21.2.A0.65754 21.1.b0.66164
21.1.V0.66014 21.1.R0.65759 21.1.M0.65749
21.1.0.66030 21.1.0.
2017-
07-03 5.0
CVE-2017-
3865
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco --
ultra_services_framework
A vulnerability in the AutoVNF tool for the
Cisco Ultra Services Framework could allow
an unauthenticated, remote attacker to access
administrative credentials for Cisco Elastic
Services Controller (ESC) and Cisco
OpenStack deployments in an affected
system. The vulnerability exists because the
affected software logs administrative
credentials in clear text for Cisco ESC and
2017-
07-05 5.0
CVE-2017-
6709
CONFIRM(l
ink is
external)
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
Cisco OpenStack deployment purposes. An
attacker could exploit this vulnerability by
accessing the AutoVNF URL for the location
where the log files are stored and
subsequently accessing the administrative
credentials that are stored in clear text in those
log files. This vulnerability affects all releases
of the Cisco Ultra Services Framework prior
to Releases 5.0.3 and 5.1. Cisco Bug IDs:
CSCvc76659.
cisco --
ultra_services_framework
A vulnerability in the Ultra Automation
Service (UAS) of the Cisco Ultra Services
Framework could allow an unauthenticated,
remote attacker to gain unauthorized access to
a targeted device. The vulnerability is due to
an insecure default configuration of the
Apache ZooKeeper service used by the
affected software. An attacker could exploit
this vulnerability by accessing the affected
device through the orchestrator network. An
exploit could allow the attacker to gain access
to ZooKeeper data nodes (znodes) and
influence the behavior of the system's high-
availability feature. This vulnerability affects
all releases of Cisco Ultra Services
Framework UAS prior to Releases 5.0.3 and
5.1. Cisco Bug IDs: CSCvd29395.
2017-
07-05 6.4
CVE-2017-
6711
BID(link is
external)
CONFIRM(l
ink is
external)
cisco --
unified_contact_center_express
A vulnerability in the Extensible Messaging
and Presence Protocol (XMPP) service of
Cisco Unified Contact Center Express
(UCCx) could allow an unauthenticated,
remote attacker to masquerade as a legitimate
user, aka a Clear Text Authentication
Vulnerability. More Information:
CSCuw86638. Known Affected Releases:
10.6(1). Known Fixed Releases:
11.5(1.10000.61).
2017-
07-03 5.5
CVE-2017-
6722
BID(link is
external)
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
cisco --
wide_area_application_services
A vulnerability in the ingress processing of
fragmented TCP packets by Cisco Wide Area
Application Services (WAAS) could allow an
unauthenticated, remote attacker to cause the
2017-
07-03 5.0
CVE-2017-
6721
BID(link is
external)
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
WAASNET process to restart unexpectedly,
causing a denial of service (DoS) condition.
More Information: CSCvc57428. Known
Affected Releases: 6.3(1). Known Fixed
Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22).
SECTRACK
(link is
external)
CONFIRM(l
ink is
external)
ektron --
ektron_content_management_s
ystem
Cross-site scripting (XSS) vulnerability in
Ektron Content Management System (CMS)
before 9.1.0.184 SP3 (9.1.0.184.3.127) allows
remote attackers to inject arbitrary web script
or HTML via the ContType parameter in a
ViewContentByCategory action to
WorkArea/content.aspx.
2017-
07-03 4.3
CVE-2016-
6201
MISC(link is
external)
elasticsearch -- kibana
In Kibana X-Pack security versions prior to
5.4.3 if a Kibana user opens a crafted Kibana
URL the result could be a redirect to an
improperly initialized Kibana login screen. If
the user enters credentials on this screen, the
credentials will appear in the URL bar. The
credentials could then be viewed by untrusted
parties or logged into the Kibana access logs.
2017-
06-30 4.3
CVE-2017-
8443
CONFIRM(l
ink is
external)
graphicsmagick --
graphicsmagick
When GraphicsMagick 1.3.25 processes an
RGB TIFF picture (with metadata indicating a
single sample per pixel) in coders/tiff.c, a
buffer overflow occurs, related to
QuantumTransferMode.
2017-
07-02 4.3
CVE-2017-
10794
BID(link is
external)
CONFIRM(l
ink is
external)
graphicsmagick --
graphicsmagick
When GraphicsMagick 1.3.25 processes a
DPX image (with metadata indicating a large
width) in coders/dpx.c, a denial of service
(OOM) can occur in ReadDPXImage().
2017-
07-02 4.3
CVE-2017-
10799
CONFIRM(l
ink is
external)
BID(link is
external)
graphicsmagick --
graphicsmagick
When GraphicsMagick 1.3.25 processes a
MATLAB image in coders/mat.c, it can lead
to a denial of service (OOM) in
ReadMATImage() if the size specified for a
2017-
07-02 4.3
CVE-2017-
10800
CONFIRM(l
ink is
external)
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
MAT Object is larger than the actual amount
of data.
BID(link is
external)
humaxdigital --
hg100r_firmware
An issue was discovered on Humax Digital
HG100R 2.0.6 devices. There is XSS on the
404 page.
2017-
07-03 4.3
CVE-2017-
7316
MISC
intelliants -- subrion_cms
Cross-site scripting (XSS) vulnerability in
Subrion CMS 4.1.4 allows remote attackers to
inject arbitrary web script or HTML via the
body to blog/add/, a different vulnerability
than CVE-2017-6069.
2017-
07-02 4.3
CVE-2017-
10795
BID(link is
external)
MISC(link is
external)
netapp -- altavault
NetApp AltaVault 4.1 and earlier allows man-
in-the-middle attackers to obtain sensitive
information, gain privileges, or cause a denial
of service via vectors related to the SMB
protocol.
2017-
07-03 5.1
CVE-2016-
3998
CONFIRM(l
ink is
external)
netapp -- clustered_data_ontap
NetApp Clustered Data ONTAP allows man-
in-the-middle attackers to obtain sensitive
information, gain privileges, or cause a denial
of service by leveraging failure to enable
SMB signing enforcement in its default state.
2017-
07-03 6.8
CVE-2016-
3997
CONFIRM(l
ink is
external)
CONFIRM(l
ink is
external)
netapp -- data_ontap
NetApp Data ONTAP, when operating in 7-
Mode 8.1 and 8.2, allows man-in-the-middle
attackers to obtain sensitive information, gain
privileges, or cause a denial of service via
vectors related to the SMB protocol.
2017-
07-03 6.8
CVE-2016-
3400
CONFIRM(l
ink is
external)
BID(link is
external)
MISC(link is
external)
CONFIRM(l
ink is
external)
netapp --
oncommand_system_manager NetApp OnCommand System Manager before
9.0 allows remote attackers to obtain sensitive
2017-
07-03 6.8
CVE-2016-
5045
CONFIRM(l
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
credentials via vectors related to cluster
peering setup.
ink is
external)
objectplanet -- opinio
In ObjectPlanet Opinio before 7.6.4, there is
XSS.
2017-
07-02 4.3
CVE-2017-
10798
CONFIRM(l
ink is
external)
puppetlabs -- mcollective-
sshkey-security
The mcollective-sshkey-security plugin before
0.5.1 for Puppet uses a server-specified
identifier as part of a path where a file is
written. A compromised server could use this
to write a file to an arbitrary location on the
client with the filename appended with the
string "_pub.pem".
2017-
06-30 4.3
CVE-2017-
2298
CONFIRM(l
ink is
external)
CONFIRM(l
ink is
external)
CONFIRM(l
ink is
external)
winamp -- winamp
Winamp 5.666 Build 3516(x86) allows
attackers to execute arbitrary code or cause a
denial of service via a crafted .flv file, related
to "Data from Faulting Address controls Code
Flow starting at
in_flv!winampGetInModule2+0x0000000000
0009a8."
2017-
07-05 4.4
CVE-2017-
10725
MISC(link is
external)
xen -- xen
Xen through 4.8.x mishandles virtual interrupt
injection, which allows guest OS users to
cause a denial of service (hypervisor crash),
aka XSA-223.
2017-
07-04 5.0
CVE-2017-
10919
BID(link is
external)
CONFIRM
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
KERNELBASE!FindSortHashNode+0x00000
00000000040."
2017-
07-05 4.6
CVE-2017-
10774
MISC(link is
external)
Primary
Vendor -- Product Description
Publis
hed
CV
SS
Sco
re
Source &
Patch Info
xoev -- osci_transport_library
A Padding Oracle exists in OSCI-Transport
1.2 as used in OSCI Transport Library 1.6.1
(Java) and OSCI Transport Library 1.6
(.NET). Under an MITM condition within the
OSCI infrastructure, an attacker needs to send
crafted protocol messages to analyse the CBC
mode padding in order to decrypt the transport
encryption.
2017-
06-30 4.3
CVE-2017-
10668
MISC(link is
external)
MISC
xoev -- osci_transport_library
Signature Wrapping exists in OSCI-Transport
1.2 as used in OSCI Transport Library 1.6.1
(Java) and OSCI Transport Library 1.6
(.NET). An attacker with access to
unencrypted OSCI protocol messages must
send crafted protocol messages with duplicate
IDs.
2017-
06-30 6.4
CVE-2017-
10669
MISC(link is
external)
MISC
Low Vulnerabilities
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
antiy -- antivirus_engine
When Antiy Antivirus Engine
before 5.0.0.05171547 scans a
special ZIP archive, it crashes with
a stack-based buffer overflow
because a fixed path length is
used.
2017-07-
02 2.1
CVE-2017-10706
MISC(link is
external)
cisco --
firepower_management_center
A vulnerability in the web
framework of Cisco Firepower
Management Center could allow
an authenticated, remote attacker
to conduct a cross-site scripting
(XSS) attack against a user of the
web interface. Affected Products:
Cisco Firepower Management
Center Releases 5.4.1.x and prior.
More Information: CSCuy88951.
Known Affected Releases: 5.4.1.6.
2017-07-
03 3.5
CVE-2017-6715
BID(link is
external)
CONFIRM(link is
external)
cisco --
firepower_management_center A vulnerability in the web
framework code of Cisco
2017-07-
03 3.5
CVE-2017-6716
BID(link is
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
Firepower Management Center
could allow an authenticated,
remote attacker to conduct a stored
cross-site scripting (XSS) attack
against a user of the web interface
of an affected system. Affected
Products: Cisco Firepower
Management Center Software
Releases prior to 6.0.0.0. More
Information: CSCuy88785.
Known Affected Releases: 5.4.1.6.
external)
CONFIRM(link is
external)
cisco --
firepower_management_center
A vulnerability in the web
framework of Cisco Firepower
Management Center could allow
an authenticated, remote attacker
to conduct a cross-site scripting
(XSS) attack against a user of the
web interface. More Information:
CSCvc38801. Known Affected
Releases: 6.0.1.3 6.2.1. Known
Fixed Releases: 6.2.1.
2017-07-
03 3.5
CVE-2017-6717
BID(link is
external)
CONFIRM(link is
external)
cisco -- identity_services_engine
A vulnerability in the web-based
management interface of Cisco
Identity Services Engine (ISE)
could allow an authenticated,
remote attacker to conduct a
reflective cross-site scripting
(XSS) attack against a user of the
web-based management interface
of an affected device. More
Information: CSCvc85415. Known
Affected Releases: 2.1(0.800).
2017-07-
03 3.5
CVE-2017-6605
BID(link is
external)
SECTRACK(link
is external)
CONFIRM(link is
external)
cisco --
prime_collaboration_provisioning
A vulnerability in the filesystem of
the Cisco Prime Collaboration
Provisioning tool could allow an
authenticated, local attacker to
acquire sensitive information.
More Information: CSCvc82973.
Known Affected Releases: 12.1.
2017-07-
03 2.1
CVE-2017-6705
BID(link is
external)
SECTRACK(link
is external)
CONFIRM(link is
external)
cisco --
prime_collaboration_provisioning
A vulnerability in the logging
subsystem of the Cisco Prime
Collaboration Provisioning tool
2017-07-
03 3.6
CVE-2017-6706
BID(link is
external)
Primary
Vendor -- Product Description Published
CVSS
Score
Source & Patch
Info
could allow an unauthenticated,
local attacker to acquire sensitive
information. More Information:
CSCvd07260. Known Affected
Releases: 12.1.
SECTRACK(link
is external)
CONFIRM(link is
external)
synology -- audio_station
Cross-site scripting (XSS)
vulnerabilities in Synology Audio
Station 5.1 before 5.1-2550 and
5.4 before 5.4-2857 allows remote
authenticated attackers to inject
arbitrary web script or HTML via
the album title.
2017-06-
30 3.5
CVE-2015-9104
MISC(link is
external)
CONFIRM(link is
external)
synology -- note_station
Multiple cross-site scripting (XSS)
vulnerabilities in Synology Note
Station 1.1-0212 and earlier allow
remote authenticated attackers to
inject arbitrary web script or
HTML via the (1) note title or (2)
file name of attachments.
2017-06-
30 3.5
CVE-2015-9103
MISC(link is
external)
MISC(link is
external)
CONFIRM(link is
external)
synology -- photo_station
Multiple cross-site scripting (XSS)
vulnerabilities in Synology Photo
Station 6.0 before 6.0-2638 and
6.3 before 6.3-2962 allow remote
authenticated attackers to inject
arbitrary web script or HTML via
the (1) album name, (2) file name
of uploaded photos, (3) description
of photos, or (4) tag of the photos.
2017-06-
30 3.5
CVE-2015-9102
MISC(link is
external)
MISC(link is
external)
MISC(link is
external)
MISC(link is
external)
CONFIRM(link is
external)
synology -- video_station
Multiple cross-site scripting (XSS)
vulnerabilities in Synology Video
Station 1.2 before 1.2-0455, 1.5
before 1.5-0772, and 1.6 before
1.6-0847 allow remote
authenticated attackers to inject
arbitrary web script or HTML via
the (1) file name or (2) collection
name of videos.
2017-06-
30 3.5
CVE-2015-9105
MISC(link is
external)
MISC(link is
external)
CONFIRM(link is
external)
Severity Not Yet Assigned
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
acquisition_technology_&_logistics_
agency --
electronic_tendering_and_bid_openin
g_system
Untrusted search path vulnerability in
Installer of Electronic tendering and bid
opening system available prior to June 12,
2017 allows an attacker to execute arbitrary
code via a specially crafted executable file in
an unspecified directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2208
MISC(lin
k is
external)
JVN(link
is
external)
apache -- etherpad
Directory traversal vulnerability in
node/utils/Minify.js in Etherpad 1.1.1
through 1.5.2 allows remote attackers to read
arbitrary files by leveraging replacement of
backslashes with slashes in the path
parameter of HTTP API requests.
2017-
07-07
not
yet
calcu
lated
CVE-
2015-
3297
MLIST(li
nk is
external)
MLIST(li
nk is
external)
BID(link
is
external)
CONFIR
M(link is
external)
apache -- solr
Apache Solr uses a PKI based mechanism to
secure inter-node communication when
security is enabled. It is possible to create a
specially crafted node name that does not
exist as part of the cluster and point it to a
malicious node. This can trick the nodes in
cluster to believe that the malicious node is a
member of the cluster. So, if Solr users have
enabled BasicAuth authentication
mechanism using the BasicAuthPlugin or if
the user has implemented a custom
Authentication plugin, which does not
implement either
"HttpClientInterceptorPlugin" or
"HttpClientBuilderPlugin", his/her servers
are vulnerable to this attack. Users who only
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
7660
MLIST
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
use SSL without basic authentication or
those who use Kerberos are not affected.
apple -- quicktime_for_windows
Untrusted search path vulnerability in
Installer of QuickTime for Windows allows
an attacker to gain privileges via a Trojan
horse DLL in an unspecified directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2218
JVN(link
is
external)
MISC(lin
k is
external)
brother_industries -- mfc-
j960dwn_firmware
Cross-site request forgery (CSRF)
vulnerability in MFC-J960DWN firmware
ver.D and earlier allows remote attackers to
hijack the authentication of administrators
via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2244
JVN(link
is
external)
CONFIR
M(link is
external)
c-ares -- c-ares
The c-ares function
`ares_parse_naptr_reply()`, which is used for
parsing NAPTR responses, could be
triggered to read memory outside of the
given input buffer if the passed in DNS
response packet was crafted in a particular
way.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
1000381
CONFIR
M(link is
external)
CONFIR
M(link is
external)
cacti -- cacti
Cross-site scripting (XSS) vulnerability in
link.php in Cacti 1.1.12 allows remote
anonymous users to inject arbitrary web
script or HTML via the id parameter, related
to the die_html_input_error function in
lib/html_validate.php.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10970
CONFIR
M(link is
external)
catdoc -- catdoc
The ole_init function in ole.c in catdoc 0.95
allows remote attackers to cause a denial of
service (heap-based buffer underflow and
application crash) or possibly have
unspecified other impact via a crafted file,
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11110
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
i.e., data is written to memory addresses
before the beginning of the tmpBuf buffer.
k is
external)
charamin_steering_committee --
installer_of_charamin_omp
Untrusted search path vulnerability in The
installer of Charamin OMP Version 1.1.7.4
and earlier, Version 1.2.0.0 Beta and earlier
allows an attacker to gain privileges via a
Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2227
JVN(link
is
external)
cybozu -- garoon
Cybozu Garoon 3.0.0 to 4.2.4 may allow an
attacker to lock another user's file through a
specially crafted page.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2144
JVN(link
is
external)
CONFIR
M(link is
external)
cybozu -- garoon
Cross-site scripting vulnerability in Cybozu
Garoon 3.0.0 to 4.2.4 allows remote attackers
to inject arbitrary web script or HTML via
application menu.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2146
JVN(link
is
external)
CONFIR
M(link is
external)
cybozu -- garoon
Session fixation vulnerability in Cybozu
Garoon 4.0.0 to 4.2.4 allows remote attackers
to perform arbitrary operations via
unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2145
JVN(link
is
external)
CONFIR
M(link is
external)
cybozu -- kunai
Cross-site scripting vulnerability in Cybozu
KUNAI for Android 3.0.0 to 3.0.6 allows
remote attackers to inject arbitrary web script
or HTML via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2172
JVN(link
is
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
external)
CONFIR
M(link is
external)
d-link -- d-link_dir-615
On the D-Link DIR-615 before
v20.12PTb04, if a victim logged in to the
Router's Web Interface visits a malicious site
from another Browser tab, the malicious site
then can send requests to the victim's Router
without knowing the credentials (CSRF). An
attacker can host a page that sends a POST
request to Form2File.htm that tries to upload
Firmware to victim's Router. This causes the
router to reboot/crash resulting in Denial of
Service. An attacker may succeed in
uploading malicious Firmware.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
7404
MISC
MISC(lin
k is
external)
d-link -- d-link_dir-615
On the D-Link DIR-615 before
v20.12PTb04, once authenticated, this device
identifies the user based on the IP address of
his machine. By spoofing the IP address
belonging to the victim's host, an attacker
might be able to take over the administrative
session without being prompted for
authentication credentials. An attacker can
get the victim's and router's IP addresses by
simply sniffing the network traffic.
Moreover, if the victim has web access
enabled on his router and is accessing the
web interface from a different network that is
behind the NAT/Proxy, an attacker can sniff
the network traffic to know the public IP
address of the victim's router and take over
his session as he won't be prompted for
credentials.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
7405
MISC
MISC(lin
k is
external)
d-link -- d-link_dir-615
The D-Link DIR-615 device before
v20.12PTb04 doesn't use SSL for any of the
authenticated pages. Also, it doesn't allow
the user to generate his own SSL Certificate.
An attacker can simply monitor network
traffic to steal a user's credentials and/or
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
7406
MISC
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
credentials of users being added while
sniffing the traffic.
k is
external)
dbd::mysql -- dbd::mysql
The DBD::mysql module through 4.043 for
Perl allows remote attackers to cause a denial
of service (use-after-free and application
crash) or possibly have unspecified other
impact by triggering (1) certain error
responses from a MySQL server or (2) a loss
of a network connection to a MySQL server.
The use-after-free defect was introduced by
relying on incorrect Oracle
mysql_stmt_close documentation and code
examples.
2017-
07-01
not
yet
calcu
lated
CVE-
2017-
10788
MISC
BID(link
is
external)
MISC(lin
k is
external)
dbd::mysql -- dbd::mysql
The DBD::mysql module through 4.043 for
Perl uses the mysql_ssl=1 setting to mean
that SSL is optional (even though this
setting's documentation has a "your
communication with the server will be
encrypted" statement), which allows man-in-
the-middle attackers to spoof servers via a
cleartext-downgrade attack, a related issue to
CVE-2015-3152.
2017-
07-01
not
yet
calcu
lated
CVE-
2017-
10789
BID(link
is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
dfactory -- responsive_lightbox
Cross-site scripting vulnerability in
Responsive Lightbox prior to version 1.7.2
allows an attacker to inject arbitrary web
script or HTML via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2243
JVN(link
is
external)
CONFIR
M
elastic -- elasticsearch_x-
pack_security
Elasticsearch X-Pack Security versions 5.0.0
to 5.4.3, when enabled, can result in the
Elasticsearch _nodes API leaking sensitive
configuration information, such as the paths
and passphrases of SSL keys that were
configured as part of an authentication realm.
This could allow an authenticated
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
8442
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Elasticsearch user to improperly view these
details.
emc -- rsa_archer
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3,
5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an
authorization bypass through user-controlled
key vulnerability in Discussion Forum
Messages. A remote low privileged attacker
may potentially exploit this vulnerability to
elevate their privileges and view other users'
discussion forum messages.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
4999
CONFIR
M
BID(link
is
external)
SECTRA
CK(link
is
external)
emc -- rsa_archer
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3,
5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected
by a cross-site request forgery vulnerability.
A remote low privileged attacker may
potentially exploit the vulnerability to
execute unauthorized requests on behalf of
the victim, using the authenticated user's
privileges.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
4998
CONFIR
M
BID(link
is
external)
SECTRA
CK(link
is
external)
emc -- rsa_archer
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3,
5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an
information exposure through an error
message vulnerability. A remote low
privileged attacker may potentially exploit
this vulnerability to use information
disclosed in an error message to launch
another more focused attack.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
5001
CONFIR
M
BID(link
is
external)
SECTRA
CK(link
is
external)
emc -- rsa_archer
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3,
5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an
2017-
07-06 not
yet
CVE-
2017-
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
open redirect vulnerability. A remote
unprivileged attacker may potentially
redirect legitimate users to arbitrary web
sites and conduct phishing attacks. The
attacker could then steal the victims'
credentials and silently authenticate them to
the RSA Archer application without the
victims realizing an attack occurred.
calcu
lated
5002
CONFIR
M
BID(link
is
external)
SECTRA
CK(link
is
external)
emc -- rsa_archer
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3,
5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an
information exposure through an error
message vulnerability. A remote low
privileged attacker may potentially exploit
this vulnerability to use information
disclosed in an error message to launch
another more focused attack.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
5000
CONFIR
M
BID(link
is
external)
SECTRA
CK(link
is
external)
fastone -- image_viewer
FastStone Image Viewer 6.2 has a "User
Mode Write AV" issue, possibly related to
the jpeg_mem_term function in jmemnobs.c
in libjpeg. This issue can be triggered by a
malformed JPEG file that is mishandled by
FSViewer.exe. Attackers could exploit this
issue for DoS (Access Violation) or possibly
unspecified other impact.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8826
MISC(lin
k is
external)
fastone -- image_viewer
FastStone Image Viewer 6.2 has a "Data
from Faulting Address may be used as a
return value" issue. This issue can be
triggered by a malformed JPEG 2000 file
that is mishandled by FSViewer.exe.
Attackers could exploit this issue for DoS
(Access Violation) or possibly unspecified
other impact.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8785
MISC(lin
k is
external)
finecms -- finecms
In FineCMS before 2017-07-06,
application\core\controller\config.php allows
2017-
07-06 not
yet
CVE-
2017-
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
XSS in the (1) key_name, (2) key_value, and
(3) meaning parameters.
calcu
lated
10967
CONFIR
M(link is
external)
finecms -- finecms
In FineCMS through 2017-07-07,
application\core\controller\template.php
allows remote PHP code execution by
placing the code after "<?php" in a
route=template request.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10968
MISC(lin
k is
external)
finecms -- finecms
In FineCMS before 2017-07-06,
application/lib/ajax/get_image_data.php has
SSRF, related to requests for non-image files
with a modified HTTP Host header.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10973
CONFIR
M(link is
external)
CONFIR
M(link is
external)
foxit -- foxit_reader_and_phantompdf
Foxit Reader before 8.3.1 and PhantomPDF
before 8.3.1 have an Arbitrary Write
vulnerability, which allows remote attackers
to execute arbitrary code via a crafted
document.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10994
CONFIR
M(link is
external)
golang -- go
A bug in the standard library ScalarMult
implementation of curve P-256 for amd64
architectures in Go before 1.7.6 and 1.8.x
before 1.8.2 causes incorrect results to be
generated for specific input points. An
adaptive attack can be mounted to
progressively extract the scalar input to
ScalarMult by submitting crafted points and
observing failures to the derive correct
output. This leads to a full key recovery
attack against static ECDH, as used in
popular JWT libraries.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
8932
SUSE
SUSE
MISC(lin
k is
external)
CONFIR
M(link is
external)
CONFIR
M(link is
external)
CONFIR
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
M(link is
external)
MLIST(li
nk is
external)
FEDOR
A
google -- android
A information disclosure vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36490809.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0699
CONFIR
M(link is
external)
google -- android
A information disclosure vulnerability in the
HTC sensor hub driver. Product: Android.
Versions: Android kernel. Android ID: A-
35468048.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0709
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android framework. Product: Android.
Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36104177.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0670
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 7.0, 7.1.1, 7.1.2. Android
ID: A-36576151.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0678
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1,
7.0, 7.1.1, 7.1.2. Android ID: A-36215950.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0689
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
A elevation of privilege vulnerability in the
Android framework. Product: Android.
Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,
7.1.1, 7.1.2. Android ID: A-36991414.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0665
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-34231231.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0686
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-35584425.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0688
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Android framework. Product: Android.
Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,
7.1.1, 7.1.2. Android ID: A-37285689.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0666
CONFIR
M(link is
external)
google -- android
A information disclosure vulnerability in the
Android framework. Product: Android.
Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,
7.1.1, 7.1.2. Android ID: A-22011579.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0668
CONFIR
M(link is
external)
google -- android
A information disclosure vulnerability in the
Android framework. Product: Android.
Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2.
Android ID: A-34114752.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0669
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,
2017-
07-06 not
yet
CVE-
2017-
0690
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-
36592202.
calcu
lated
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1,
7.0, 7.1.1, 7.1.2. Android ID: A-37094889.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0695
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Android framework. Product: Android.
Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36491278.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0664
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36993291.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0693
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-37008096.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0680
CONFIR
M(link is
external)
google -- android
Directory traversal vulnerability in the
doSendObjectInfo method in
frameworks/av/media/mtp/MtpServer.cpp in
Android 4.4.4 allows physically proximate
attackers with a direct connection to the
target Android device to upload files outside
of the sdcard via a .. (dot dot) in a name
parameter of an MTP request.
2017-
07-07
not
yet
calcu
lated
CVE-
2014-
7954
MISC(lin
k is
external)
FULLDI
SC
BUGTR
AQ(link
is
external)
BID(link
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 7.0, 7.1.1, 7.1.2. Android
ID: A-36591008.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0683
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 7.0, 7.1.1, 7.1.2. Android
ID: A-36588422.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0682
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,
6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-
37208566.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0681
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-34203195.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0685
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,
6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-
37093318.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0694
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Android framework. Product: Android.
Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-37478824.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0667
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,
6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-
36725407.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0692
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36996978.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0679
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 7.0, 7.1.1, 7.1.2. Android
ID: A-36724453.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0691
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-35421151.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0684
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-37207120.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0696
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
MediaTek networking driver. Product:
Android. Versions: Android kernel. Android
ID: A-36099953. References: M-
ALPS03206781.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0711
BID(link
is
external)
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
Race condition in the bindBackupAgent
method in the ActivityManagerService in
Android 4.4.4 allows local users with adb
shell access to execute arbitrary code or any
valid package as system by running "pm
install" with the target apk, and
simultaneously running a crafted script to
process logcat's output looking for a dexopt
line, which once found should execute
bindBackupAgent with the uid member of
the ApplicationInfo parameter set to 1000.
2017-
07-07
not
yet
calcu
lated
CVE-
2014-
7953
FULLDI
SC
BUGTR
AQ(link
is
external)
BID(link
is
external)
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Upstream Linux tcb. Product: Android.
Versions: Android kernel. Android ID: A-
34951864.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0710
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
HTC led driver. Product: Android. Versions:
Android kernel. Android ID: A-36088467.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0707
CONFIR
M(link is
external)
google -- android
A information disclosure vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-35467458.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0698
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Android system ui. Product: Android.
Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,
7.1.1, 7.1.2. Android ID: A-33123882.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0703
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
A remote code execution vulnerability in the
Android system ui. Product: Android.
Versions: 7.1.1, 7.1.2. Android ID: A-
36621442.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0702
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android system ui. Product: Android.
Versions: 7.1.1, 7.1.2. Android ID: A-
36385715.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0701
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android system ui. Product: Android.
Versions: 7.1.1, 7.1.2. Android ID: A-
35639138.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0700
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android media framework. Product:
Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,
6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-
37239013.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0697
CONFIR
M(link is
external)
google -- android
An elevation of privilege vulnerability in the
NVIDIA Libnvparser component due to a
memcpy into a fixed sized buffer with a user-
controlled size could lead to a memory
corruption and possible remote code
execution. This issue is rated as High.
Product: Android. Version: N/A. Android
ID: A-33968204. References: N-CVE-2017-
0340.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
0340
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Broadcom wi-fi driver. Product: Android.
Versions: Android kernel. Android ID: A-
34973477. References: B-RB#119898.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0705
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2.
Android ID: A-34779227.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0675
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-36035074.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0677
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1,
7.0, 7.1.1, 7.1.2. Android ID: A-34896431.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0676
CONFIR
M(link is
external)
google -- android
An information disclosure vulnerability in
the NVIDIA Video Driver due to an out-of-
bounds read function in the Tegra Display
Controller driver could result in possible
information disclosure. This issue is rated as
Moderate. Product: Android. Version: N/A.
Android ID: A-33718700. References: N-
CVE-2017-0326.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
0326
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-34231163.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0674
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android libraries. Product: Android.
Versions: 4.4.4. Android ID: A-34514762.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0671
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
google -- android
A elevation of privilege vulnerability in the
Android system ui. Product: Android.
Versions: 7.1.1, 7.1.2. Android ID: A-
33059280.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0704
CONFIR
M(link is
external)
google -- android
A information disclosure vulnerability in the
HTC sound driver. Product: Android.
Versions: Android kernel. Android ID: A-
35384879.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0708
CONFIR
M(link is
external)
google -- android
A remote code execution vulnerability in the
Android media framework. Product:
Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,
7.1.2. Android ID: A-33974623.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0673
CONFIR
M(link is
external)
google -- android
A elevation of privilege vulnerability in the
Broadcom wi-fi driver. Product: Android.
Versions: Android kernel. Android ID: A-
35195787. References: B-RB#120532.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0706
CONFIR
M(link is
external)
google -- android
A denial of service vulnerability in the
Android libraries. Product: Android.
Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-
34778578.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
0672
CONFIR
M(link is
external)
graphicsmagick -- graphicsmagick
The ReadOneJNGImage function in
coders/png.c in GraphicsMagick 1.3.26
allows remote attackers to cause a denial of
service (application crash) during JNG
reading via a zero-length color_image data
structrure.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11102
CONFIR
M(link is
external)
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
i-o_data_device --
multiple_products
Cross-site request forgery (CSRF)
vulnerability in TS-WPTCAM, TS-PTCAM,
TS-PTCAM/POE, TS-WLC2, TS-WLCE,
TS-WRLC firmware version 1.19 and earlier
and TS-WPTCAM2 firmware version 1.01
and earlier allows remote attackers to hijack
the authentication of administrators via
unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2223
MISC(lin
k is
external)
JVN(link
is
external)
ibm -- jazz_foundation
IBM Jazz Foundation could allow an
authenticated attacker to obtain sensitive
information from error message stack traces.
IBM X-Force ID: 119528.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9700
CONFIR
M(link is
external)
MISC(lin
k is
external)
ibm -- jazz_foundation
IBM Jazz Foundation Reporting Service
(JRS) 5.0 and 6.0 is vulnerable to cross-site
scripting. This vulnerability allows users to
embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality
potentially leading to credentials disclosure
within a trusted session. IBM X-Force ID:
120553.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9987
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- jazz_foundation
IBM Jazz Foundation Reporting Service
(JRS) 5.0 and 6.0 is vulnerable to cross-site
scripting. This vulnerability allows users to
embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality
potentially leading to credentials disclosure
within a trusted session. IBM X-Force ID:
120554.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9988
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
ibm -- jazz_foundation
IBM Jazz Foundation Reporting Service
(JRS) 5.0 and 6.0 is vulnerable to cross-site
scripting. This vulnerability allows users to
embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality
potentially leading to credentials disclosure
within a trusted session. IBM X-Force ID:
120552.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9986
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- jazz_foundation
IBM Jazz Foundation Reporting Service
(JRS) 5.0 and 6.0 is vulnerable to cross-site
scripting. This vulnerability allows users to
embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality
potentially leading to credentials disclosure
within a trusted session. IBM X-Force ID:
120555.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9989
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 9.0, 9.1, 9.5, 10.0,
and 10.1 transmits sensitive data in cleartext
in the query of the request. This could allow
an attacker to obtain sensitive information
using man in the middle techniques. IBM X-
Force ID: 110409
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
0238
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- team_concert
IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is
vulnerable to cross-site scripting. This
2017-
07-05 not
yet
CVE-
2016-
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
to credentials disclosure within a trusted
session. IBM X-Force ID: 119762.
calcu
lated
9733
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- team_concert
IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is
vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
to credentials disclosure within a trusted
session. IBM X-Force ID: 119821.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9746
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- team_concert
IBM Team Concert 4.0, 5.0 and 6.0 is
vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
to credentials disclosure within a trusted
session. IBM X-Force ID: 119529.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
9701
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- jazz_reporting_service
IBM Jazz Reporting Service (JRS) 5.0 and
6.0 is vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1096
CONFIR
M(link is
external)
BID(link
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
to credentials disclosure within a trusted
session. IBM X-Force ID: 120656.
is
external)
MISC(lin
k is
external)
ibm -- jazz_reporting_service
IBM Jazz Reporting Service (JRS) 5.0 and
6.0 could allow an authenticated attacker to
access report data that should be restricted to
authorized users. IBM X-Force ID: 122788.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1157
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- maximo_asset_management
IBM Maximo Asset Management 7.1, 7.5,
and 7.6 could allow a local user to obtain
sensitive information due to inappropriate
data retention of attachments. IBM X-Force
ID: 123299.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1176
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- maximo_asset_management
IBM Maximo Asset Management 7.1, 7.5,
and 7.6 is vulnerable to cross-site scripting.
This vulnerability allows users to embed
arbitrary JavaScript code in the Web UI thus
altering the intended functionality potentially
leading to credentials disclosure within a
trusted session. IBM X-Force ID: 123778.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1208
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
ibm -- rational_team_concert
IBM Rational Team Concert (RTC) 4.0, 5.0
and 6.0 is vulnerable to cross-site scripting.
This vulnerability allows users to embed
arbitrary JavaScript code in the Web UI thus
altering the intended functionality potentially
leading to credentials disclosure within a
trusted session. IBM X-Force ID: 121151.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1113
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0 could allow a
remote authenticated attacker to execute
arbitrary commands on the system. By
sending a specially-crafted request, an
attacker could exploit this vulnerability to
execute arbitrary commands on the system.
IBM X-Force ID: 124633.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1253
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0 is vulnerable to
a XML External Entity Injection (XXE)
attack when processing XML data. A remote
attacker could exploit this vulnerability to
expose highly sensitive information or
consume memory resources. IBM X-Force
ID: 124634.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1254
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0, 10.1 is
vulnerable to cross-site scripting. This
2017-
07-05 not
yet
CVE-
2017-
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
to credentials disclosure within a trusted
session. IBM X-Force ID: 124678
calcu
lated
1256
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0 does not prove
or insufficiently proves that the actors
identity is correct which can lead to exposure
of resources or functionality to unintended
actors. IBM X-Force ID: 124739.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1264
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0 and 10.1 is
vulnerable to SQL injection. A remote
attacker could send specially-crafted SQL
statements, which could allow the attacker to
view, add, modify or delete information in
the back-end database. IBM X-force ID:
124744
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1269
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- security_guardium
IBM Security Guardium 10.0 and 10.1 does
not perform an authentication check for a
critical resource or functionality allowing
anonymous users access to protected areas.
IBM X-Force ID: 124685
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1258
CONFIR
M(link is
external)
BID(link
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
is
external)
MISC(lin
k is
external)
ibm -- websphere_message_broker
IBM WebSphere Message Broker stores user
credentials in plain in clear text which can be
read by a local user. IBM X-Force ID:
123777.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1207
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- websphere_message_broker
IBM WebSphere Message Broker could
allow a local user with specialized access to
prevent the message broker from starting.
IBM X-Force ID: 122033.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1144
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
ibm -- websphere_mq
IBM WebSphere MQ 9.0.2 could allow an
authenticated user to potentially cause a
denial of service by saving an incorrect
channel status inquiry. IBM X-Force ID:
124354
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
1236
CONFIR
M(link is
external)
MISC(lin
k is
external)
ibm -- websphere_portal
IBM WebSphere Portal 8.5 and 9.0 is
vulnerable to cross-site scripting. This
2017-
07-05 not
yet
CVE-
2017-
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
vulnerability allows users to embed arbitrary
JavaScript code in the Web UI thus altering
the intended functionality potentially leading
to credentials disclosure within a trusted
session. IBM X-Force ID: 123857
calcu
lated
1217
CONFIR
M(link is
external)
BID(link
is
external)
SECTRA
CK(link
is
external)
MISC(lin
k is
external)
ibm --maximo_asset_management
IBM Maximo Asset Management 7.1, 7.5,
and 7.6 is vulnerable to SQL injection. A
remote attacker could send specially-crafted
SQL statements, which could allow the
attacker to view, add, modify or delete
information in the back-end database. IBM
X-Force ID: 123297.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
1175
CONFIR
M(link is
external)
BID(link
is
external)
MISC(lin
k is
external)
imagemagick -- imagemagick
The mng_get_long function in coders/png.c
in ImageMagick 7.0.6-0 allows remote
attackers to cause a denial of service (heap-
based buffer over-read and application crash)
via a crafted MNG image.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10995
CONFIR
M(link is
external)
imagemagick -- imagemagick
In ImageMagick 7.0.6-0, a heap-based buffer
over-read in the GetNextToken function in
token.c allows remote attackers to obtain
sensitive information from process memory
or possibly have unspecified other impact via
a crafted SVG document that is mishandled
in the GetUserSpaceCoordinateValue
function in coders/svg.c.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10928
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
information-
technology_promotion_agency_japan
-- icodechecker
Cross-site scripting vulnerability in Source
code security studying tool iCodeChecker
allows an attacker to inject arbitrary web
script or HTML via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2194
JVN(link
is
external)
MISC(lin
k is
external)
information-
technology_promotion_agency_japan
-- installer_of_casl_ii_simulator
Untrusted search path vulnerability in
Installer of CASL II simulator (self-extract
format) allows an attacker to gain privileges
via a Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2220
JVN(link
is
external)
MISC(lin
k is
external)
internet_security_association_and_ke
y_management_ protocol --
internet_security_association_and_ke
y_management_ protocol
The racoon daemon in IPsec-Tools 0.8.2
contains a remotely exploitable
computational-complexity attack when
parsing and storing ISAKMP fragments. The
implementation permits a remote attacker to
exhaust computational resources on the
remote endpoint by repeatedly sending
ISAKMP fragment packets in a particular
order such that the worst-case computational
complexity is realized in the algorithm
utilized to determine if reassembly of the
fragments can take place.
2017-
07-05
not
yet
calcu
lated
CVE-
2016-
10396
CONFIR
M
CONFIR
M
CONFIR
M
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000c998."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9877
CONFIR
M(link is
external)
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
irfanview -- irfanview
IrfanView version 4.44 (32bit) allows
attackers to execute arbitrary code or cause a
denial of service via a crafted .rle file, related
to a "User Mode Write AV starting at
ntdll_77df0000!RtlpWaitOnCriticalSection+
0x0000000000000121."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10729
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!LdrpResGetMappingSize+0
x00000000000003cc."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9921
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!LdrpCompareResourceName
s_U+0x0000000000000062."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9922
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
plugin 4.50 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted file, related to a "Read Access
Violation on Block Data Move starting at
ntdll_77df0000!memcpy+0x0000000000000
033."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9915
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpFreeHeap+0x000000000
0000393."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9892
CONFIR
M(link is
external)
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or possibly have
unspecified other impact via a crafted file,
related to "Data from Faulting Address
controls Branch Selection starting at
ntdll_77df0000!RtlFreeHandle+0x00000000
000001b6."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9916
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!LdrpResSearchResourceInsi
deDirectory+0x000000000000029e."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9920
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or possibly have
unspecified other impact via a crafted file,
related to "Data from Faulting Address is
used as one or more arguments in a
subsequent Function Call starting at
ntdll_77df0000!RtlFreeHandle+0x00000000
00000218."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9917
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!LdrpResCompareResourceN
ames+0x0000000000000087."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9919
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) allows
attackers to execute arbitrary code or cause a
denial of service via a crafted .rle file, related
to a "User Mode Write AV starting at
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10731
CONFIR
M(link is
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
FORMATS!GetPlugInInfo+0x00000000000
07d80."
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
KERNELBASE!EnumResourceTypesInterna
l+0x0000000000000589."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9923
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) allows
attackers to execute arbitrary code or cause a
denial of service via a crafted .rle file, related
to a "User Mode Write AV starting at
FORMATS!GetPlugInInfo+0x00000000000
07d96."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10730
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) might allow
attackers to cause a denial of service or
possibly have unspecified other impact via a
crafted .rle file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!RtlpFreeHeap+0x000000000
00003ca."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10735
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
Write AV starting at
FPX+0x000000000000176c."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9531
CONFIR
M(link is
external)
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
Write AV starting at
FPX+0x0000000000001555."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9532
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows remote attackers to
execute arbitrary code or cause a denial of
service via a crafted .fpx file, related to a
"User Mode Write AV starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x0000000000000f53."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9528
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) might allow
attackers to cause a denial of service or
execute arbitrary code via a crafted file,
related to "Data from Faulting Address is
used as one or more arguments in a
subsequent Function Call starting at
ntdll_77df0000!LdrpResCompareResourceN
ames+0x0000000000000150."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9530
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
Write AV starting at
FPX!GetPlugInInfo+0x0000000000016e53."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9535
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9533
CONFIR
M(link is
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Write AV starting at
FPX!DE_Decode+0x0000000000000a9b."
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
Write AV starting at
FPX!GetPlugInInfo+0x0000000000017426."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9534
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "Read Access
Violation on Control Flow starting at
FPX!GetPlugInInfo+0x0000000000012bf2."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9873
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "Read Access
Violation on Block Data Move starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000b84f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9882
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) might allow
attackers to cause a denial of service or
possibly have unspecified other impact via a
crafted .rle file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!RtlpAllocateHeap+0x00000
00000000429."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10732
CONFIR
M(link is
external)
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
irfanview -- irfanview
IrfanView version 4.44 (32bit) with TOOLS
Plugin 4.50 might allow attackers to cause a
denial of service or execute arbitrary code
via a crafted file, related to "Data from
Faulting Address controls Branch Selection
starting at
KERNELBASE!QueryOptionalDelayLoaded
API+0x0000000000000c42."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9918
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
arguments in a subsequent Function Call
starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x0000000000007053."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9891
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at FPX+0x0000000000007216."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9883
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpLowFragHeapFree+0x0
00000000000001f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9886
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9887
CONFIR
M(link is
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
arguments in a subsequent Function Call
starting at FPX+0x000000000000688d."
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to a
"Read Access Violation starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x0000000000003714."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9889
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpCoalesceFreeBlocks+0x
00000000000001b6."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9884
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
arguments in a subsequent Function Call
starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x0000000000006a98."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9885
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) has a "Data
from Faulting Address controls Branch
Selection starting at
USER32!wvsprintfA+0x00000000000002f3"
issue, which might allow attackers to execute
arbitrary code via a crafted file.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8369
CONFIR
M(link is
external)
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.45 allows remote attackers to
execute arbitrary code or cause a denial of
service (Heap Corruption and application
crash) in processing a FlashPix (.FPX) file, a
different vulnerability than CVE-2017-7721.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8370
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "Read Access
Violation on Control Flow starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x00000000000014eb."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9536
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) might allow
attackers to cause a denial of service or
possibly have unspecified other impact via a
crafted .rle file, related to an "Invalid Handle
starting at
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10734
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x00000000000031a0."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9888
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) allows remote
attackers to execute code via a crafted .mov
file, because of a "User Mode Write AV near
NULL" issue.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8766
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls subsequent Write
Address starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000a525."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9879
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to cause a denial
of service or possibly have unspecified other
impact via a crafted .fpx file, related to a
"Read Access Violation starting at
FPX+0x000000000000153a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9890
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) might allow
attackers to cause a denial of service or
possibly have unspecified other impact via a
crafted .rle file, related to "Data from
Faulting Address controls Branch Selection
starting at
ntdll_77df0000!RtlpEnterCriticalSectionCon
tended+0x0000000000000031."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10733
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "Read Access
Violation on Control Flow starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000c99a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9878
CONFIR
M(link is
external)
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at FPX+0x0000000000007236."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9880
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000c995."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9876
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
Write AV starting at
FPX!DE_Decode+0x0000000000000cdb."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9875
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
FPX!FPX_GetScanDevicePropertyGroup+0
x00000000000014e7."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9881
CONFIR
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView version 4.44 (32bit) with FPX
Plugin 4.46 allows attackers to execute
arbitrary code or cause a denial of service via
a crafted .fpx file, related to a "User Mode
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9874
CONFIR
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Write AV starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x0000000000007822."
M(link is
external)
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView 4.44 (32bit) with FPX Plugin 4.47
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
arguments in a subsequent Function Call
starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000b3ae."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10925
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView 4.44 (32bit) with FPX Plugin 4.47
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to a
"Read Access Violation starting at
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10926
MISC(lin
k is
external)
irfanview -- irfanview
IrfanView 4.44 (32bit) with FPX Plugin 4.47
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .fpx
file, related to a "User Mode Write AV
starting at
FPX!FPX_GetScanDevicePropertyGroup+0
x000000000000a529."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10924
MISC(lin
k is
external)
irssi -- irssi
An issue was discovered in Irssi before 1.0.4.
When receiving messages with invalid time
stamps, Irssi would try to dereference a
NULL pointer.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10965
CONFIR
M(link is
external)
CONFIR
M
irssi -- irssi
An issue was discovered in Irssi before 1.0.4.
While updating the internal nick list, Irssi
could incorrectly use the GHashTable
interface and free the nick while updating it.
2017-
07-07 not
yet
CVE-
2017-
10966
CONFIR
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
This would then result in use-after-free
conditions on each access of the hash table.
calcu
lated
M(link is
external)
CONFIR
M
jabberd -- jabberd
JabberD 2.x (aka jabberd2) before 2.6.1
allows anyone to authenticate using SASL
ANONYMOUS, even when the
sasl.anonymous c2s.xml option is not
enabled.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10807
CONFIR
M
CONFIR
M(link is
external)
CONFIR
M(link is
external)
jython -- jython
Jython before 2.7.1rc1 allows attackers to
execute arbitrary code via a crafted serialized
PyFunction object.
2017-
07-06
not
yet
calcu
lated
CVE-
2016-
4000
CONFIR
M
DEBIAN
CONFIR
M
CONFIR
M
CONFIR
M
MISC
MISC(lin
k is
external)
kddi -- home_spot_cube2
HOME SPOT CUBE2 firmware V101 and
earlier allows authenticated attackers to
execute arbitrary OS commands via Clock
Settings.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2183
JVN(link
is
external)
CONFIR
M(link is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
kddi -- home_spot_cube2
HOME SPOT CUBE2 firmware V101 and
earlier allows an attacker to bypass
authentication to load malicious firmware via
WebUI.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2186
JVN(link
is
external)
CONFIR
M(link is
external)
kddi -- home_spot_cube2
HOME SPOT CUBE2 firmware V101 and
earlier allows authenticated attackers to
execute arbitrary OS commands via WebUI.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2185
JVN(link
is
external)
CONFIR
M(link is
external)
kddi -- home_spot_cube2
Buffer overflow in HOME SPOT CUBE2
firmware V101 and earlier allows an attacker
to execute arbitrary code via WebUI.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2184
JVN(link
is
external)
CONFIR
M(link is
external)
knot-dns -- knot-dns
Knot DNS before 2.4.5 and 2.5.x before
2.5.2 contains a flaw within the TSIG
protocol implementation that would allow an
attacker with a valid key name and algorithm
to bypass TSIG authentication if no
additional ACL restrictions are set, because
of an improper TSIG validity period check.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11104
MISC(lin
k is
external)
MISC
MISC(lin
k is
external)
linux -- linux_kernel
The NFSv4 server in the Linux kernel before
4.11.3 does not properly validate the layout
type when processing the NFSv4 pNFS
2017-
07-02 not
yet
CVE-
2017-
8797
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
GETDEVICEINFO or LAYOUTGET
operand in a UDP packet from a remote
attacker. This type value is uninitialized upon
encountering certain error conditions. This
value is used as an array index for
dereferencing, which leads to an OOPS and
eventually a DoS of knfsd and a soft-lockup
of the whole system.
calcu
lated
MISC
MISC
MISC
MISC(lin
k is
external)
BID(link
is
external)
SECTRA
CK(link
is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
linux -- linux_kernel
Memory leak in the virtio_gpu_object_create
function in
drivers/gpu/drm/virtio/virtgpu_object.c in the
Linux kernel through 4.11.8 allows attackers
to cause a denial of service (memory
consumption) by triggering object-
initialization failures.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10810
CONFIR
M
BID(link
is
external)
CONFIR
M(link is
external)
CONFIR
M
linux -- linux_kernel
The make_response function in
drivers/block/xen-blkback/blkback.c in the
Linux kernel before 4.11.8 allows guest OS
users to obtain sensitive information from
host OS (or other guest OS) kernel memory
by leveraging the copying of uninitialized
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10911
CONFIR
M
CONFIR
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
padding fields in Xen block-interface
response structures, aka XSA-216.
M
BID(link
is
external)
CONFIR
M(link is
external)
CONFIR
M
lutim -- lutim
Cross-site scripting (XSS) vulnerability in
Lutim before 0.8 might allow remote
attackers to inject arbitrary web script or
HTML via a crafted filename that is
mishandled in an upload notification and in
the myfiles component, if the attacker can
convince the victim to proceed with an
upload despite the appearance of an XSS
payload in the filename.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10975
MISC
ministry_of_agriculture_forestry_and
_fisheries --
denshinouhin_check_system
Untrusted search path vulnerability in
Installer of Denshinouhin Check System (for
Ministry of Agriculture, Forestry and
Fisheries Nouson Seibi Jigyou) 2014 March
Edition (Ver.9.0.001.001) [Updated on 2017
June 9], (Ver.8.0.001.001) [Updated on 2016
May 31] and earlier allows an attacker to
gain privileges via a Trojan horse DLL in an
unspecified directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2188
MISC(lin
k is
external)
JVN(link
is
external)
ministry_of_education_culture_sports
_science_and_technology --
ebidsettingchecker.exe
Untrusted search path vulnerability in
EbidSettingChecker.exe (version 1.0.0.0)
allows an attacker to gain privileges via a
Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2225
JVN(link
is
external)
MISC(lin
k is
external)
ministry_of_justice --
installer_of_pdf_digital_signature_pl
ugin
Untrusted search path vulnerability in
Installer of PDF Digital Signature Plugin
(G2.30) and earlier, distributed till June 29,
2017 allows an attacker to gain privileges via
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2233
JVN(link
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
a Trojan horse DLL in an unspecified
directory.
is
external)
ministry_of_justice --
installer_of_shinseiyo_sogo_soft
Untrusted search path vulnerability in
Installer of Shinseiyo Sogo Soft (4.8A) and
earlier allows an attacker to gain privileges
via a Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2232
JVN(link
is
external)
ministry_of_land_infrastructure_tr
ansport_and_tourism,_japan --
mlit_denshiseikabutsusakuseishien
kensa
Untrusted search path vulnerability in The
installer of MLIT
DenshiSeikabutsuSakuseiShienKensa system
Ver3.02 and earlier, distributed till June 20,
2017, The self-extracting archive including
the installer of MLIT
DenshiSeikabutsuSakuseiShienKensa system
Ver3.02 and earlier, distributed till June 20,
2017 allows an attacker to gain privileges via
a Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2231
JVN(link
is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
national_institute_for_land_and_infra
structure_management --
douro_kouji_kanseizutou_check
Untrusted search path vulnerability in Douro
Kouji Kanseizutou Check Program Ver3.1
(cdrw_checker_3.1.0.lzh) and earlier allows
remote attackers to gain privileges via a
Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2230
JVN(link
is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
national_institute_for_land_and_i
nfrastructure_management --
douroshisetu_data_sakusei_system
Untrusted search path vulnerability in
Douroshisetu Kihon Data Sakusei System
Ver1.0.2 and earlier allows an attacker to
gain privileges via a Trojan horse DLL in an
unspecified directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2229
JVN(link
is
external)
MISC(lin
k is
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
external)
MISC(lin
k is
external)
national_tax_agency -
- setup_file_of_advance_preparation
Untrusted search path vulnerability in
Installer of "Setup file of advance
preparation" (jizen_setup.exe) (The version
which was available on the website prior to
2017 June 12) allows an attacker to gain
privileges via a Trojan horse DLL in an
unspecified directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2215
MISC(lin
k is
external)
JVN(link
is
external)
MISC(lin
k is
external)
national_tax_agency --
installer_of_setup_file_of_advance_p
reparation_for_e-tax_software
Untrusted search path vulnerability in Setup
file of advance preparation for e-Tax
software (WEB version) (1.17.1) and earlier
allows an attacker to gain privileges via a
Trojan horse DLL in an unspecified
directory.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2226
JVN(link
is
external)
ncurses -- ncurses
In ncurses 6.0, there is a NULL Pointer
Dereference in the _nc_parse_entry function
of tinfo/parse_entry.c. It could lead to a
remote denial of service attack if the
terminfo library code is used to process
untrusted terminfo data.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11113
MISC(lin
k is
external)
ncurses -- ncurses
In ncurses 6.0, there is an attempted
0xffffffffffffffff access in the append_acs
function of tinfo/parse_entry.c. It could lead
to a remote denial of service attack if the
terminfo library code is used to process
untrusted terminfo data.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11112
MISC(lin
k is
external)
netwide_assembler --
netwide_assembler
In Netwide Assembler (NASM) 2.14rc0,
preproc.c allows remote attackers to cause a
denial of service (heap-based buffer overflow
and application crash) or possibly have
unspecified other impact via a crafted file.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11111
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
newport -- xps-cx_and_xps-qx
An Improper Authentication issue was
discovered in Newport XPS-Cx and XPS-
Qx. An attacker may bypass authentication
by accessing a specific uniform resource
locator (URL).
2017-
07-03
not
yet
calcu
lated
CVE-
2017-
7919
BID(link
is
external)
MISC
nitro_pro -- nitro_pro
Nitro Pro 11.0.3 and earlier allows remote
attackers to cause a denial of service
(application crash) via a crafted PCX file.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
7950
CONFIR
M(link is
external)
notepad-plus-plus -- notepad++
Notepad++ 7.3.3 (32-bit) with Hex Editor
Plugin v0.9.5 might allow user-assisted
attackers to execute code via a crafted file,
because of a "Data from Faulting Address
controls Code Flow" issue. One threat model
is a victim who obtains an untrusted crafted
file from a remote location and issues several
user-defined commands.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8803
MISC(lin
k is
external)
nvidia -- nvidia_sound_driver
An elevation of privilege vulnerability in the
NVIDIA sound driver could enable a local
malicious application to execute arbitrary
code within the context of the kernel. This
issue is rated as High due to the possibility of
local arbitrary code execution in a privileged
process in the kernel. Product: Android.
Versions: N/A. Android ID: A-34386301.
References: N-CVE-2017-6247.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
6247
BID(link
is
external)
SECTRA
CK(link
is
external)
CONFIR
M(link is
external)
nvidia -- nvidia_sound_driver
An elevation of privilege vulnerability in the
NVIDIA sound driver could enable a local
malicious application to execute arbitrary
code within the context of the kernel. This
2017-
07-06 not
yet
CVE-
2017-
6248
BID(link
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
issue is rated as Moderate because it first
requires compromising a privileged process.
Product: Android. Versions: N/A. Android
ID: A-34372667. References: N-CVE-2017-
6248.
calcu
lated
is
external)
SECTRA
CK(link
is
external)
CONFIR
M(link is
external)
odoo -- odoo
In Odoo 8.0, Odoo Community Edition 9.0
and 10.0, and Odoo Enterprise Edition 9.0
and 10.0, insecure handling of
anonymization data in the Database
Anonymization module allows remote
authenticated privileged users to execute
arbitrary Python code, because unpickle is
used.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10803
CONFIR
M(link is
external)
odoo -- odoo
In Odoo 8.0, Odoo Community Edition 9.0
and 10.0, and Odoo Enterprise Edition 9.0
and 10.0, incorrect access control on OAuth
tokens in the OAuth module allows remote
authenticated users to hijack OAuth sessions
of other users.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10805
CONFIR
M(link is
external)
odoo -- odoo
In Odoo 8.0, Odoo Community Edition 9.0
and 10.0, and Odoo Enterprise Edition 9.0
and 10.0, remote attackers can bypass
authentication under certain circumstances
because parameters containing 0x00
characters are truncated before reaching the
database layer. This occurs because Psycopg
2.x before 2.6.3 is used.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10804
CONFIR
M
CONFIR
M(link is
external)
CONFIR
M(link is
external)
phpldapadmin -- phpldapadmin
phpLDAPadmin through 1.2.3 has XSS in
htdocs/entry_chooser.php via the form,
element, rdn, or container parameter.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11107
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
MISC(lin
k is
external)
puppet -- puppet_enterprise
Versions of Puppet Enterprise prior to
2016.4.5 or 2017.2.1 failed to mark
MCollective server private keys as sensitive
(a feature added in Puppet 4.6), so key values
could be logged and stored in PuppetDB.
These releases use the sensitive data type to
ensure this won't happen anymore.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
2294
CONFIR
M(link is
external)
puppet -- puppet
Versions of Puppet prior to 4.10.1 will
deserialize data off the wire (from the agent
to the server, in this case) with a attacker-
specified format. This could be used to force
YAML deserialization in an unsafe manner,
which would lead to remote code execution.
This change constrains the format of data on
the wire to PSON or safely decoded YAML.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
2295
BID(link
is
external)
CONFIR
M(link is
external)
quick_emulator -- quick_emulator
The qemu-nbd server in QEMU (aka Quick
Emulator), when built with the Network
Block Device (NBD) Server support, allows
remote attackers to cause a denial of service
(segmentation fault and server crash) by
leveraging failure to ensure that all
initialization occurs before talking to a client
in the nbd_negotiate function.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
9524
MLIST(li
nk is
external)
MLIST
MLIST
radare2 -- radare2
The grub_memmove function in
shlr/grub/kern/misc.c in radare2 1.5.0 allows
remote attackers to cause a denial of service
(heap-based buffer overflow and application
crash) or possibly have unspecified other
impact via a crafted binary file, possibly
related to a read overflow in the
grub_disk_read_small_real function in
kern/disk.c in GNU GRUB 2.02.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10929
CONFIR
M(link is
external)
CONFIR
M(link is
external)
red_hat -- rh-
Red Hat 3scale (aka RH-3scale) API
Management Platform (AMP) before 2.0.0
would permit creation of an access token
without a client secret. An attacker could use
2017-
07-07 not
yet
CVE-
2017-
7512
CONFIR
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
3scale_api_management_platform
this flaw to circumvent authentication
controls and gain access to restricted APIs.
NOTE: some sources have a typo in which
CVE-2017-7512 maps to an OpenVPN
vulnerability. The proper CVE ID for that
OpenVPN vulnerability is CVE-2017-7521.
Specifically, CVE-2017-7521 is the correct
CVE ID for TWO closely related findings in
OpenVPN. Any source that lists BOTH
CVE-2017-7512 and CVE-2017-7521 for
OpenVPN should have listed ONLY CVE-
2017-7521.
calcu
lated
M(link is
external)
CONFIR
M(link is
external)
schneider electric -- wonderware
archestra logger
A Null Pointer Dereference issue was
discovered in Schneider Electric
Wonderware ArchestrA Logger, versions
2017.426.2307.1 and prior. The null pointer
dereference vulnerability could allow an
attacker to crash the logger process, causing
a denial of service for logging and log-
viewing (applications that use the
Wonderware ArchestrA Logger continue to
run when the Wonderware ArchestrA Logger
service is unavailable).
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
9631
MISC(lin
k is
external)
MISC
schneider electric -- wonderware
archestra logger
An Uncontrolled Resource Consumption
issue was discovered in Schneider Electric
Wonderware ArchestrA Logger, versions
2017.426.2307.1 and prior. The uncontrolled
resource consumption vulnerability could
allow an attacker to exhaust the memory
resources of the machine, causing a denial of
service.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
9627
MISC(lin
k is
external)
MISC
schneider electric -- wonderware
archestra logger
A Stack-Based Buffer Overflow issue was
discovered in Schneider Electric
Wonderware ArchestrA Logger, versions
2017.426.2307.1 and prior. The stack-based
buffer overflow vulnerability has been
identified, which may allow a remote
attacker to execute arbitrary code in the
context of a highly privileged account.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
9629
MISC(lin
k is
external)
MISC
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
siemens -- simatic_cp_44x-1_rna
An Improper Authentication issue was
discovered in Siemens SIMATIC CP 44x-1
RNA, all versions prior to 1.4.1. An
unauthenticated remote attacker may be able
to perform administrative actions on the
Communication Process (CP) of the RNA
series module, if network access to Port
102/TCP is available and the configuration
file for the CP is stored on the RNA's CPU.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
6868
MISC
sqlite -- sqlite
The getNodeSize function in ext/rtree/rtree.c
in SQLite through 3.19.3, as used in GDAL
and other products, mishandles undersized
RTree blobs in a crafted database, leading to
a heap-based buffer over-read or possibly
unspecified other impact.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10989
MISC(lin
k is
external)
MISC
MISC(lin
k is
external)
MISC
MISC
stdutility -- stdu_viewer
STDU Viewer version 1.6.375 might allow
user-assisted attackers to execute code via a
crafted file. One threat model is a victim who
obtains an untrusted crafted file from a
remote location and issues several user-
defined commands including Ctrl-+
commands.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8387
MISC(lin
k is
external)
sublime_text -- sublime_text
Sublime Text 3 Build 3126 might allow user-
assisted attackers to execute code via a
crafted .mkv file. One threat model is a
victim who obtains an untrusted crafted file
from a remote location and issues several
user-defined commands, as demonstrated by
Ctrl-A, Delete, and Ctrl-Z.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8368
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in swfcombine, it can lead to a NULL
Pointer Dereference in the swf_DeleteFilter()
function in lib/modules/swffilter.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11096
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in swfc, it can lead to a NULL Pointer
Dereference in the dict_lookup() function in
lib/q.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11097
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in swfcombine, it can lead to a NULL
Pointer Dereference in the swf_Relocate()
function in lib/modules/swftools.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11101
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in png2swf, it can lead to a Segmentation
Violation in the png_load() function in
lib/png.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11098
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in wav2swf, it can lead to a
Segmentation Violation in the
wav_convert2mono() function in lib/wav.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11099
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in ttftool, it can lead to a heap-based
buffer over-read in the readBlock() function
in lib/ttf.c.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10976
MISC(lin
k is
external)
swftools -- swftools
In SWFTools 2013-04-09-1007 on Windows,
png2swf allows remote attackers to cause a
denial of service or possibly have
unspecified other impact via a crafted file,
related to a "Read Access Violation starting
at
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9927
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
image00000000_00400000+0x00000000000
1b5fe."
swftools -- swftools
In SWFTools 2013-04-09-1007 on Windows,
png2swf allows remote attackers to cause a
denial of service or possibly have
unspecified other impact via a crafted file,
related to a "Read Access Violation starting
at
image00000000_00400000+0x00000000000
1b596."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9926
MISC(lin
k is
external)
swftools -- swftools
When SWFTools 0.9.2 processes a crafted
file in swfextract, it can lead to a NULL
Pointer Dereference in the swf_FoldSprite()
function in lib/rxfswf.c.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
11100
MISC(lin
k is
external)
swftools -- swftools
SWFTools 2013-04-09-1007 on Windows
has a "Data from Faulting Address controls
Branch Selection starting at
image00000000_00400000+0x00000000000
03e71" issue. This issue can be triggered by
a malformed TTF file that is mishandled by
font2swf. Attackers could exploit this issue
for DoS (Access Violation).
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8420
MISC(lin
k is
external)
swftools -- swftools
In SWFTools 2013-04-09-1007 on Windows,
png2swf allows remote attackers to execute
arbitrary code or cause a denial of service via
a crafted file, related to a "User Mode Write
AV near NULL starting at
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9925
MISC(lin
k is
external)
swftools -- swftools
In SWFTools 2013-04-09-1007 on Windows,
png2swf allows remote attackers to execute
arbitrary code or cause a denial of service via
a crafted file, related to a "User Mode Write
AV starting at
image00000000_00400000+0x00000000000
1b72a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9924
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
systemd -- systemd
systemd v233 and earlier fails to safely parse
usernames starting with a numeric digit (e.g.
"0day"), running the service in question with
root privileges rather than the user intended.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
1000082
MLIST(li
nk is
external)
CONFIR
M(link is
external)
tcpdump -- tcpdump
tcpdump 4.9.0 allows remote attackers to
cause a denial of service (heap-based buffer
over-read and application crash) via crafted
packet data. The crash occurs in the
EXTRACT_16BITS function, called from
the stp_print function for the Spanning Tree
Protocol.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11108
MISC(lin
k is
external)
teamspeak -- teamspeak_server
A potential Buffer Overflow Vulnerability
(from a BB Code handling issue) has been
identified in TeamSpeak Server version
3.0.13.6 (08/11/2016 09:48:33), it enables
the users to Crash any WINDOWS Client
that clicked into a Vulnerable Channel of a
TeamSpeak Server.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
8290
MISC(lin
k is
external)
telerik -- telerik.web.ui.dll
Telerik.Web.UI.dll in Progress Telerik UI for
ASP.NET AJAX before R2 2017 SP1 and
Sitefinity before 10.0.6412.0 does not
properly protect
Telerik.Web.UI.DialogParametersEncryption
Key or the MachineKey, which makes it
easier for remote attackers to defeat
cryptographic protection mechanisms,
leading to a MachineKey leak, arbitrary file
uploads or downloads, XSS, or ASP.NET
ViewState compromise.
2017-
07-03
not
yet
calcu
lated
CVE-
2017-
9248
CONFIR
M(link is
external)
CONFIR
M(link is
external)
teltonika -- rut9xx_routers
The management interface for the Teltonika
RUT9XX routers (aka LuCI) with firmware
00.03.265 and earlier allows remote attackers
to execute arbitrary commands with root
privileges via shell metacharacters in the
username parameter in a login request.
2017-
07-03
not
yet
calcu
lated
CVE-
2017-
8116
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
MISC(lin
k is
external)
MISC(lin
k is
external)
topdesk -- topdesk
There is reflected XSS in TOPdesk before
5.7.6 and 6.x and 7.x before 7.03.019.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
7276
CONFIR
M(link is
external)
tor_project -- tor
Tor 0.3.x before 0.3.0.9 has a guard-selection
algorithm that only considers the exit relay
(not the exit relay's family), which might
allow remote attackers to defeat intended
anonymity properties by leveraging the
existence of large families.
2017-
07-02
not
yet
calcu
lated
CVE-
2017-
0377
CONFIR
M
CONFIR
M
CONFIR
M(link is
external)
CONFIR
M
CONFIR
M
toshiba -- home_gateway_hem-
gw16a_and_hem_gw26a_firmware
Toshiba Home gateway HEM-GW16A
firmware HEM-GW16A-FW-V1.2.0 and
earlier, Toshiba Home gateway HEM-
GW26A firmware HEM-GW26A-FW-
V1.2.0 and earlier uses hard-coded
credentials, which may allow attackers to
perform operations on device with
administrative privileges.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2236
JVN(link
is
external)
toshiba -- home_gateway_hem-
gw16a_and_hem_gw26a_firmware
Toshiba Home gateway HEM-GW16A
firmware HEM-GW16A-FW-V1.2.0 and
earlier. Toshiba Home gateway HEM-
GW26A firmware HEM-GW26A-FW-
V1.2.0 and earlier allows an attacker to
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2237
JVN(link
is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
execute arbitrary OS commands via
unspecified vectors.
toshiba -- home_gateway_hem-
gw16a_and_hem_gw26a_firmware
Toshiba Home gateway HEM-GW16A
firmware HEM-GW16A-FW-V1.2.0 and
earlier. Toshiba Home gateway HEM-
GW26A firmware HEM-GW26A-FW-
V1.2.0 and earlier allows an attacker to
bypass access restriction to change the
administrator account password via
unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2235
JVN(link
is
external)
toshiba -- home_gateway_hem-
gw16a_and_hem_gw26a_firmware
Toshiba Home gateway HEM-GW16A
firmware HEM-GW16A-FW-V1.2.0 and
earlier, Toshiba Home gateway HEM-
GW26A firmware HEM-GW26A-FW-
V1.2.0 and earlier may allow remote
attackers to access a non-documented
developer screen to perform operations on
device with administrative privileges.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2234
JVN(link
is
external)
toshiba -- home_gateway_hem-
gw16a_and_hem_gw26a_firmware
Cross-site request forgery (CSRF)
vulnerability in Toshiba Home gateway
HEM-GW16A firmware HEM-GW16A-FW-
V1.2.0 and earlier and Toshiba Home
gateway HEM-GW26A firmware HEM-
GW26A-FW-V1.2.0 and earlier allows
remote attackers to hijack the authentication
of administrators via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2238
JVN(link
is
external)
tp-link -- nc250
On TP-Link NC250 devices with firmware
through 1.2.1 build 170515, anyone can view
video and audio without authentication via
an rtsp://admin@yourip:554/h264_hd.sdp
URL.
2017-
07-02
not
yet
calcu
lated
CVE-
2017-
10796
MISC(lin
k is
external)
vim -- vim
Vim 8.0 allows attackers to cause a denial of
service (invalid free) or possibly have
unspecified other impact via a crafted source
(aka -S) file. NOTE: there might be a limited
number of scenarios in which this has
security relevance.
2017-
07-08
not
yet
calcu
lated
CVE-
2017-
11109
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
vladimir_anokhin --
shortcodes_ultimate
Directory traversal vulnerability in
Shortcodes Ultimate prior to version 4.10.0
allows remote attackers to read arbitrary files
via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2245
JVN(link
is
external)
CONFIR
M
CONFIR
M
w3_eden --
wordpress_download_manager
Cross-site scripting vulnerability in
WordPress Download Manager prior to
version 2.9.50 allows remote attackers to
inject arbitrary web script or HTML via
unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2216
JVN(link
is
external)
CONFIR
M
CONFIR
M
w3_eden --
wordpress_download_manager
Open redirect vulnerability in WordPress
Download Manager prior to version 2.9.51
allows remote attackers to redirect users to
arbitrary web sites and conduct phishing
attacks via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2217
JVN(link
is
external)
CONFIR
M
CONFIR
M
web-dorado -- event_calendar_wd
Cross-site scripting vulnerability in WP-
Members prior to version 3.1.8 allows
remote attackers to inject arbitrary web script
or HTML via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2222
JVN(link
is
external)
CONFIR
M
CONFIR
M
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
web-dorado -- event_calendar_wd
Cross-site scripting vulnerability in Event
Calendar WD prior to version 1.0.94 allows
remote attackers to inject arbitrary web script
or HTML via unspecified vectors.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2224
JVN(link
is
external)
CONFIR
M
CONFIR
M
webmin -- webmin
Multiple Cross-site scripting (XSS)
vulnerabilities in Webmin before 1.850 allow
remote attackers to inject arbitrary web script
or HTML via the sec parameter to
view_man.cgi, the referers parameter to
change_referers.cgi, or the name parameter
to save_user.cgi. NOTE: these issues were
not fixed in 1.840.
2017-
07-03
not
yet
calcu
lated
CVE-
2017-
9313
MISC
BID(link
is
external)
SECTRA
CK(link
is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
MISC(lin
k is
external)
winamp -- winamp
Winamp 5.666 Build 3516(x86) might allow
attackers to execute arbitrary code or cause a
denial of service via a crafted .flv file, related
to "Data from Faulting Address may be used
as a return value starting at
f263!GetWinamp5SystemComponent+0x000
0000000001951."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10726
MISC(lin
k is
external)
winamp -- winamp
Winamp 5.666 Build 3516(x86) might allow
attackers to execute arbitrary code or cause a
denial of service via a crafted .flv file, related
to "Error Code (0xe06d7363) starting at
2017-
07-05 not
yet
CVE-
2017-
10728
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
calcu
lated
k is
external)
winamp -- winamp
Winamp 5.666 Build 3516(x86) might allow
attackers to execute arbitrary code or cause a
denial of service via a crafted .flv file, related
to "Data from Faulting Address controls
Branch Selection starting at
in_mp3!DeleteAudioDecoder+0x000000000
000762f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10727
MISC(lin
k is
external)
windjview -- windjview
WinDjView 2.1 might allow user-assisted
attackers to execute code via a crafted .djvu
file, because of a "User Mode Write AV near
NULL" in WinDjView.exe. One threat
model is a victim who obtains an untrusted
.djvu file from a remote location and issues
several "zoom in" (e.g., Ctrl + Plus)
commands.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
7894
MISC(lin
k is
external)
wordpress -- wordpress
The WP Statistics plugin through 12.0.9 for
WordPress has XSS in the rangestart and
rangeend parameters on the
wps_referrers_page page.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10991
MISC(lin
k is
external)
x.org -- x_server
In the X.Org X server before 2017-06-19, a
user authenticated to an X Session could
crash or execute code in the context of the X
Server by exploiting a stack overflow in the
endianness conversion of X Events.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10971
MISC(lin
k is
external)
MISC
MISC
MISC
x.org -- x_server
Uninitialized data in endianness conversion
in the XEvent handling of the X.Org X
Server before 2017-06-19 allowed
authenticated malicious users to access
potentially privileged data from the X server.
2017-
07-06
not
yet
calcu
lated
CVE-
2017-
10972
MISC(lin
k is
external)
MISC
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xen -- xen
The shadow-paging feature in Xen through
4.8.x mismanages page references and
consequently introduces a race condition,
which allows guest OS users to obtain Xen
privileges, aka XSA-219.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10915
BID(link
is
external)
CONFIR
M
xen -- xen
The grant-table feature in Xen through 4.8.x
has a race condition leading to a double free,
which allows guest OS users to cause a
denial of service (memory consumption), or
possibly obtain sensitive information or gain
privileges, aka XSA-218 bug 2.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10914
BID(link
is
external)
CONFIR
M
xen -- xen
The grant-table feature in Xen through 4.8.x
provides false mapping information in
certain cases of concurrent unmap calls,
which allows backend attackers to obtain
sensitive information or gain privileges, aka
XSA-218 bug 1.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10913
BID(link
is
external)
CONFIR
M
xen -- xen
The grant-table feature in Xen through 4.8.x
does not ensure sufficient type counts for a
GNTMAP_device_map and
GNTMAP_host_map mapping, which allows
guest OS users to cause a denial of service
(count mismanagement and memory
corruption) or obtain privileged host OS
access, aka XSA-224 bug 2.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10921
CONFIR
M
xen -- xen
The grant-table feature in Xen through 4.8.x
mishandles a GNTMAP_device_map and
GNTMAP_host_map mapping, when
followed by only a GNTMAP_host_map
unmapping, which allows guest OS users to
cause a denial of service (count
mismanagement and memory corruption) or
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10920
CONFIR
M
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
obtain privileged host OS access, aka XSA-
224 bug 1.
xen -- xen
Xen through 4.8.x does not validate a vCPU
array index upon the sending of an SGI,
which allows guest OS users to cause a
denial of service (hypervisor crash), aka
XSA-225.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10923
BID(link
is
external)
CONFIR
M
xen -- xen
The vCPU context-switch implementation in
Xen through 4.8.x improperly interacts with
the Memory Protection Extensions (MPX)
and Protection Key (PKU) features, which
makes it easier for guest OS users to defeat
ASLR and other protection mechanisms, aka
XSA-220.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10916
CONFIR
M
xen -- xen
The grant-table feature in Xen through 4.8.x
mishandles MMIO region grant references,
which allows guest OS users to cause a
denial of service (loss of grant trackability),
aka XSA-224 bug 3.
2017-
07-04
not
yet
calcu
lated
CVE-
2017-
10922
CONFIR
M
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpLowFragHeapFree+0x0
00000000000001f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10752
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!LdrpFindLoadedDllByMapp
ing+0x0000000000000046."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10753
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
allows user-assisted remote attackers to
execute code via a crafted JPEG 2000 file
that is mishandled during the opening of a
directory in "Browser" mode, because of a
"Stack Buffer Overrun" issue.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8781
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows user-assisted remote attackers to
execute code via a crafted .mkv file that is
mishandled during the opening of a directory
in "Browser" mode, because of a "User
Mode Write AV near NULL" in
XnView.exe.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8381
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpFreeHeap+0x000000000
0000393."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10783
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!LdrpFindLoadedDllByName
+0x00000000000000a5."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10781
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpFreeHeap+0x000000000
00003ca."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10782
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
2017-
07-05 not
yet
CVE-
2017-
10780
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
xnview+0x0000000000372b4a."
calcu
lated
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
xnview+0x0000000000013a20."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10779
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!memcmp+0x000000000000
0018" (without RPC initialization).
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10769
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
MSCTF!_CtfImeCreateThreadMgr+0x00000
000000000a8."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10773
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpCreateSplitBlock+0x000
000000000053a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10770
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to a
"Read Access Violation starting at
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10776
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
ntdll_77df0000!LdrShutdownProcess+0x000
0000000000130."
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to a
"Read Access Violation starting at
GDI32!ScriptGetCMapWithSurrogate+0x00
000000000001cb."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10775
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!memcmp+0x000000000000
0018" (with RPC initialization).
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10772
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at xnview+0x000000000022bf8d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10748
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
xnview+0x0000000000372b24."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10777
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpCreateSplitBlock+0x000
0000000000510."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10771
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
xnview+0x0000000000233125."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10778
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV near
NULL starting at
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10749
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!LdrpFindLoadedDllByHandl
e+0x0000000000000031."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10763
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
GDI32!ScriptStringAnalyse+0x0000000000
0001c8."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10766
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
IMM32!ImmLockImeDpi+0x000000000000
0050."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10765
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
COMCTL32!Tab_OnGetItem+0x000000000
000002f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10764
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpAllocateHeap+0x00000
0000000042f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10762
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpAllocateHeap+0x00000
00000000429."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10761
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
COMCTL32!SetStatusText+0x00000000000
00029."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10760
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!LdrpInsertDependencyRecor
d+0x0000000000000039."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10759
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpCoalesceFreeBlocks+0x
00000000000001b6."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10757
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpEnterCriticalSectionCon
tended+0x0000000000000031."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10754
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpInsertFreeBlock+0x0000
0000000001ca."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10768
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpRemoveUCRBlock+0x0
000000000000046."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10756
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
GDI32!GenericEngineGetGlyphs+0x000000
0000000133."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10751
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "User Mode
Write AV starting at
Xfpx+0x0000000000004efd."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9529
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpCoalesceFreeBlocks+0x
00000000000004b4."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10758
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV near
NULL starting at
ntdll_77df0000!RtlEnterCriticalSection+0x0
000000000000012."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10750
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!LdrpInitializeThread+0x000
000000000010b."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10755
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .bie file, related to a "Read Access
Violation on Block Data Move starting at
Xjbig+0x000000000000121b."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9914
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9905
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Selection starting at
Xfpx!gffGetFormatInfo+0x00000000000228
e8."
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at
ntdll_77df0000!RtlEnterCriticalSection+0x0
000000000000012."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10746
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Stack Buffer Overrun (/GS
Exception) starting at
ntdll_77df0000!RtlProcessFlsData+0x00000
000000000b0."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10745
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "User Mode
Write AV starting at
Xfpx!gffGetFormatInfo+0x00000000000292
72."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9894
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "Read Access
Violation on Control Flow starting at
Xfpx!gffGetFormatInfo+0x0000000000013e
8a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9896
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
might allow attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .rle file, related to "Data
from Faulting Address controls Branch
Selection starting at
KERNELBASE!StateObjectListFind+0x000
0000000000005."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10767
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "Read Access
Violation on Control Flow starting at
Xfpx!gffGetFormatInfo+0x0000000000020e
95."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9895
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Read Access Violation on
Control Flow starting at
COMCTL32!CToolTipsMgr::s_ToolTipsWn
dProc+0x0000000000000032."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10744
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "User Mode
Write AV starting at
Xfpx!gffGetFormatInfo+0x00000000000125
48."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9893
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpLowFragHeapFree+0x0
00000000000001f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9904
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
Xfpx!gffGetFormatInfo+0x000000000002e3
88."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9899
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9900
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Xfpx!gffGetFormatInfo+0x000000000002e3
85."
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "User Mode
Write AV starting at
Xfpx+0x0000000000004cbb."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9898
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at Xfpx+0x00000000000117ff."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9903
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to "Data from
Faulting Address controls subsequent Write
Address starting at
Xfpx!gffGetFormatInfo+0x000000000002bf
d5."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9901
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to "Data from
Faulting Address controls Code Flow starting
at
Xfpx!gffGetFormatInfo+0x0000000000020e
91."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9902
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
arguments in a subsequent Function Call
starting at Xfpx+0x0000000000010e81."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9911
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to execute code via a
crafted .fpx file, related to a "User Mode
2017-
07-05 not
yet
CVE-
2017-
9897
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
Write AV starting at
Xfpx+0x000000000000dcab."
calcu
lated
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to
"Possible Stack Corruption starting at
Xfpx!gffGetFormatInfo+0x0000000000022e
1f."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9907
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to a
"Read Access Violation starting at
Xfpx+0x000000000000d6da."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9908
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Data Execution Prevention
Violation starting at Unknown Symbol @
0x000000000c1b541c called from
xnview+0x00000000003826ec."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10739
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to an
"Error Code (0xc000041d) starting at
wow64!Wow64NotifyDebugger+0x0000000
00000001d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9910
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlpFreeHeap+0x000000000
0000393."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9912
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address is used as one or more
arguments in a subsequent Function Call
starting at
Xfpx!gffGetFormatInfo+0x00000000000285
08."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9906
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!TpAllocCleanupGroup+0x0
0000000000003d7."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9913
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Stack Buffer Overrun (/GS
Exception) starting at
ntdll_77df0000!LdrpInitializeNode+0x00000
0000000015b."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10743
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows remote attackers to cause a denial of
service or possibly have unspecified other
impact via a crafted .fpx file, related to "Data
from Faulting Address controls Branch
Selection starting at
ntdll_77df0000!RtlAddAccessAllowedAce+
0x000000000000027a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
9909
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Data Execution Prevention
Violation starting at Unknown Symbol @
0x00000000380a0500 called from
ntdll_77df0000!LdrxCallInitRoutine+0x0000
000000000016."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10742
MISC(lin
k is
external)
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at
ntdll_77df0000!RtlRbInsertNodeEx+0x0000
00000000002d."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10740
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "Data Execution Prevention
Violation starting at Unknown Symbol @
0x000000002f32332f called from
KERNELBASE!CompareStringW+0x00000
00000000082."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10738
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at
ntdll_77df0000!RtlpWaitOnCriticalSection+
0x0000000000000121."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10741
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at
msvcrt!_VEC_memzero+0x0000000000000
06a."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10736
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at xnview+0x000000000037a8aa."
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10747
MISC(lin
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows attackers to execute arbitrary code or
cause a denial of service via a crafted .rle
file, related to a "User Mode Write AV
starting at
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
10737
MISC(lin
Primary
Vendor -- Product Description
Publi
shed
CVS
S
Scor
e
Source
& Patch
Info
ntdll_77df0000!RtlpCoalesceFreeBlocks+0x
00000000000002e6."
k is
external)
xnview -- xnview
XnView Classic for Windows Version 2.40
allows user-assisted remote attackers to
execute code via a crafted .mov file that is
mishandled during the opening of a directory
in "Browser" mode, because of a "User
Mode Write AV near NULL" in
XnView.exe.
2017-
07-05
not
yet
calcu
lated
CVE-
2017-
8282
MISC(lin
k is
external)
yaws -- yaws
Yaws 1.91 allows Unauthenticated Remote
File Disclosure via HTTP Directory
Traversal with /%5C../ to port 8080.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
10974
MISC
EXPLOI
T-
DB(link
is
external)
yuki_hattori -- marp
Marp versions v0.0.10 and earlier may allow
an attacker to access local resources and files
using JavaScript.
2017-
07-07
not
yet
calcu
lated
CVE-
2017-
2239
JVN(link
is
external)
gnu_pspp -- gnu_pspp
There is a NULL Pointer Dereference in the
function ll_insert() of the libpspp library in
GNU PSPP 0.10.5-pre2. For example, a
crash was observed within the library code
when attempting to convert invalid SPSS
data into CSV format. A crafted input will
lead to a remote denial of service attack.
2017-
07-01
not
yet
calcu
lated
CVE-
2017-
10792
BID(link
is
external)
MISC(lin
k is
external)