Vulnerability Summary for the Week of June 12, 2017
Please Note:
• The vulnerabilities are categorized by their level of severity which is either High, Medium or
Low.
• The CVE identity number is the publicly known ID given to that particular vulnerability.
Therefore, you can search the status of that particular vulnerability using that ID.
• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the severity of the vulnerability.
High Vulnerabilities Primary CVSS Source & Patch Vendor -- Product Description Published Score Info The cr_parser_parse_selector_core function in CVE-2017-8871 cr-parser.c in libcroco 0.6.12 allows remote MISC attackers to cause a denial of service (infinite EXPLOIT- loop and CPU consumption) via a crafted CSS 2017-06- DB(link is
gnome -- libcroco file. 12 7.1 external)
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute CVE-2014-9984 the size of an internal buffer when processing BID(link is netgroup requests, possibly leading to an nscd external) daemon crash or code execution as the user 2017-06- CONFIRM
gnu -- glibc running nscd. 12 7.5 CONFIRM
CVE-2014-9960 BID(link is In all Android releases from CAF using the external) Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in the PlayReady API. 13 9.3 is external)
CVE-2014-9961 In all Android releases from CAF using the BID(link is Linux kernel, a vulnerability in eMMC write external) protection exists that can be used to bypass 2017-06- CONFIRM(link
google -- android power-on write protection. 13 9.3 is external) Primary CVSS Source & Patch Vendor -- Product Description Published Score Info CVE-2015-9023 BID(link is In all Android releases from CAF using the external) Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in the PlayReady API. 13 9.3 is external)
CVE-2015-9025 BID(link is In all Android releases from CAF using the external) Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in a QTEE application. 13 9.3 is external)
CVE-2015-9028 BID(link is In all Android releases from CAF using the external) Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in a cryptographic routine. 13 9.3 is external)
CVE-2016- 10340 In all Android releases from CAF using the BID(link is Linux kernel, an integer underflow leading to external) buffer overflow vulnerability exists in a syscall 2017-06- CONFIRM(link
google -- android handler. 13 9.3 is external)
CVE-2016- 10342 BID(link is In all Android releases from CAF using the external) Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in a syscall handler. 13 9.3 is external)
In all Android releases from CAF using the CVE-2017-7365 Linux kernel, a buffer overread can occur if a 2017-06- CONFIRM(link
google -- android particular string is not NULL terminated. 13 9.3 is external)
In all Android releases from CAF using the Linux kernel, a race condition exists in a video CVE-2017-7372 driver potentially leading to buffer overflow or 2017-06- CONFIRM(link
google -- android write to arbitrary pointer location. 13 7.6 is external)
In all Android releases from CAF using the CVE-2017-8236 Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in an IPA driver. 13 9.3 is external) Primary CVSS Source & Patch Vendor -- Product Description Published Score Info In all Android releases from CAF using the CVE-2017-8237 Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists while loading a firmware image. 13 9.3 is external)
In all Android releases from CAF using the CVE-2017-8238 Linux kernel, a buffer overflow vulnerability 2017-06- CONFIRM(link
google -- android exists in a camera function. 13 9.3 is external)
In all Android releases from CAF using the CVE-2017-8240 Linux kernel, a kernel driver has an off-by-one 2017-06- CONFIRM(link
google -- android buffer over-read vulnerability. 13 9.3 is external)
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability CVE-2017-8241 exists in a WLAN function due to an incorrect 2017-06- CONFIRM(link
google -- android message length. 13 9.3 is external)
CVE-2016-7819 CONFIRM(link I-O DATA DEVICE TS-WRLP firmware is external) version 1.01.02 and earlier and TS-WRLA BID(link is firmware version 1.01.02 and earlier allows an external) iodata -- ts- attacker with administrator rights to execute 2017-06- JVN(link is
wrla_firmware arbitrary OS commands via unspecified vectors. 09 9.0 external)
CVE-2016-7820 Buffer overflow in I-O DATA DEVICE TS- CONFIRM(link WRLP firmware version 1.01.02 and earlier and is external) TS-WRLA firmware version 1.01.02 and earlier BID(link is allows an attacker with administrator rights to external) iodata -- ts- cause a denial-of-service (DoS) or execute 2017-06- JVN(link is
wrla_firmware arbitrary code via unspecified vectors. 09 9.0 external)
CVE-2016-7806 CONFIRM(link is external) I-O DATA DEVICE WFS-SR01 firmware BID(link is version 1.10 and earlier allow remote attackers to external) iodata -- wfs- execute arbitrary OS commands via unspecified 2017-06- JVN(link is
sr01_firmware vectors. 09 10.0 external)
The quicktime_read_moov function in moov.c in CVE-2017-9122 libquicktime 1.2.4 allows remote attackers to EXPLOIT- libquicktime -- cause a denial of service (infinite loop and CPU 2017-06- DB(link is
libquicktime consumption) via a crafted mp4 file. 12 7.1 external) Primary CVSS Source & Patch Vendor -- Product Description Published Score Info CVE-2016-7836 BID(link is external) CONFIRM(link is external) SKYSEA Client View Ver.11.221.03 and earlier JVN(link is allows remote code execution via a flaw in external) skygroup -- processing authentication on the TCP connection 2017-06- CONFIRM(link
skysea_client_view with the management console program. 09 10.0 is external)
Medium Vulnerabilities Primary CVSS Source & Vendor -- Product Description Published Score Patch Info CVE-2016- 7837 BID(link is Buffer overflow in BlueZ 5.41 and earlier external) allows an attacker to execute arbitrary CONFIRM code via the parse_line function used in 2017-06- JVN(link is
bluez -- bluez some userland utilities. 09 4.6 external)
CVE-2016- 7821 CONFIRM(link Buffalo WNC01WH devices with is external) firmware version 1.0.0.8 and earlier allow BID(link is remote attackers to cause a denial of external) buffalotech -- service against the management screen via 2017-06- JVN(link is
wnc01wh_firmware unspecified vectors. 09 4.3 external)
CVE-2016- Cross-site request forgery (CSRF) 7822 vulnerability in Buffalo WNC01WH CONFIRM(link devices with firmware version 1.0.0.8 and is external) earlier allows remote attackers to hijack BID(link is the authentication of a logged in user to external) buffalotech -- perform unintended operations via 2017-06- JVN(link is
wnc01wh_firmware unspecified vectors. 09 6.8 external)
CVE-2016- Buffalo NC01WH devices with firmware 7824 buffalotech -- 2017-06- version 1.0.0.8 and earlier allows CONFIRM(link wnc01wh_firmware 09 6.5 authenticated attackers to bypass access is external) Primary CVSS Source & Vendor -- Product Description Published Score Patch Info restriction to enable the debug option via BID(link is unspecified vectors. external) JVN(link is external)
CVE-2016- 7825 CONFIRM(link Directory traversal vulnerability in Buffalo is external) WNC01WH devices with firmware BID(link is version 1.0.0.8 and earlier allows external) buffalotech -- authenticated attackers to read arbitrary 2017-06- JVN(link is
wnc01wh_firmware files via specially crafted commands. 09 4.0 external)
CVE-2016- 7826 CONFIRM(link Directory traversal vulnerability in Buffalo is external) WNC01WH devices with firmware BID(link is version 1.0.0.8 and earlier allows external) buffalotech -- authenticated attackers to read arbitrary 2017-06- JVN(link is
wnc01wh_firmware files via specially crafted POST requests. 09 4.0 external)
Cross-site scripting vulnerability in WP CVE-2017- Live Chat Support prior to version 7.0.07 2187 allows remote attackers to inject arbitrary JVN(link is codecabin_ -- web script or HTML via unspecified 2017-06- external)
wp_live_chat_support vectors. 09 4.3 CONFIRM
CVE-2016- 7808 CONFIRM(link Cross-site scripting vulnerability in is external) Corega CG-WLBARGMH and CG- BID(link is WLBARGNL allows remote attackers to external) corega -- cg- inject arbitrary web script or HTML via 2017-06- JVN(link is
wlbargnl_firmware unspecified vectors. 09 4.3 external)
Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX CVE-2016- firmware Ver. 1.20 and earlier allows 7809 remote attackers to hijack the CONFIRM(link authentication of logged in user to conduct is external) corega -- cg- unintended operations via unspecified 2017-06- BID(link is wlr300nx_firmware vectors. 09 6.8 external) Primary CVSS Source & Vendor -- Product Description Published Score Patch Info JVN(link is external)
CVE-2016- 7811 CONFIRM(link Corega CG-WLR300NX firmware Ver. is external) 1.20 and earlier allows an attacker on the BID(link is same network segment to bypass access external) corega -- cg- restriction to perform arbitrary operations 2017-06- JVN(link is
wlr300nx_firmware via unspecified vectors. 09 5.8 external)
CVE-2016- 7832 BID(link is Cybozu Dezie 8.0.0 to 8.1.1 allows remote external) attackers to bypass access restrictions to JVN(link is obtain an arbitrary DBM (Cybozu Dezie external) proprietary format) file via unspecified 2017-06- CONFIRM(link
cybozu -- dezie vectors. 09 5.0 is external)
CVE-2016- 7833 BID(link is Cybozu Dezie 8.0.0 to 8.1.1 allows remote external) attackers to bypass access restrictions to JVN(link is delete an arbitrary DBM (Cybozu Dezie external) proprietary format) file via unspecified 2017-06- CONFIRM(link
cybozu -- dezie vectors. 09 6.4 is external)
CVE-2016- 4906 BID(link is Cross-site scripting vulnerability in external) Cybozu Garoon 3.0.0 to 4.2.2 allows JVN(link is remote attackers to inject arbitrary web external) script or HTML via "Messages" function 2017-06- CONFIRM(link
cybozu -- garoon of Cybozu Garoon Keitai. 09 4.3 is external)
CVE-2016- 4907 BID(link is Cybozu Garoon 3.0.0 to 4.2.2 allow external) remote attackers to obtain CSRF tokens 2017-06- JVN(link is cybozu -- garoon via unspecified vectors. 09 6.8 external) Primary CVSS Source & Vendor -- Product Description Published Score Patch Info CONFIRM(link is external)
CVE-2016- 4908 BID(link is external) BID(link is Cybozu Garoon 3.0.0 to 4.2.2 allows external) remote authenticated attackers to bypass JVN(link is access restriction to alter or delete another external) user's private RSS settings via unspecified 2017-06- CONFIRM(link
cybozu -- garoon vectors. 09 4.0 is external)
CVE-2016- 4909 BID(link is external) BID(link is Cross-site request forgery (CSRF) external) vulnerability in Cybozu Garoon 3.0.0 to JVN(link is 4.2.2 allows remote attackers to hijack the external) authentication of a logged in user to force 2017-06- CONFIRM(link
cybozu -- garoon a logout via unspecified vectors. 09 4.3 is external)
CVE-2016- 4910 BID(link is Cybozu Garoon 3.0.0 to 4.2.2 allows external) remote authenticated attackers to bypass JVN(link is access restriction to delete other external) operational administrators' MultiReport 2017-06- CONFIRM(link
cybozu -- garoon filters via unspecified vectors. 09 4.0 is external)
CVE-2016- 7801 BID(link is external) Cybozu Garoon 3.0.0 to 4.2.2 allows JVN(link is remote attackers to bypass access external) restrictions to delete other users' To-Dos 2017-06- CONFIRM(link
cybozu -- garoon via unspecified vectors. 09 4.0 is external)
CVE-2016- 2017-06- Directory traversal vulnerability in Cybozu 7802 cybozu -- garoon 09 4.0 Garoon 3.0.0 to 4.2.2 allows remote BID(link is Primary CVSS Source & Vendor -- Product Description Published Score Patch Info authenticated attackers to read arbitrary external) files via unspecified vectors. JVN(link is external) CONFIRM(link is external)
CVE-2016- 7803 BID(link is SQL injection vulnerability in the Cybozu external) Garoon 3.0.0 to 4.2.2 allows remote JVN(link is authenticated attackers to execute arbitrary external) SQL commands via "MultiReport" 2017-06- CONFIRM(link
cybozu -- garoon function. 09 6.5 is external)
CVE-2016- 7813 Cross-site scripting vulnerability in CONFIRM(link DERAEMON-CMS version 0.8.9 and is external) earlier allows remote attackers to inject BID(link is arbitrary web script or HTML via the external) parameters hostname, database and 2017-06- JVN(link is
emon-cms -- deraemon-cms username. 09 4.3 external)
CVE-2016- Sleipnir 4 Black Edition for Mac 4.5.3 and 7831 earlier and Sleipnir 4 for Mac 4.5.3 and BID(link is earlier (Mac App Store) may allow a external) remote attacker to spoof the URL display 2017-06- JVN(link is
fenrir-inc -- sleipnir via a specially crafted webpage. 09 5.8 external)
CVE-2017- The cr_tknzr_parse_comment function in 8834 cr-tknzr.c in libcroco 0.6.12 allows remote MISC attackers to cause a denial of service EXPLOIT- (memory allocation error) via a crafted 2017-06- DB(link is
gnome -- libcroco CSS file. 12 4.3 external)
A remote code execution vulnerability in CVE-2017- System UI component could enable an 0638 attacker using a specially crafted file to BID(link is execute arbitrary code within the context external) of an unprivileged process. This issue is 2017-06- CONFIRM(link rated as High because it is a remote google -- android 14 6.8 is external) arbitrary code execution in an unprivileged Primary CVSS Source & Vendor -- Product Description Published Score Patch Info process. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36368305.
In all Android releases from CAF using CVE-2017- the Linux kernel, a race condition exists in 8242 a QTEE driver potentially leading to an 2017-06- CONFIRM(link
google -- android arbitrary memory write. 13 4.3 is external)
CVE-2016- 7835 BID(link is Use-after-free vulnerability in H2O allows external) remote attackers to cause a denial-of- CONFIRM(link service (DoS) or obtain server certificate is external) private keys and possibly other 2017-06- JVN(link is
h2o_project -- h2o information. 09 6.4 external)
CVE-2016- IBM Maximo Asset Management 7.5 and 9984 7.6 could allow a remote authenticated CONFIRM(link attacker to execute arbitrary commands on is external) ibm -- the system as administrator. IBM X-Force 2017-06- MISC(link is
maximo_asset_management ID: 120276. 13 6.5 external)
CVE-2016- 7814 CONFIRM(link I-O DATA DEVICE TS-WRLP firmware is external) version 1.00.01 and earlier and TS-WRLA BID(link is firmware version 1.00.01 and earlier allow external) remote attackers to obtain authentication 2017-06- JVN(link is
iodata -- ts-wrla_firmware credentials via unspecified vectors. 09 5.0 external)
CVE-2016- 7807 CONFIRM(link I-O DATA DEVICE WFS-SR01 firmware is external) version 1.10 and earlier allow remote BID(link is attackers to bypass access restriction to external) access data on storage devices inserted 2017-06- JVN(link is
iodata -- wfs-sr01_firmware into the product via unspecified vectors. 09 5.0 external)
CVE-2017- Hands-on Vulnerability Learning Tool 2179 "AppGoat" for Web Application V3.0.2 2017-06- JVN(link is and earlier allows remote code execution ipa -- appgoat 09 6.8 external) via unspecified vectors, a different Primary CVSS Source & Vendor -- Product Description Published Score Patch Info vulnerability than CVE-2017-2181 and CVE-2017-2182.
Hands-on Vulnerability Learning Tool CVE-2017- "AppGoat" for Web Application V3.0.2 2180 and earlier allow remote attackers to 2017-06- JVN(link is
ipa -- appgoat obtain local files via unspecified vectors. 09 4.3 external)
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to CVE-2017- obtain local files via unspecified vectors, a 2181 different vulnerability than CVE-2017- 2017-06- JVN(link is
ipa -- appgoat 2179 and CVE-2017-2182. 09 6.8 external)
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to CVE-2017- obtain local files via unspecified vectors, a 2182 different vulnerability than CVE-2017- 2017-06- JVN(link is
ipa -- appgoat 2179 and CVE-2017-2181. 09 6.8 external)
The lqt_frame_duration function in CVE-2017- lqt_quicktime.c in libquicktime 1.2.4 9123 allows remote attackers to cause a denial EXPLOIT- of service (invalid memory read and 2017-06- DB(link is
libquicktime -- libquicktime application crash) via a crafted mp4 file. 12 4.3 external)
The quicktime_match_32 function in util.c CVE-2017- in libquicktime 1.2.4 allows remote 9124 attackers to cause a denial of service EXPLOIT- (NULL pointer dereference and 2017-06- DB(link is
libquicktime -- libquicktime application crash) via a crafted mp4 file. 12 4.3 external)
The lqt_frame_duration function in CVE-2017- lqt_quicktime.c in libquicktime 1.2.4 9125 allows remote attackers to cause a denial EXPLOIT- of service (heap-based buffer over-read) 2017-06- DB(link is
libquicktime -- libquicktime via a crafted mp4 file. 12 4.3 external)
The quicktime_read_dref_table function in CVE-2017- dref.c in libquicktime 1.2.4 allows remote 9126 attackers to cause a denial of service EXPLOIT- (heap-based buffer overflow and 2017-06- DB(link is
libquicktime -- libquicktime application crash) via a crafted mp4 file. 12 4.3 external) Primary CVSS Source & Vendor -- Product Description Published Score Patch Info The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime CVE-2017- 1.2.4 allows remote attackers to cause a 9127 denial of service (heap-based buffer EXPLOIT- overflow and application crash) via a 2017-06- DB(link is
libquicktime -- libquicktime crafted mp4 file. 12 4.3 external)
The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 CVE-2017- allows remote attackers to cause a denial 9128 of service (heap-based buffer over-read EXPLOIT- and application crash) via a crafted mp4 2017-06- DB(link is
libquicktime -- libquicktime file. 12 4.3 external)
CVE-2016- 7817 Cross-site scripting vulnerability in Simple BID(link is keitai chat 2.0 and earlier allows remote external) simple_keitai_chat_project - attackers to inject arbitrary web script or 2017-06- JVN(link is
- simple_keitai_chat HTML via unspecified vectors. 09 4.3 external)
CVE-2017- 0375 BID(link is The hidden-service feature in Tor before external) 0.3.0.8 allows a denial of service CONFIRM(link (assertion failure and daemon exit) in the is external) relay_send_end_cell_from_edge_ function 2017-06- CONFIRM
torproject -- tor via a malformed BEGIN cell. 09 5.0 CONFIRM
The hidden-service feature in Tor before CVE-2017- 0.3.0.8 allows a denial of service 0376 (assertion failure and daemon exit) in the CONFIRM(link connection_edge_process_relay_cell is external) function via a BEGIN_DIR cell on a 2017-06- CONFIRM
torproject -- tor rendezvous circuit. 09 5.0 CONFIRM
The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for CVE-2016- iOS version 2.2.4.1 and earlier do not 7805 verify X.509 certificates from SSL servers, BID(link is which allows man-in-the-middle attackers external) to spoof servers and obtain sensitive 2017-06- JVN(link is
unisys -- mobigate information via a crafted certificate. 09 4.3 external)
Low Vulnerabilities Primary CVSS Source & Patch Vendor -- Product Description Published Score Info admin.php in BigTree through 4.2.18 allows remote authenticated users to cause a denial of service (inability to CVE-2017-9546 save revisions) via XSS sequences in 2017-06- CONFIRM(link
bigtreecms -- bigtree_cms a revision name. 12 3.5 is external)
admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future CVE-2017-9547 publication (aka a pending page 2017-06- CONFIRM(link
bigtreecms -- bigtree_cms change). 12 3.5 is external)
admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching a Home Template Edit Page action and entering the Navigation Title of a page CVE-2017-9548 that is scheduled for future publication 2017-06- CONFIRM(link
bigtreecms -- bigtree_cms (aka a pending page change). 12 3.5 is external)
CVE-2016-7823 Cross-site scripting vulnerability in CONFIRM(link Buffalo WNC01WH devices with is external) firmware version 1.0.0.8 and earlier BID(link is allows authenticated attackers to inject external) buffalotech -- arbitrary web script or HTML via 2017-06- JVN(link is
wnc01wh_firmware unspecified vectors. 09 2.3 external)
CVE-2016-7810 Cross-site scripting vulnerability in CONFIRM(link Corega CG-WLR300NX firmware is external) Ver. 1.20 and earlier allows attacker BID(link is with administrator rights to inject external) corega -- cg- arbitrary web script or HTML via 2017-06- JVN(link is
wlr300nx_firmware unspecified vectors. 09 3.5 external) Primary CVSS Source & Patch Vendor -- Product Description Published Score Info IBM iNotes 8.5 and 9.0 could allow a CVE-2017-1214 remote attacker to send a malformed CONFIRM(link email to a victim, that when opened is external) could cause an information disclosure. 2017-06- MISC(link is
ibm -- inotes IBM X-Force ID: 123854. 12 3.5 external)
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This CVE-2017-1247 vulnerability allows users to embed CONFIRM(link arbitrary JavaScript code in the Web is external) UI thus altering the intended BID(link is functionality potentially leading to external) ibm -- credentials disclosure within a trusted 2017-06- MISC(link is
rational_doors_next_generation session. IBM X-Force ID: 124627. 12 3.5 external)
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This CVE-2017-1276 vulnerability allows users to embed CONFIRM(link arbitrary JavaScript code in the Web is external) UI thus altering the intended BID(link is functionality potentially leading to external) ibm -- credentials disclosure within a trusted 2017-06- MISC(link is
rational_doors_next_generation session. IBM X-Force ID: 124751. 12 3.5 external)
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A CVE-2017-1278 remote attacker could inject malicious CONFIRM(link HTML code, which when viewed, is external) would be executed in the victim's BID(link is Web browser within the security external) ibm -- context of the hosting site. IBM X- 2017-06- MISC(link is
rational_doors_next_generation Force ID: 124756. 12 3.5 external)
An information disclosure vulnerability in the kernel ION subsystem could enable a local CVE-2017-0651 malicious application to access data BID(link is outside of its permission levels. This external) issue is rated as Low because it first 2017-06- CONFIRM(link requires compromising a privileged linux -- linux_kernel 14 2.6 is external) process. Product: Android. Versions: Primary CVSS Source & Patch Vendor -- Product Description Published Score Info Kernel-3.18. Android ID: A- 35644815.
Severity Not Yet Assigned Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- 2017-2178 JVN(link is Untrusted search path vulnerability in external) Installer of electronic tendering and bid CONFIRM opening system available prior to May (link is 25, 2017, allows an attacker to gain not yet external) acquisition_technology_logistics_ag privileges via a Trojan horse DLL in an 2017- calculaBID(link is ency -- electronic_bidding_system unspecified directory. 06-09 ted external)
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices CVE- through 1.40.0, and other products, an 2017-9097 LFI vulnerability allows a remote MISC(link attacker to read or modify files through a is external) path traversal technique, as demonstrated MISC(link by reading the password file, or using the not yet is external) anti-web -- anti-web template parameter to cgi-bin/write.cgi to 2017- calculaMISC(link write to an arbitrary file. 06-15 ted is external)
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers CVE- could be written to the log files. This 2016- information could be used to hijack 1000219 sessions of other users when using not yet CONFIRM apache -- kibana Kibana behind some form of 2017- calcula(link is authentication such as Shield. 06-16 ted external)
not yet With X-Pack installed, Kibana versions CVE- apache -- kibana 2017- calcula before 5.3.1 have an open redirect 2017-8451 06-16 ted vulnerability on the login page that CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info would enable an attacker to craft a link (link is that redirects to an arbitrary website. external)
CVE- Kibana versions before 4.6.3 and 5.0.1 2016- have an open redirect vulnerability that 10365 would enable an attacker to craft a link in not yet CONFIRM apache -- kibana the Kibana domain that redirects to an 2017- calcula(link is arbitrary website. 06-16 ted external)
Kibana versions prior to 5.2.1 configured CVE- for SSL client access, file descriptors will 2017-8452 fail to be cleaned up after certain requests not yet CONFIRM apache -- kibana and will accumulate over time until the 2017- calcula(link is process crashes. 06-16 ted external)
CVE- 2016- 10366 Kibana versions after and including 4.3 not yet CONFIRM apache -- kibana and before 4.6.2 are vulnerable to a 2017- calcula(link is cross-site scripting (XSS) attack. 06-16 ted external)
CVE- 2016- Kibana before 4.5.4 and 4.1.11 are 1000220 vulnerable to an XSS attack that would not yet CONFIRM apache -- kibana allow an attacker to execute arbitrary 2017- calcula(link is JavaScript in users' browsers. 06-16 ted external)
Kibana Reporting plugin version 2.4.0 is CVE- vulnerable to a CSRF vulnerability that 2016- could allow an attacker to generate 1000218 superfluous reports whenever an not yet CONFIRM apache -- kibana authenticated Kibana user navigates to a 2017- calcula(link is specially-crafted page. 06-16 ted external)
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly CVE- authenticating requests to advanced 2016- settings and the short URL service, any 10364 authenticated user could make requests to not yet CONFIRM apache -- kibana those services regardless of their own 2017- calcula(link is permissions. 06-16 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- 2015-9056 not yet CONFIRM apache -- kibana Kibana versions prior to 4.1.3 and 4.2.1 2017- calcula(link is are vulnerable to a XSS attack. 06-16 ted external)
CVE- Apache NiFi before 0.7.4 and 1.x before 2017-7667 1.3.0 need to establish the response not yet BID(link is header telling browsers to only allow 2017- calculaexternal) apache -- nifi framing with the same origin. 06-12 ted MLIST
In Apache NiFi before 0.7.4 and 1.x CVE- before 1.3.0, there are certain user input 2017-7665 components in the UI which had been not yet BID(link is apache -- nifi guarding for some forms of XSS issues 2017- calculaexternal) but were insufficient. 06-12 ted MLIST
Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when CVE- entering custom policy conditions. 2016-8751 Admin users can store some arbitrary not yet BID(link is apache -- ranger javascript code to be executed when 2017- calculaexternal) normal users login and access policies. 06-14 ted CONFIRM
In environments that use external CVE- location for hive tables, Hive Authorizer 2017-7677 in Apache Ranger before 0.7.1 should be not yet BID(link is apache -- ranger checking RWX permission for create 2017- calculaexternal) table. 06-14 ted CONFIRM
Apache Ranger before 0.6.3 policy CVE- engine incorrectly matches paths in 2016-8746 certain conditions when policy does not not yet BID(link is apache -- ranger contain wildcards and has recursion flag 2017- calculaexternal) set to true. 06-14 ted CONFIRM
Policy resource matcher in Apache CVE- Ranger before 0.7.1 ignores characters 2017-7676 after '*' wildcard character - like my*test, not yet BID(link is apache -- ranger test*.txt. This can result in unintended 2017- calculaexternal) behavior. 06-14 ted CONFIRM
CVE- not yet The client libraries in Apache Thrift 2015-3254 apache -- thrift 2017- calcula before 0.9.3 might allow remote CONFIRM 06-16 ted authenticated users to cause a denial of (link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info service (infinite recursion) via vectors external) involving the skip function. CONFIRM MLIST
In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for not yet CVE- apcupsd -- apcupsd %SYSTEMDRIVE%\apcupsd\bin\apcup 2017- calcula2017-7884 sd.exe. 06-16 ted MISC
Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan with a green build, to create a deployment project and execute arbitrary code on an available Bamboo Agent. By default a local agent CVE- is enabled; this means that code 2017-8907 execution can occur on the system not yet CONFIRM atlassian -- bamboo hosting Bamboo as the user running 2017- calcula(link is Bamboo. 06-14 ted external)
Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had CVE- permission to view a page when creating 2017-9505 a workbox notification about new CONFIRM comments. An attacker who can login to (link is Confluence could receive workbox not yet external) notifications, which contain the content atlassian -- confluence 2017- calculaMISC(link of comments, for comments added to a 06-15 ted is external) page after they started watching it even if Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info they do not have permission to view the page itself.
CVE- avira -- avira mobile security The Avira Mobile Security app before not yet 2015-7732 application 1.5.11 for iOS sends sensitive login 2017- calculaMISC(link information in cleartext. 06-15 ted is external)
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: CVE- 21.0.v0.65839 21.3.M0.67005. Known 2017-6690 Fixed Releases: 21.4.A0.67087 BID(link is 21.4.A0.67079 21.4.A0.67013 external) 21.3.M0.67084 21.3.M0.67077 not yet CONFIRM 21.3.M0.66994 21.3.J0.66993 2017- calcula(link is cisco -- asr_5000_series_routers 21.1.v0.67082 21.1.V0.67083. 06-13 ted external)
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development CVE- kit (SDK) could allow an 2017-6667 unauthenticated, remote attacker to BID(link is execute arbitrary code on the affected external) device with the privileges of the web not yet CONFIRM cisco -- context_service server. More Information: CSCvb66730. 2017- calcula(link is Known Affected Releases: 2.0. 06-13 ted external)
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an CVE- authenticated, remote attacker to impact 2017-6668 the confidentiality of the system by BID(link is executing arbitrary SQL queries, aka external) SQL Injection. More Information: not yet CONFIRM cisco -- cucdm CSCvc52784 CSCvc97648. Known 2017- calcula(link is Affected Releases: 8.1(7)ER1. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A vulnerability in the web-based GUI of Cisco Unified Communications Domain CVE- Manager could allow an unauthenticated, 2017-6670 remote attacker to redirect a user to a BID(link is malicious web page, aka an Open external) Redirect issue. More Information: not yet CONFIRM cisco -- cucdm CSCvc54813. Known Affected Releases: 2017- calcula(link is 8.1(7)ER1. 06-13 ted external)
A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary CVE- commands as the tomcat user on an 2017-6683 affected system, aka an Authentication BID(link is Request Processing Arbitrary Command external) Execution Vulnerability. More not yet CONFIRM Information: CSCvc76642. Known 2017- calcula(link is cisco -- elastic_services_controllers Affected Releases: 2.2(9.76). 06-13 ted external)
A vulnerability in the web interface of CVE- Cisco Elastic Services Controllers could 2017-6697 allow an authenticated, remote attacker to BID(link is access sensitive system credentials that external) are stored in an affected system. More not yet CONFIRM cisco -- elastic_services_controllers Information: CSCvd76339. Known 2017- calcula(link is Affected Releases: 2.2(9.76). 06-13 ted external)
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could CVE- allow an authenticated, remote attacker to 2017-6689 log in to an affected system as the admin BID(link is user, aka an Insecure Default external) Administrator Credentials Vulnerability. not yet CONFIRM cisco -- elastic_services_controllers More Information: CSCvc76661. Known 2017- calcula(link is Affected Releases: 2.2(9.76). 06-13 ted external)
A vulnerability in the file system of CVE- Cisco Elastic Services Controllers could 2017-6696 allow an authenticated, local attacker to BID(link is gain access to sensitive user credentials external) that are stored in an affected system. not yet CONFIRM cisco -- elastic_services_controllers More Information: CSCvd73677. Known 2017- calcula(link is Affected Releases: 2.3(2). 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A vulnerability in Cisco Elastic Services CVE- Controllers could allow an authenticated, 2017-6688 remote attacker to log in to an affected BID(link is system as the Linux root user, aka an external) Insecure Default Password Vulnerability. not yet CONFIRM cisco -- elastic_services_controllers More Information: CSCvc76631. Known 2017- calcula(link is Affected Releases: 2.2(9.76). 06-13 ted external)
A vulnerability in the ConfD CLI of CVE- Cisco Elastic Services Controllers could 2017-6691 allow an authenticated, remote attacker to BID(link is access sensitive information on an external) affected system. More Information: not yet CONFIRM cisco -- elastic_services_controllers CSCvd29403. Known Affected Releases: 2017- calcula(link is 2.3(2). 06-13 ted external)
A vulnerability in the ConfD CLI of CVE- Cisco Elastic Services Controllers could 2017-6682 allow an authenticated, remote attacker to BID(link is run arbitrary commands as the Linux external) tomcat user on an affected system. More not yet CONFIRM cisco -- elastic_services_controllers Information: CSCvc76620. Known 2017- calcula(link is Affected Releases: 2.2(9.76). 06-13 ted external)
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, CVE- remote attacker to log in to an affected 2017-6684 system as the Linux admin user, aka an BID(link is Insecure Default Credentials external) Vulnerability. More Information: not yet CONFIRM cisco -- elastic_services_controllers CSCvc76651. Known Affected Releases: 2017- calcula(link is 21.0.0. 06-13 ted external)
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, CVE- local attacker to access information 2017-6693 stored in the file system of an affected BID(link is system, aka Unauthorized Directory external) Access. More Information: CSCvd76286. not yet CONFIRM cisco -- elastic_services_controllers Known Affected Releases: 2.2(9.76) 2017- calcula(link is 2.3(1). 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of CVE- the web-based management interface of 2017-6661 an affected device, aka Message BID(link is Tracking XSS. More Information: external) CSCvd30805 CSCvd34861. Known not yet CONFIRM cisco -- esa_sma Affected Releases: 10.0.0-203 10.1.0- 2017- calcula(link is 049. 06-13 ted external)
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote CVE- attacker to bypass configured filters on 2017-6671 the device, as demonstrated by the BID(link is Attachment Filter. More Information: external) CSCvd34632. Known Affected Releases: not yet CONFIRM cisco -- esa 10.0.1-087 9.7.1-066. Known Fixed 2017- calcula(link is Releases: 10.0.2-020 9.8.1-015. 06-13 ted external)
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform CVE- reconnaissance. More Information: 2017-6673 CSCvc10894. Known Affected Releases: not yet CONFIRM cisco -- firepower 6.1.0.2 6.2.0. Known Fixed Releases: 2017- calcula(link is 6.2.0. 06-13 ted external)
A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to CVE- bypass URL filters that have been 2017-6674 configured for an affected device. More BID(link is Information: CSCvb16413. Known external) Affected Releases: 6.0.1 6.1.0 6.2.0 not yet CONFIRM cisco -- firepower 6.2.1. Known Fixed Releases: 6.2.1 2017- calcula(link is 6.2.0.1 6.1.0.2. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A vulnerability in the web interface of CVE- Cisco Industrial Network Director could 2017-6675 allow an unauthenticated, remote attacker BID(link is to conduct a reflected cross-site scripting external) (XSS) attack against an affected system. not yet CONFIRM cisco -- industrial_network_director More Information: CSCvd25405. Known 2017- calcula(link is Affected Releases: 1.1(0.176). 06-13 ted external)
A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the SIP process unexpectedly CVE- restarting. All active phone calls are 2017-6656 dropped as the SIP process restarts. More BID(link is Information: CSCvc29353. Known external) Affected Releases: 11.0(0.1). Known not yet CONFIRM cisco -- ip_phone_8800_series Fixed Releases: 11.0(0)MP2.153 2017- calcula(link is 11.0(0)MP2.62. 06-13 ted external)
A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of service (DoS) condition. More Information: CVE- CSCvd16665. Known Affected Releases: 2017-6666 6.2.11.BASE. Known Fixed Releases: BID(link is 6.1.3 6.1.2 6.3.1.8i.BASE external) 6.2.11.8i.BASE 6.2.2.9i.BASE not yet CONFIRM cisco -- ncs_5500_series_routers 6.1.32.11i.BASE 6.1.31.10i.BASE 2017- calcula(link is 6.1.4.3i.BASE. 06-13 ted external)
A vulnerability in the Fibre Channel over CVE- Ethernet (FCoE) protocol implementation 2017-6655 in Cisco NX-OS Software could allow an BID(link is unauthenticated, adjacent attacker to external) cause a denial of service (DoS) condition not yet CONFIRM when an FCoE-related process cisco -- nx-os 2017- calcula(link is unexpectedly reloads. This vulnerability 06-13 ted external) affects Cisco NX-OS Software on the Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info following Cisco devices when they are configured for FCoE: Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. More Information: CSCvc91729. Known Affected Releases: 8.3(0)CV(0.833). Known Fixed Releases: 8.3(0)ISH(0.62) 8.3(0)CV(0.944) 8.1(1) 8.1(0.8)S0 7.3(2)D1(0.47).
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an CVE- unauthenticated, remote attacker to 2017-6659 conduct a cross-site request forgery BID(link is (CSRF) attack and perform arbitrary external) cisco -- actions on an affected device. More not yet CONFIRM prime_collaboration_assurance Information: CSCvc91800. Known 2017- calcula(link is Affected Releases: 11.5(0) 11.6. 06-13 ted external)
A vulnerability in Cisco Ultra Services Framework Element Manager could CVE- allow an authenticated, remote attacker to 2017-6692 log in to the device with the privileges of BID(link is the root user, aka an Insecure Default external) Account Information Vulnerability. More not yet CONFIRM cisco -- ultra_services_framework Information: CSCvd85710. Known 2017- calcula(link is Affected Releases: 21.0.v0.65839. 06-13 ted external)
A vulnerability in the AutoVNF logging CVE- function of Cisco Ultra Services 2017-6680 Framework could allow an BID(link is unauthenticated, remote attacker to create external) arbitrary directories on the affected not yet CONFIRM cisco -- ultra_services_framework system. More Information: CSCvc76652. 2017- calcula(link is Known Affected Releases: 21.0.0. 06-13 ted external)
A vulnerability in the Virtual Network Function Manager's (VNFM) logging CVE- function of Cisco Ultra Services Platform 2017-6694 could allow an authenticated, local BID(link is attacker to view sensitive data (cleartext external) credentials) on an affected system. More not yet CONFIRM cisco -- ultra_services_framework Information: CSCvd29355. Known 2017- calcula(link is Affected Releases: 21.0.v0.65839. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- A vulnerability in the ConfD server in 2017-6695 Cisco Ultra Services Platform could BID(link is allow an authenticated, local attacker to external) view sensitive information. More not yet CONFIRM cisco -- ultra_services_framework Information: CSCvd29398. Known 2017- calcula(link is Affected Releases: 21.0.v0.65839. 06-13 ted external)
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network CVE- to log in to the affected device using 2017-6687 default credentials present on the system, BID(link is aka an Insecure Default Password external) Vulnerability. More Information: not yet CONFIRM cisco -- ultra_services_framework CSCvc76695. Known Affected Releases: 2017- calcula(link is 21.0.0. 06-13 ted external)
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with CVE- access to the management network to log 2017-6685 in as an admin user of the affected BID(link is device, aka an Insecure Default external) Credentials Vulnerability. More not yet CONFIRM cisco -- ultra_services_framework Information: CSCvc76681. Known 2017- calcula(link is Affected Releases: 21.0.0. 06-13 ted external)
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker CVE- with access to the management network 2017-6686 to log in as an admin or oper user of the BID(link is affected device, aka an Insecure Default external) Credentials Vulnerability. More not yet CONFIRM cisco -- ultra_services_framework Information: CSCvc76699. Known 2017- calcula(link is Affected Releases: 21.0.0. 06-13 ted external)
A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an CVE- unauthenticated, remote attacker to 2017-6681 not yet execute a relative path traversal attack, BID(link is cisco -- ultra_services_framework 2017- calcula enabling an attacker to read sensitive external) 06-13 ted files on the system. More Information: CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CSCvc76662. Known Affected Releases: (link is 21.0.0. external)
CVE- 2017-9231 XML external entity (XXE) vulnerability BID(link is in Citrix XenMobile Server 9.x and 10.x external) before 10.5 RP3 allows attackers to not yet CONFIRM obtain sensitive information via 2017- calcula(link is citrix -- xenmobile_server unspecified vectors. 06-16 ted external)
In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the CVE- given "URL" starts with a drive letter, 2017-9502 and libcurl is built for Windows or DOS, CONFIRM then libcurl would copy the path 7 bytes (link is off, so that the end of the given path external) would write beyond the malloc buffer (7 not yet CONFIRM curl -- curl bytes being the length in bytes of the 2017- calcula(link is ascii string "file://"). 06-14 ted external)
CVE- 2016-7816 BID(link is The Cybozu kintone mobile for Android external) 1.0.6 and earlier does not verify X.509 JVN(link is certificates from SSL servers, which external) allows man-in-the-middle attackers to not yet CONFIRM cybozu -- kintone_app spoof servers and obtain sensitive 2017- calcula(link is information via a crafted certificate. 06-09 ted external)
On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an not yet CVE- d-link -- dir-605l_devices unauthenticated GET request to trigger a 2017- calcula2017-9675 reboot. 06-15 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info D-Link DIR-615 Wireless N300 Router CVE- allows authentication bypass via a 2017-9542 modified POST request to login.cgi. This BID(link is issue occurs because it fails to validate external) the password field. Successful MISC(link exploitation of this issue allows an not yet is external) d-link -- wireless_n300_router attacker to take control of the affected 2017- calculaMISC(link device. 06-11 ted is external)
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 CVE- and prior. An attacker may be able to run 2017-7910 digital_canal_structural -- arbitrary code by remotely exploiting an not yet BID(link is wind_analysis executable to perform a denial-of-service 2017- calculaexternal) attack. 06-14 ted MISC
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, CVE- which makes it easier for remote 2017-9735 attackers to obtain access by observing not yet MISC eclipse -- jetty elapsed times before rejection of 2017- calculaMISC(link incorrect passwords. 06-16 ted is external)
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 CVE- to 3.1. By sending an overly long 2017-9544 username string to registresult.htm for not yet EXPLOIT- efs_software -- easy_chat_server registering the user, an attacker may be 2017- calculaDB(link is able to execute arbitrary code. 06-12 ted external)
register.ghp in EFS Software Easy Chat CVE- Server versions 2.0 to 3.1 allows remote 2017-9543 attackers to reset arbitrary passwords via not yet EXPLOIT- efs_software -- easy_chat_server a crafted POST request to 2017- calculaDB(link is registresult.htm. 06-12 ted external)
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by CVE- sending the username parameter in 2017-9557 conjunction with an empty password not yet EXPLOIT- efs_software -- easy_chat_server parameter, and reading the HTML source 2017- calculaDB(link is code of the response. 06-12 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could CVE- perform a denial of service attack on the 2016- Logstash instance. The errors resulting 10363 from these crafted inputs are not handled not yet CONFIRM elastic -- logstash by the codec and can cause the Logstash 2017- calcula(link is process to exit. 06-16 ted external)
CVE- 2016- Logstash prior to version 2.1.2, the CSV 1000222 output can be attacked via engineered not yet CONFIRM elastic -- logstash input that will create malicious formulas 2017- calcula(link is in the CSV data. 06-16 ted external)
CVE- 2016- Logstash prior to version 2.3.4, 1000221 Elasticsearch Output plugin would log to not yet CONFIRM elastic -- logstash file HTTP authorization headers which 2017- calcula(link is could contain sensitive information. 06-16 ted external)
CVE- Prior to Logstash version 5.0.1, 2016- Elasticsearch Output plugin when 10362 updating connections after sniffing, not yet CONFIRM elastic -- logstash would log to file HTTP basic auth 2017- calcula(link is credentials. 06-16 ted external)
X-Pack 5.1.1 did not properly apply document and field level security to CVE- multi-search and multi-get requests so 2017-8450 users without access to a document not yet CONFIRM elastic -- x-pack_security and/or field may have been able to access 2017- calcula(link is this information. 06-16 ted external)
X-Pack Security 5.2.x would allow access to more fields than the user should CVE- have seen if the field level security rules 2017-8449 used a mix of grant and exclude rules not yet CONFIRM elastic -- x-pack_security when merging multiple rules with field 2017- calcula(link is level security rules for the same index. 06-16 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- 2017-4986 CONFIRM EMC ESRS VE 3.18 or earlier contains (link is Authentication Bypass that could not yet external) emc -- esrs_ve potentially be exploited by malicious 2017- calculaBID(link is users to compromise the affected system. 06-14 ted external)
CVE- 2017-4981 CONFIRM (link is EMC RSA BSAFE Cert-C before 2.9.0.5 not yet external) emc -- rsa_bsafe_cert_c contains a potential improper certificate 2017- calculaBID(link is processing vulnerability. 06-14 ted external)
EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); CVE- and RSA Identity Management and 2017-5003 Governance (IMG) version 6.9.1 (all CONFIRM emc -- patch levels) have Reflected Cross Site (link is rsa_identity_governanace_and_lifec Scripting vulnerabilities that could not yet external) ycle_versions potentially be exploited by malicious 2017- calculaBID(link is users to compromise an affected system. 06-09 ted external)
EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); CVE- and RSA Identity Management and 2017-5004 Governance (IMG) version 6.9.1 (all CONFIRM emc -- patch levels) have Stored Cross Site (link is rsa_identity_governanace_and_lifec Scripting vulnerabilities that could not yet external) ycle_versions potentially be exploited by malicious 2017- calculaBID(link is users to compromise an affected system. 06-09 ted external)
A stored cross-site scripting (XSS) CVE- vulnerability in the Configuration utility 2016-7469 device name change page in BIG-IP BID(link is LTM, AAM, AFM, Analytics, APM, external) ASM, DNS, Edge Gateway, GTM, Link not yet CONFIRM Controller, PEM, PSM, WebAccelerator, f5 -- multiple_products 2017- calcula(link is WOM and WebSafe version 12.0.0 - 06-09 ted external) 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.
In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher CVE- Licensing Service can be exploited to 2016- cause an out-of-bounds memory read not yet 10395 flexera -- flexnet_publisher access and subsequently execute arbitrary 2017- calculaMISC(link code with SYSTEM privileges. 06-15 ted is external)
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation CVE- fault and Memory Corruption) or 2017-9670 possibly have unspecified other impact not yet CONFIRM gnuplot -- gnuplot when a victim opens a specially crafted 2017- calcula(link is file. 06-15 ted external)
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid not yet CVE- gnutls -- gnutls contents. This could lead to a crash of the 2017- calcula2017-7507 GnuTLS server application. 06-16 ted CONFIRM
CVE- 2016- 10333 BID(link is external) In all Android releases from CAF using not yet CONFIRM the Linux kernel, a sensitive system call 2017- calcula(link is google -- android was allowed to be called by HLOS. 06-13 ted external)
CVE- not yet 2016- 2017- calcula In all Android releases from CAF using 10334 google -- android 06-13 ted the Linux kernel, a dynamically- BID(link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info protected DDR region could potentially external) get overwritten. CONFIRM (link is external)
CVE- 2017-8235 In all Android releases from CAF using not yet CONFIRM the Linux kernel, a memory structure in a 2017- calcula(link is google -- android camera driver is not properly protected. 06-13 ted external)
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an CVE- unprivileged process. This issue is rated 2017-0663 as High due to the possibility of remote BID(link is code execution in an application that uses external) this library. Product: Android. Versions: not yet CONFIRM 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 2017- calcula(link is google -- android 7.1.2. Android ID: A-37104170. 06-14 ted external)
A remote denial of service vulnerability in Mediaserver could enable an attacker CVE- to use a specially crafted file to cause a 2017-0644 device hang or reboot. This issue is rated BID(link is as High severity due to the possibility of external) remote denial of service. Product: not yet CONFIRM Android. Versions: 4.4.4, 5.0.2, 5.1.1, 2017- calcula(link is google -- android 6.0, 6.0.1. Android ID: A-35472997. 06-14 ted external)
CVE- 2015-9021 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, access control to 2017- calcula(link is SMEM memory was not enabled. 06-13 ted external)
CVE- In all Android releases from CAF using 2015-9022 the Linux kernel, time-of-check Time-of- not yet BID(link is google -- android use (TOCTOU) Race Conditions exist in 2017- calcula external) several TZ APIs. 06-13 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info (link is external)
CVE- 2015-9033 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a QTEE system call 2017- calcula(link is fails to validate a pointer. 06-13 ted external)
CVE- 2014-9965 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a vulnerability exists in 2017- calcula(link is the parsing of an SCM call. 06-13 ted external)
A remote code execution vulnerability in libhevc in Mediaserver could enable an CVE- attacker using a specially crafted file to 2017-0637 cause memory corruption during media BID(link is file and data processing. This issue is external) rated as Critical due to the possibility of CONFIRM remote code execution within the context (link is of the Mediaserver process.Product: external) Android. Versions: 5.0.2, 5.1.1, 6.0, not yet CONFIRM google -- android 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A- 2017- calcula(link is 34064500. 06-14 ted external)
CVE- 2014-9966 BID(link is In all Android releases from CAF using external) the Linux kernel, a Time-of-check Time- not yet CONFIRM google -- android of-use (TOCTOU) Race Condition 2017- calcula(link is vulnerability exists in Secure Display. 06-13 ted external)
In all Android releases from CAF using CVE- the Linux kernel, a data pointer is 2017-7371 potentially used after it has been freed not yet CONFIRM google -- android when SLIMbus is turned off by 2017- calcula(link is Bluetooth. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- In all Android releases from CAF using 2017-7370 the Linux kernel, a race condition exists not yet CONFIRM google -- android in a video driver potentially leading to a 2017- calcula(link is use-after-free condition. 06-13 ted external)
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a CVE- general bypass for operating system 2017-0639 protections that isolate application data BID(link is from other applications. Product: external) Android. Versions: 4.4.4, 5.0.2, 5.1.1, not yet CONFIRM google -- android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: 2017- calcula(link is A-35310991. 06-14 ted external)
CVE- 2014-9963 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a buffer overflow 2017- calcula(link is vulnerability exists in WideVine DRM. 06-13 ted external)
CVE- 2014-9964 BID(link is In all Android releases from CAF using external) the Linux kernel, an integer overflow not yet CONFIRM google -- android vulnerability exists in debug 2017- calcula(link is functionality. 06-13 ted external)
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because CVE- it first requires compromising a 2017-0650 privileged process. Product: Android. not yet CONFIRM google -- android Versions: Kernel-3.10, Kernel-3.18. 2017- calcula(link is Android ID: A-35472278. 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info An elevation of privilege vulnerability in Bluetooth could enable a local malicious CVE- application to access data outside of its 2017-0645 permission levels. This issue is rated as BID(link is Moderate because it is a local bypass of external) user interaction requirements. Product: not yet CONFIRM google -- android Android. Versions: 6.0.1, 7.0, 7.1.1, 2017- calcula(link is 7.1.2. Android ID: A-35385327. 06-14 ted external)
CVE- A remote denial of service vulnerability 2017-0641 in libvpx in Mediaserver could enable an BID(link is attacker to use a specially crafted file to external) cause a device hang or reboot. This issue CONFIRM is rated as High severity due to the (link is possibility of remote denial of service. external) Product: Android. Versions: 4.4.4, 5.0.2, not yet CONFIRM google -- android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. 2017- calcula(link is Android ID: A-34360591. 06-14 ted external)
CVE- A remote denial of service vulnerability 2017-0642 in libhevc in Mediaserver could enable BID(link is an attacker to use a specially crafted file external) to cause a device hang or reboot. This CONFIRM issue is rated as High severity due to the (link is possibility of remote denial of service. external) Product: Android. Versions: 5.0.2, 5.1.1, not yet CONFIRM google -- android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: 2017- calcula(link is A-34819017. 06-14 ted external)
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a CVE- device hang or reboot. This issue is rated 2017-0643 as High severity due to the possibility of BID(link is remote denial of service. Product: external) Android. Versions: 5.0.2, 5.1.1, 6.0, not yet CONFIRM google -- android 6.0.1, 7.0, 7.1.1. Android ID: A- 2017- calcula(link is 35645051. 06-14 ted external)
A remote denial of service vulnerability CVE- in Mediaserver could enable an attacker 2017-0640 not yet to use a specially crafted file to cause a BID(link is google -- android 2017- calcula device hang or reboot. This issue is rated external) 06-14 ted as High severity due to the possibility of CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info remote denial of service. Product: (link is Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. external) Android ID: A-33129467.
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data CVE- outside of its permission levels. This 2017-0646 issue is rated as Moderate due to details BID(link is specific to the vulnerability. Product: external) Android. Versions: 4.4.4, 5.0.2, 5.1.1, not yet CONFIRM google -- android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: 2017- calcula(link is A-33899337. 06-14 ted external)
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the CVE- kernel. This issue is rated as High due to 2017-0648 the possibility of a local permanent BID(link is device compromise, which may require external) reflashing the operating system to repair not yet CONFIRM google -- android the device. Product: Android. Versions: 2017- calcula(link is Kernel-3.10. Android ID: A-36101220. 06-14 ted external)
An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a CVE- privileged process and because of 2017-0649 vulnerability specific details which limit BID(link is the impact of the issue. Product: Android. external) Versions: N/A. Android ID: A- not yet CONFIRM google -- android 34468195. References: M- 2017- calcula(link is ALPS03162283. 06-14 ted external)
CVE- 2015-9032 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a DRM key was 2017- calcula(link is exposed to QTEE applications. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- 2017-7373 In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a double free 2017- calcula(link is vulnerability exists in a display driver. 06-13 ted external)
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data CVE- outside of its permission levels. This 2017-0647 issue is rated as Moderate because it BID(link is could be used to access sensitive data external) without permission. Product: Android. not yet CONFIRM google -- android Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 2017- calcula(link is 7.1.1, 7.1.2. Android ID: A-36392138. 06-14 ted external)
CVE- 2015-9031 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a TZ memory address 2017- calcula(link is is exposed to HLOS by HDCP. 06-13 ted external)
CVE- 2015-9030 BID(link is In all Android releases from CAF using external) the Linux kernel, the Hypervisor API not yet CONFIRM google -- android could be misused to bypass 2017- calcula(link is authentication. 06-13 ted external)
CVE- 2015-9029 BID(link is In all Android releases from CAF using external) the Linux kernel, a vulnerability exists in not yet CONFIRM google -- android the access control settings of modem 2017- calcula(link is memory. 06-13 ted external)
In all Android releases from CAF using CVE- the Linux kernel, an array index in an 2017-7369 ALSA routine is not properly validating not yet CONFIRM google -- android potentially leading to kernel stack 2017- calcula(link is corruption. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info In all Android releases from CAF using CVE- the Linux kernel, userspace-controlled 2017-8239 parameters for flash initialization are not not yet CONFIRM google -- android sanitized potentially leading to exposure 2017- calcula(link is of kernel memory. 06-13 ted external)
CVE- 2014-9967 BID(link is In all Android releases from CAF using external) the Linux kernel, an untrusted pointer not yet CONFIRM google -- android dereference vulnerability exists in 2017- calcula(link is WideVine DRM. 06-13 ted external)
CVE- 2015-9020 BID(link is In all Android releases from CAF using external) the Linux kernel, an untrusted pointer not yet CONFIRM google -- android dereference vulnerability exists in the 2017- calcula(link is unlocking of memory. 06-13 ted external)
CVE- 2016- 10336 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, some regions of 2017- calcula(link is memory were not protected during boot. 06-13 ted external)
CVE- 2016- 10337 BID(link is In all Android releases from CAF using external) the Linux kernel, some validation of not yet CONFIRM google -- android secure applications was not being 2017- calcula(link is performed. 06-13 ted external)
CVE- 2016- 10338 In all Android releases from CAF using not yet BID(link is google -- android the Linux kernel, there was an issue 2017- calcula external) related to RPMB processing. 06-13 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info (link is external)
CVE- 2016- 10332 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, stack protection was 2017- calcula(link is not enabled for secure applications. 06-13 ted external)
The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bu s_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service (NULL pointer dereference and CVE- device crash) via a crafted not yet 2017-6899 google -- android /sys/kernel/debug/msm-bus-dbg/client- 2017- calculaMISC(link data/update-request write request. 06-16 ted is external)
CVE- 2015-9027 BID(link is In all Android releases from CAF using external) the Linux kernel, an untrusted pointer not yet CONFIRM google -- android dereference vulnerability exists in 2017- calcula(link is WideVine DRM. 06-13 ted external)
CVE- 2016- 10339 BID(link is In all Android releases from CAF using external) the Linux kernel, HLOS can overwite not yet CONFIRM google -- android secure memory or read contents of the 2017- calcula(link is keystore. 06-13 ted external)
CVE- In all Android releases from CAF using not yet 2016- google -- android the Linux kernel, 3rd party TEEs have 2017- calcula 10341 more privilege than intended. 06-13 ted BID(link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info external) CONFIRM (link is external)
CVE- 2016- 10335 BID(link is external) In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, libtomcrypt was 2017- calcula(link is updated. 06-13 ted external)
CVE- 2014-9962 BID(link is In all Android releases from CAF using external) the Linux kernel, a vulnerability exists in not yet CONFIRM google -- android the parsing of a DRM provisioning 2017- calcula(link is command. 06-13 ted external)
CVE- In all Android releases from CAF using 2017-7368 the Linux kernel, a race condition not yet CONFIRM google -- android potentially exists in the ioctl handler of a 2017- calcula(link is sound driver. 06-13 ted external)
CVE- 2015-9026 BID(link is In all Android releases from CAF using external) the Linux kernel, an untrusted pointer not yet CONFIRM google -- android dereference vulnerability exists in 2017- calcula(link is WideVine DRM. 06-13 ted external)
CVE- 2015-9024 BID(link is In all Android releases from CAF using external) the Linux kernel, some interfaces were not yet CONFIRM google -- android improperly exposed to QTEE 2017- calcula(link is applications. 06-13 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- In all Android releases from CAF using 2017-8234 the Linux kernel, an out of bounds access not yet CONFIRM google -- android can potentially occur in a camera 2017- calcula(link is function. 06-13 ted external)
CVE- 2017-7366 In all Android releases from CAF using not yet CONFIRM google -- android the Linux kernel, a KGSL ioctl was not 2017- calcula(link is validating all of its parameters. 06-13 ted external)
CVE- In all Android releases from CAF using 2017-7367 the Linux kernel, an integer underflow not yet CONFIRM google -- android vulnerability exists while processing the 2017- calcula(link is boot image. 06-13 ted external)
In a camera driver function in all Android CVE- releases from CAF using the Linux 2017-8233 kernel, a bounds check is missing when not yet CONFIRM google -- android writing into an array potentially leading 2017- calcula(link is to an out-of-bounds heap write. 06-13 ted external)
CVE- 2017-1379 CONFIRM (link is IBM API Connect 5.0.0.0 could allow a external) remote attacker to obtain sensitive BID(link is information, caused by improper not yet external) ibm -- api_connect handling of requests to the Developer 2017- calculaMISC(link Portal. IBM X-Force ID: 127002. 06-15 ted is external)
CVE- 2017-1197 IBM BigFix Compliance (TEMA SUAv1 CONFIRM SCA SCM) uses an inadequate account (link is lockout setting that could allow a remote not yet external) ibm -- bigfix_compliance attacker to brute force account 2017- calculaMISC(link credentials. IBM X-Force ID: 123672. 06-15 ted is external)
IBM Jazz Foundation is vulnerable to CVE- not yet cross-site scripting. This vulnerability 2016-9973 ibm -- jazz_foundation 2017- calcula allows users to embed arbitrary CONFIRM 06-13 ted JavaScript code in the Web UI thus (link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info altering the intended functionality external) potentially leading to credentials BID(link is disclosure within a trusted session. IBM external) X-Force ID: 120209. MISC(link is external)
CVE- 2017-1099 IBM Jazz Foundation could expose CONFIRM potentially sensitive information to (link is authenticated users through stack trace not yet external) ibm -- jazz_foundation error conditions. IBM X-Force ID: 2017- calculaMISC(link 120659. 06-13 ted is external)
CVE- IBM Quality Manager (RQM) 4.0, 5.0, 2017-1104 and 6.0 is vulnerable to cross-site CONFIRM scripting. This vulnerability allows users (link is to embed arbitrary JavaScript code in the external) Web UI thus altering the intended BID(link is functionality potentially leading to not yet external) ibm -- quality_manager credentials disclosure within a trusted 2017- calculaMISC(link session. IBM X-Force ID: 120666. 06-13 ted is external)
CVE- IBM Quality Manager (RQM) 4.0, 5.0, 2017-1102 and 6.0 is vulnerable to cross-site CONFIRM scripting. This vulnerability allows users (link is to embed arbitrary JavaScript code in the external) Web UI thus altering the intended BID(link is functionality potentially leading to not yet external) ibm -- quality_manager credentials disclosure within a trusted 2017- calculaMISC(link session. IBM X-Force ID: 120663. 06-13 ted is external)
CVE- IBM Quality Manager (RQM) 4.0, 5.0, 2017-1101 and 6.0 is vulnerable to cross-site CONFIRM scripting. This vulnerability allows users (link is to embed arbitrary JavaScript code in the external) Web UI thus altering the intended BID(link is functionality potentially leading to not yet external) ibm -- quality_manager credentials disclosure within a trusted 2017- calculaMISC(link session. IBM X-Force ID: 120662. 06-13 ted is external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- IBM Quality Manager (RQM) 4.0, 5.0, 2017-1100 and 6.0 is vulnerable to cross-site CONFIRM scripting. This vulnerability allows users (link is to embed arbitrary JavaScript code in the external) Web UI thus altering the intended BID(link is functionality potentially leading to not yet external) ibm -- quality_manager credentials disclosure within a trusted 2017- calculaMISC(link session. IBM X-Force ID: 120661. 06-13 ted is external)
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. CVE- infotecs -- The attack succeeds because of incorrect not yet 2017-9606 vipnet_client_and_coordinator folder permissions in conjunction with a 2017- calculaMISC(link lack of integrity and authenticity checks. 06-14 ted is external)
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, CVE- 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, 2017-5697 intel -- and 11.6.25.1129 potentially allowing a not yet CONFIRM active_management_technology remote attacker to hijack users web clicks 2017- calcula(link is via attacker's crafted web page. 06-14 ted external)
CVE- Untrusted search path vulnerability in 2017-2176 screensaver installers (jasdf_01.exe, JVN(link is jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, external) jasdf_05.exe, scramble_setup.exe, CONFIRM clock_01_setup.exe, clock_02_setup.exe) (link is available prior to May 25, 2017, allows not yet external) jadf -- screensaver_installers an attacker to gain privileges via a Trojan 2017- calculaBID(link is horse DLL in an unspecified directory. 06-09 ted external)
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and CVE- earlier, The Public Certification Service 2016-4902 for Individuals "The JPKI user's software japan_agency_for_local_authority_i BID(link is (for Windows Vista)" Ver3.0.1 and nformation _systems -- not yet external) earlier and The Public Certification jpki_client_software_for_windows 2017- calculaJVN(link is Service for Individuals "The JPKI user's 06-09 ted external) software" Ver2.6 and earlier allows Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE- 2016-7818 CONFIRM (link is external) CONFIRM (link is Untrusted search path vulnerability in external) Installers for Specification check CONFIRM program (social insurance) Ver. 9.00 and (link is earlier, TODOKESHO print program external) Ver. 5.00 and earlier, Device data CONFIRM encryption program Ver. 1.00 and earlier, (link is and TODOKESHO creation program external) Ver. 15.00 and earlier available prior to BID(link is October 17, 2016 allows remote attackers not yet external) japan_pension_service -- todokesho to gain privileges via a Trojan horse DLL 2017- calculaJVN(link is in an unspecified directory. 06-09 ted external)
CVE- GroupSession versions 4.6.4 and earlier 2017-2165 allows remote authenticated attackers to JVN(link is bypass access restrictions to obtain not yet external) japan_total_system -- groupsession sensitive information such as emails via 2017- calculaBID(link is unspecified vectors. 06-09 ted external)
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. CVE- Through this functionality, a user can 2017-9602 upload an ASPX script to not yet EXPLOIT- kbvault_mysql -- kbvault_mysql Uploads/Documents/ to run any arbitrary 2017- calculaDB(link is code. 06-16 ted external)
KDE kmail before 5.5.2 and messagelib CVE- before 5.5.2, as distributed in KDE not yet 2017-9604 Applications before 17.04.2, do not kde -- kde_applications 2017- calculaCONFIRM ensure that a plugin's sign/encrypt action 06-13 ted CONFIRM occurs during use of the Send Later Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info feature, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE- 2015-4596 Lenovo Mouse Suite before 6.73 allows not yet CONFIRM lenovo -- mouse suite local users to run arbitrary code with 2017- calcula(link is administrator privileges. 06-13 ted external)
In Libgcrypt before 1.7.7, an attacker CVE- who learns the EdDSA session key (from 2017-9526 side-channel observation during the BID(link is signing process) can easily recover the external) long-term secret key. 1.7.7 makes a CONFIRM cipher/ecc-eddsa.c change to store this (link is session key in secure memory, to ensure not yet external) libgcrypt -- libgcrypt that constant-time point operations are 2017- calculaCONFIRM used in the MPI library. 06-10 ted CONFIRM
CVE- 2016-5391 CONFIRM (link is libreswan before 3.18 allows remote external) attackers to cause a denial of service not yet CONFIRM libreswan -- libreswan (NULL pointer dereference and pluto 2017- calculaFEDORA daemon restart). 06-13 ted FEDORA
CVE- 2017-6892 CONFIRM (link is In libsndfile version 1.0.28, an error in external) the "aiff_read_chanmap()" function MISC(link (aiff.c) can be exploited to cause an out- not yet is external) libsndfile -- libsndfile of-bounds read memory access via a 2017- calculaMISC(link specially crafted AIFF file. 06-12 ted is external)
CVE- sound/core/timer.c in the Linux kernel 2017- before 4.11.5 is vulnerable to a data race 1000380 in the ALSA /dev/snd/timer driver MISC not yet resulting in local users being able to read MISC linux -- linux_kernel 2017- calcula information belonging to other users, i.e., MISC 06-17 ted uninitialized memory contents may be MISC(link Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info disclosed when a read and an ioctl is external) happen at the same time. MISC(link is external) MISC(link is external)
The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_ CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surfac e.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one attempts to create a GB surface, with a previously allocated DMA buffer to be used as a backup buffer, the CVE- backup_handle variable does not get 2017-9605 written to and is then later returned to CONFIRM user space, allowing local users to obtain not yet CONFIRM linux -- linux_kernel sensitive information from uninitialized 2017- calcula(link is kernel memory via a crafted ioctl call. 06-13 ted external)
The "Algonquin State Bank Mobile Banking" by Algonquin State Bank app 3.0.0 -- aka algonquin-state-bank-mobile- banking/id1089657735 for iOS does not verify X.509 certificates from SSL mea_financial_enterprises -- servers, which allows man-in-the-middle CVE- algonquin_state_bank_mobile_bank attackers to spoof servers and obtain not yet 2017-9581 ing_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The athens-state-bank-mobile- banking/id719748589 app 3.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9572 athens_state_bank_mobile_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The avb-bank-mobile- CVE- banking/id592565443 app 3.0.0 for iOS mea_financial_enterprises -- not yet 2017-9567 does not verify X.509 certificates from avb_bank_mobile_banking_app 2017- calculaMISC(link SSL servers, which allows man-in-the- 06-16 ted is external) middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "Blue Ridge Bank and Trust Co. Mobile Banking" by Blue Ridge Bank and Trust Co. app 3.0.1 -- aka blue-ridge- bank-and-trust-co-mobile- banking/id699679197 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9597 blue_ridge_bank_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "BNB Mobile Banking" by Brady National Bank app 3.0.0 -- aka bnb- mobile-banking/id674215747 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9582 bnb_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The cayuga-lake-national- bank/id1151601539 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9560 cayuga_lake_national_bank_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The community-banks- cb2go/id445828071 app 3.1.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9564 cb2go_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The Citizens Bank (TX) cbtx-on-the- CVE- go/id892396102 app 3.0.0 for iOS does mea_financial_enterprises -- not yet 2017-9569 not verify X.509 certificates from SSL cbtx_on_the_go_app 2017- calculaMISC(link servers, which allows man-in-the-middle 06-16 ted is external) attackers to spoof servers and obtain Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info sensitive information via a crafted certificate.
The Citizens Community Bank (TN) ccb- mobile-banking/id610030469 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in- CVE- mea_financial_enterprises -- the-middle attackers to spoof servers and not yet 2017-9571 ccb_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "CFB Mobile Banking" by Citizens First Bank Wisconsin app 3.0.1 -- aka cfb-mobile-banking/id1081102805 for iOS does not verify X.509 certificates from SSL servers, which allows man-in- CVE- mea_financial_enterprises -- the-middle attackers to spoof servers and not yet 2017-9596 cfb_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "Charlevoix State Bank" by Charlevoix State Bank app 3.0.1 -- aka charlevoix-state-bank/id1128963717 for iOS does not verify X.509 certificates from SSL servers, which allows man-in- CVE- mea_financial_enterprises -- the-middle attackers to spoof servers and not yet 2017-9583 charlevoix_state_bank_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "Community State Bank - Lamar Mobile Banking" by Community State Bank - Lamar app 3.0.3 -- aka community-state-bank-lamar-mobile- banking/id1083927885 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9585 community_state_bank_lamar_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The financial-plus-mobile- CVE- banking/id731070564 app 3.0.3 for iOS mea_financial_enterprises -- not yet 2017-9568 does not verify X.509 certificates from financial_plus_mobile_banking_app 2017- calculaMISC(link SSL servers, which allows man-in-the- 06-16 ted is external) middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "First Citizens Bank-Mobile Banking" by First Citizens Bank (AL) app 3.0.0 -- aka first-citizens-bank- mobile-banking/id566037101 for iOS does not verify X.509 certificates from mea_financial_enterprises -- SSL servers, which allows man-in-the- CVE- first_citizens_bank_mobile_banking middle attackers to spoof servers and not yet 2017-9577 _app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9563 first_citizens_community_bank_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The first-security-bank-sleepy-eye- mobile/id870531890 app 3.0.0 for iOS does not verify X.509 certificates from mea_financial_enterprises -- SSL servers, which allows man-in-the- CVE- first_security_bank_sleepy_eye_mo middle attackers to spoof servers and not yet 2017-9565 bile_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "First State Bank of Bigfork Mobile Banking" by First State Bank of Bigfork app 4.0.3 -- aka first-state-bank-of- bigfork-mobile-banking/id1133969876 for iOS does not verify X.509 certificates mea_financial_enterprises -- from SSL servers, which allows man-in- CVE- first_state_bank_of_bigfork_mobile the-middle attackers to spoof servers and not yet 2017-9595 _banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "FNB Kemp Mobile Banking" by First National Bank of Kemp app 3.0.2 -- aka fnb-kemp-mobile- CVE- banking/id571448725 for iOS does not mea_financial_enterprises -- not yet 2017-9601 verify X.509 certificates from SSL fnb_kemp_mobile_banking_app 2017- calculaMISC(link servers, which allows man-in-the-middle 06-16 ted is external) attackers to spoof servers and obtain Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info sensitive information via a crafted certificate.
The "Fountain Trust Mobile Banking" by FOUNTAIN TRUST COMPANY app 3.0.0 -- aka fountain-trust-mobile- banking/id891343006 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- attackers to spoof servers and obtain not yet 2017-9599 mea_financial_enterprises -- sensitive information via a crafted 2017- calculaMISC(link fountain_trust_mobile_banking_app certificate. 06-16 ted is external)
The Freedom First freedom-1st-credit- union-mobile-banking/id1085229458 app 3.0.0 for iOS does not verify X.509 mea_financial_enterprises -- certificates from SSL servers, which CVE- freedom_1st_credit_union_mobile_ allows man-in-the-middle attackers to not yet 2017-9562 banking_app spoof servers and obtain sensitive 2017- calculaMISC(link information via a crafted certificate. 06-16 ted is external)
The fsb-dequeen-mobile- banking/id1091025340 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9566 fsb_dequeen_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "FSBY Mobile Banking" by First State Bank of Yoakum TX app 3.0.0 -- aka fsby-mobile-banking/id899136434 for iOS does not verify X.509 certificates from SSL servers, which allows man-in- CVE- mea_financial_enterprises -- the-middle attackers to spoof servers and not yet 2017-9586 fsby_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "FVB Mobile Banking" by First Volunteer Bank of Tennessee app 3.1.1 -- CVE- aka fvb-mobile-banking/id551018004 for mea_financial_enterprises -- not yet 2017-9575 iOS does not verify X.509 certificates fvb_mobile_banking_app 2017- calculaMISC(link from SSL servers, which allows man-in- 06-16 ted is external) the-middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "HBO Mobile Banking" by Heritage Bank of Ozarks app 3.0.0 -- aka hbo- mobile-banking/id860224933 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9584 hbo_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "JMCU Mobile Banking" by Joplin Metro Credit Union app 3.0.0 -- aka jmcu-mobile-banking/id716065893 for iOS does not verify X.509 certificates from SSL servers, which allows man-in- CVE- mea_financial_enterprises -- the-middle attackers to spoof servers and not yet 2017-9579 jmcu_mobile_banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "KC Area Credit Union Mobile Banking" by K C Area Credit Union app 3.0.1 -- aka kc-area-credit-union-mobile- banking/id1097607736 for iOS does not verify X.509 certificates from SSL mea_financial_enterprises -- servers, which allows man-in-the-middle CVE- kc_area_credit_union_mobile_banki attackers to spoof servers and obtain not yet 2017-9574 ng_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The Lee Bank & Trust lbtc- mobile/id1068984753 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the- CVE- mea_financial_enterprises -- middle attackers to spoof servers and not yet 2017-9561 lee_bank_and_trust_mobile_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The MEA Financial vision- CVE- bank/id420406345 app 3.0.1 for iOS does mea_financial_enterprises -- not yet 2017-9559 not verify X.509 certificates from SSL mea_financial_vision_bank_app 2017- calculaMISC(link servers, which allows man-in-the-middle 06-16 ted is external) attackers to spoof servers and obtain Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info sensitive information via a crafted certificate.
The "Middleton Community Bank Mobile Banking" by Middleton Community Bank app 3.0.0 -- aka middleton-community-bank-mobile- banking/id721843238 for iOS does not verify X.509 certificates from SSL mea_financial_enterprises -- servers, which allows man-in-the-middle CVE- middleton_community_bank_mobil attackers to spoof servers and obtain not yet 2017-9576 e_banking_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "Morton Credit Union Mobile Banking" by Morton Credit Union app 3.0.1 -- aka morton-credit-union-mobile- banking/id1119623070 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9598 morton_credit_union_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The mount-vernon-bank-trust-mobile- banking/id542706679 app 3.0.0 for iOS does not verify X.509 certificates from mea_financial_enterprises -- SSL servers, which allows man-in-the- CVE- mount_vernon_bank_trust_mobile_ middle attackers to spoof servers and not yet 2017-9570 banking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which CVE- mea_financial_enterprises -- allows man-in-the-middle attackers to not yet 2017-9573 nasb_mobile_banking_app spoof servers and obtain sensitive 2017- calculaMISC(link information via a crafted certificate. 06-16 ted is external)
The "Oculina Mobile Banking" by Oculina Bank app 3.0.0 -- aka oculina- CVE- mobile-banking/id867025690 for iOS mea_financial_enterprises -- not yet 2017-9593 does not verify X.509 certificates from oculina_mobile_banking_app 2017- calculaMISC(link SSL servers, which allows man-in-the- 06-16 ted is external) middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "Oritani Mobile Banking" by Oritani Bank app 3.0.0 -- aka oritani-mobile- banking/id778851066 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9588 oritani_mobile_banking_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "PCB Mobile" by Phelps County Bank app 3.0.2 -- aka pcb- mobile/id436891295 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9591 pcb_mobile_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "PCSB BANK Mobile" by PCSB Bank app 3.0.4 -- aka pcsb-bank- mobile/id1067472090 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9587 pcsb_bank_mobile_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "Peoples Bank Tulsa" by Peoples Bank - OK app 3.0.2 -- aka peoples- bank-tulsa/id1074279285 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9600 peoples_bank_tulsa_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "Pioneer Bank & Trust Mobile Banking" by PIONEER BANK AND TRUST app 3.0.0 -- aka pioneer-bank- mea_financial_enterprises -- CVE- trust-mobile-banking/id603182861 for pioneer_bank_and_trust_mobile_ba not yet 2017-9580 iOS does not verify X.509 certificates nking_app 2017- calculaMISC(link from SSL servers, which allows man-in- 06-16 ted is external) the-middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb- mobile/id757928895 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9578 rvcb_mobile_banking_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "SCSB Shelbyville IL Mobile Banking" by Shelby County State Bank app 3.0.0 -- aka scsb-shelbyville-il- mobile-banking/id938960224 for iOS does not verify X.509 certificates from mea_financial_enterprises -- SSL servers, which allows man-in-the- CVE- scsb_shelbyville_il_mobile_banking middle attackers to spoof servers and not yet 2017-9589 _app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo app 3.0.2 -- aka state-bank-of-waterloo- mobile-banking/id555321714 for iOS does not verify X.509 certificates from mea_financial_enterprises -- SSL servers, which allows man-in-the- CVE- state_bank_of_waterloo_mobile_ba middle attackers to spoof servers and not yet 2017-9590 nking_app obtain sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The "SVB Mobile" by Sauk Valley Bank Mobile Banking app 3.0.0 -- aka svb- mobile/id796429885 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9594 svb_mobile_banking_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
The wawa-employees-credit-union- CVE- mobile/id1158082793 app 4.0.1 for iOS mea_financial_enterprises -- not yet 2017-9558 does not verify X.509 certificates from wawa_employees_credit_union_app 2017- calculaMISC(link SSL servers, which allows man-in-the- 06-16 ted is external) middle attackers to spoof servers and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info obtain sensitive information via a crafted certificate.
The "Your Legacy Federal Credit Union Mobile Banking" by Your Legacy Federal Credit Union app 3.0.1 -- aka your-legacy-federal-credit-union-mobile- banking/id919131389 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle CVE- mea_financial_enterprises -- attackers to spoof servers and obtain not yet 2017-9592 your_legacy_mobile_banking_app sensitive information via a crafted 2017- calculaMISC(link certificate. 06-16 ted is external)
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code CVE- within the context of the kernel. This 2017-0636 issue is rated as High because it first BID(link is requires compromising a privileged external) process. Product: Android. Versions: not yet CONFIRM mediatek -- mediatek N/A. Android ID: A-35310230. 2017- calcula(link is References: M-ALPS03162263. 06-14 ted external)
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have been allowed, as the stop/stop_all routes change the state of the service. This could have allowed an CVE- attacker to stop currently-running 2017-5244 Metasploit tasks by getting an BID(link is authenticated user to execute JavaScript. external) As of Metasploit 4.14.0 (Update CONFIRM 2017061301), the routes for stopping (link is tasks only allow POST requests, which not yet external) metasploit -- metasploit validate the presence of a secret token to 2017- calculaMISC(link prevent CSRF attacks. 06-15 ted is external)
A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-8509 not yet in memory, aka "Office Remote Code BID(link is 2017- calcula Execution Vulnerability". This CVE ID external) microsoft -- office 06-14 ted is unique from CVE-2017-8510, CVE- CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info 2017-8511, CVE-2017-8512, CVE-2017- (link is 0260, and CVE-2017-8506. external)
CVE- 2017-8507 A remote code execution vulnerability BID(link is exists in the way Microsoft Office external) software parses specially crafted email not yet CONFIRM messages, aka "Microsoft Office 2017- calcula(link is microsoft -- office Memory Corruption Vulnerability". 06-14 ted external)
A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-8510 in memory, aka "Office Remote Code BID(link is Execution Vulnerability". This CVE ID external) is unique from CVE-2017-8509, CVE- not yet CONFIRM microsoft -- office 2017-8511, CVE-2017-8512, CVE-2017- 2017- calcula(link is 0260, and CVE-2017-8506. 06-14 ted external)
A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-8506 in memory, aka "Office Remote Code BID(link is Execution Vulnerability". This CVE ID external) is unique from CVE-2017-8509, CVE- not yet CONFIRM microsoft -- office 2017-8510, CVE-2017-8511, CVE-2017- 2017- calcula(link is 8512, and CVE-2017-0260. 06-14 ted external)
A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-0260 in memory, aka "Office Remote Code BID(link is Execution Vulnerability". This CVE ID external) is unique from CVE-2017-8509, CVE- not yet CONFIRM microsoft -- office 2017-8510, CVE-2017-8511, CVE-2017- 2017- calcula(link is 8512, and CVE-2017-8506. 06-14 ted external)
CVE- 2017-8508 A security feature bypass vulnerability BID(link is exists in Microsoft Office software when external) it improperly handles the parsing of file not yet CONFIRM microsoft -- office formats, aka "Microsoft Office Security 2017- calcula(link is Feature Bypass Vulnerability". 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-8512 in memory, aka "Office Remote Code BID(link is Execution Vulnerability". This CVE ID external) is unique from CVE-2017-8509, CVE- not yet CONFIRM microsoft -- office 2017-8510, CVE-2017-8511, CVE-2017- 2017- calcula(link is 0260, and CVE-2017-8506. 06-14 ted external)
A remote code execution vulnerability exists in Microsoft Office when the CVE- software fails to properly handle objects 2017-8511 in memory, aka "Office Remote Code BID(link is Execution Vulnerability". This CVE ID external) is unique from CVE-2017-8509, CVE- not yet CONFIRM microsoft -- office 2017-8510, CVE-2017-8512, CVE-2017- 2017- calcula(link is 0260, and CVE-2017-8506. 06-14 ted external)
CVE- 2017-8545 A spoofing vulnerability exists in when BID(link is Microsoft Outlook for Mac does not external) sanitize html properly, aka "Microsoft not yet CONFIRM microsoft -- outlook Outlook for Mac Spoofing 2017- calcula(link is Vulnerability". 06-14 ted external)
CVE- 2017-8513 A remote code execution vulnerability BID(link is exists in Microsoft PowerPoint when the external) software fails to properly handle objects not yet CONFIRM microsoft -- powerpoint in memory, aka "Microsoft PowerPoint 2017- calcula(link is Remote Code Execution Vulnerability". 06-14 ted external)
CVE- 2017-8551 An elevation of privilege vulnerability BID(link is exists when Microsoft SharePoint external) software fails to properly sanitize a not yet CONFIRM microsoft -- sharepoint specially crafted requests, aka "Microsoft 2017- calcula(link is SharePoint XSS vulnerability". 06-14 ted external)
An information disclosure vulnerability CVE- not yet exists when Microsoft SharePoint 2017-8514 microsoft -- sharepoint 2017- calcula software fails to properly sanitize a BID(link is 06-14 ted specially crafted requests, aka "Microsoft external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info SharePoint Reflective XSS CONFIRM Vulnerability". (link is external)
CVE- 2017-8550 A remote code execution vulnerability BID(link is exists in Skype for Business when the external) software fails to sanitize specially crafted not yet CONFIRM microsoft -- skype content, aka "Skype for Business Remote 2017- calcula(link is Code Execution Vulnerability". 06-14 ted external)
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, CVE- 1511, 1607, 1703, and Windows Server 2017-0292 2016 allows remote code execution if a BID(link is user opens a specially crafted PDF file, external) aka "Windows PDF Remote Code not yet CONFIRM Execution Vulnerability". This CVE ID 2017- calcula(link is microsoft -- windows is unique from CVE-2017-0291. 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel CVE- improperly initializes objects in memory, 2017-8471 aka "Win32k Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-8470, CVE-2017-8472, not yet CONFIRM CVE-2017-8473, CVE-2017-8475, CVE- 2017- calcula(link is microsoft -- windows 2017-8477, and CVE-2017-8484. 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows CVE- Server 2012 and R2, Windows 10 Gold, 2017-8473 1511, 1607, and Windows Server 2016 BID(link is allow an authenticated attacker to run a external) specially crafted application when the not yet CONFIRM Windows kernel improperly initializes 2017- calcula(link is objects in memory, aka "Win32k microsoft -- windows 06-14 ted external) Information Disclosure Vulnerability". Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info This CVE ID is unique from CVE-2017- 8470, CVE-2017-8471, CVE-2017-8472, CVE-2017-8475, CVE-2017-8477, and CVE-2017-8484.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8489 8480, CVE-2017-8479, CVE-2017-8478, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is microsoft -- windows 0297. 06-14 ted external)
Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows CVE- PowerShell session, aka "Device Guard 2017-0216 Code Integrity Policy Security Feature BID(link is Bypass Vulnerability." This CVE ID is external) unique from CVE-2017-0173, CVE- not yet CONFIRM 2017-0215, CVE-2017-0218, and CVE- 2017- calcula(link is microsoft -- windows 2017-0219. 06-14 ted external)
CVE- The kernel in Microsoft Windows Server 2017-8488 2008 SP2 and R2 SP1, Windows 7 SP1, BID(link is Windows 8.1, Windows Server 2012 external) Gold and R2, Windows RT 8.1, not yet CONFIRM Windows 10 Gold, 1511, 1607, 1703, 2017- calcula(link is and Windows Server 2016 allows an microsoft -- windows 06-14 ted external) authenticated attacker to obtain Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8485, CVE- 2017-8483, CVE-2017-8482, CVE-2017- 8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting CVE- engine fails to handle objects in memory, 2017-8521 aka "Scripting Engine Memory BID(link is Corruption Vulnerability". This CVE ID external) is unique from CVE-2017-8499, CVE- not yet CONFIRM 2017-8520, CVE-2017-8548, and CVE- 2017- calcula(link is microsoft -- windows 2017-8549. 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows CVE- Server 2016 allow an attacker to obtain 2017-8544 information to further compromise the BID(link is user's system when Windows Search fails external) to handle objects in memory, aka not yet CONFIRM "Windows Search Information 2017- calcula(link is microsoft -- windows Disclosure Vulnerability". 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows CVE- 8.1 and Windows RT 8.1, Windows 2017-8484 Server 2012 and R2, Windows 10 Gold, BID(link is 1511, 1607, and 1703, and Windows external) Server 2016 allow an authenticated not yet CONFIRM attacker to run a specially crafted 2017- calcula(link is application when the Windows kernel microsoft -- windows 06-14 ted external) improperly initializes objects in memory, Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8470, CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE- 2017-8475, and CVE-2017-8477.
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel CVE- improperly initializes objects in memory, 2017-8475 aka "Win32k Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-8470, CVE-2017-8471, not yet CONFIRM CVE-2017-8472, CVE-2017-8473, CVE- 2017- calcula(link is microsoft -- windows 2017-8477, and CVE-2017-8484. 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel CVE- improperly initializes objects in memory, 2017-8470 aka "Win32k Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-8471, CVE-2017-8472, not yet CONFIRM CVE-2017-8473, CVE-2017-8475, CVE- 2017- calcula(link is microsoft -- windows 2017-8477, and CVE-2017-8484. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 CVE- Gold and R2, Windows RT 8.1, 2017-8492 Windows 10 Gold, 1511, 1607, 1703, BID(link is and Windows Server 2016 allows an external) authenticated attacker to obtain not yet CONFIRM information via a specially crafted 2017- calcula(link is application. aka "Windows Kernel microsoft -- windows 06-14 ted external) Information Disclosure Vulnerability," a Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- 2017-8483, CVE-2017-8482, CVE-2017- 8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8490 8480, CVE-2017-8479, CVE-2017-8478, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is microsoft -- windows 0297. 06-14 ted external)
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker CVE- to execute arbitrary code in the context of 2017-8496 the current user when Microsoft Edge BID(link is improperly accesses objects in memory, external) aka "Microsoft Edge Memory Corruption not yet CONFIRM Vulnerability". This CVE ID is unique 2017- calcula(link is microsoft -- windows from CVE-2017-8497. 06-14 ted external)
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows CVE- 8.1, Windows Server 2012 Gold and R2, 2017-0288 not yet Windows RT 8.1, Windows 10 Gold, BID(link is microsoft -- windows 2017- calcula 1511, 1607, 1703, and Windows Server external) 06-14 ted 2016 allows improper disclosure of CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info memory contents, aka "Windows (link is Graphics Information Disclosure external) Vulnerability". This CVE ID is unique from CVE-2017-0286, CVE-2017-0287, CVE-2017-0289, CVE-2017-8531, CVE- 2017-8532, and CVE-2017-8533.
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of CVE- memory contents, aka "Windows 2017-0289 Graphics Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-0286, CVE-2017-0287, not yet CONFIRM microsoft -- windows CVE-2017-0288, CVE-2017-8531, CVE- 2017- calcula(link is 2017-8532, and CVE-2017-8533. 06-14 ted external)
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow CVE- an attacker to run processes in an 2017-8465 elevated context when the Windows BID(link is kernel improperly handles objects in external) memory, aka "Win32k Elevation of not yet CONFIRM microsoft -- windows Privilege Vulnerability." This CVE ID is 2017- calcula(link is unique from CVE-2017-8468. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain CVE- information via a specially crafted 2017-8491 application. aka "Windows Kernel BID(link is Information Disclosure Vulnerability," a external) different vulnerability than CVE-2017- not yet CONFIRM 8492, CVE-2017-8490, CVE-2017-8489, microsoft -- windows 2017- calcula(link is CVE-2017-8488, CVE-2017-8485, CVE- 06-14 ted external) 2017-8483, CVE-2017-8482, CVE-2017- Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info 8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE- CVE- 2017-8485, CVE-2017-8483, CVE-2017- 2017-8480 8482, CVE-2017-8479, CVE-2017-8478, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
CVE- Windows OLE in Windows XP and 2017-8487 Windows Server 2003 allows an attacker BID(link is to execute code when a victim opens a external) specially crafted file or program aka not yet CONFIRM microsoft -- windows "Windows olecnv32.dll Remote Code 2017- calcula(link is Execution Vulnerability." 06-15 ted external)
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, CVE- 1511, 1607, 1703, and Windows Server 2017-0291 2016 allows remote code execution if a BID(link is user opens a specially crafted PDF file, external) aka "Windows PDF Remote Code not yet CONFIRM microsoft -- windows Execution Vulnerability". This CVE ID 2017- calcula(link is is unique from CVE-2017-0292. 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious CVE- code into a Windows PowerShell session, 2017-0218 aka "Device Guard Code Integrity Policy BID(link is Security Feature Bypass Vulnerability." external) This CVE ID is unique from CVE-2017- not yet CONFIRM microsoft -- windows 0173, CVE-2017-0215, CVE-2017-0216, 2017- calcula(link is and CVE-2017-0219. 06-14 ted external)
CVE- Microsoft Windows 10 1607 and 1703, 2017-0295 and Windows Server 2016 allow an BID(link is authenticated attacker to modify the external) C:\Users\DEFAULT folder structure, aka not yet CONFIRM microsoft -- windows "Windows Default Folder Tampering 2017- calcula(link is Vulnerability". 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel CVE- improperly initializes objects in memory, 2017-8477 aka "Win32k Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-8470, CVE-2017-8471, not yet CONFIRM microsoft -- windows CVE-2017-8472, CVE-2017-8473, CVE- 2017- calcula(link is 2017-8475, and CVE-2017-8484. 06-14 ted external)
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows CVE- 8.1, Windows Server 2012 Gold and R2, 2017-0286 Windows RT 8.1, Windows 10 Gold, BID(link is 1511, 1607, 1703, and Windows Server external) 2016 allows improper disclosure of not yet CONFIRM memory contents, aka "Windows microsoft -- windows 2017- calcula(link is Graphics Information Disclosure 06-14 ted external) Vulnerability". This CVE ID is unique Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info from CVE-2017-0287, CVE-2017-0288, CVE-2017-0289, CVE-2017-8531, CVE- 2017-8532, and CVE-2017-8533.
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 SP3, and CVE- Microsoft Office 2010 SP2 allows 2017-0282 improper disclosure of memory contents, BID(link is aka "Windows Uniscribe Information external) Disclosure Vulnerability". This CVE ID not yet CONFIRM microsoft -- windows is unique from CVE-2017-0284, CVE- 2017- calcula(link is 2017-0285, and CVE-2017-8534. 06-14 ted external)
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on CVE- Microsoft Windows allows a remote code 2017-0283 execution vulnerability due to the way it BID(link is handles objects in memory, aka external) "Windows Uniscribe Remote Code not yet CONFIRM microsoft -- windows Execution Vulnerability". This CVE ID 2017- calcula(link is is unique from CVE-2017-8528. 06-14 ted external)
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows CVE- 8.1, Windows Server 2012 Gold and R2, 2017-0285 Windows RT 8.1, Windows 10 Gold, BID(link is 1511, 1607, 1703, Windows Server 2016, external) Microsoft Office 2007 SP3, Microsoft not yet CONFIRM Office 2010 SP2, and Microsoft Office microsoft -- windows 2017- calcula(link is Word Viewer allows improper disclosure 06-14 ted external) of memory contents, aka "Windows Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Uniscribe Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0282, CVE-2017-0284, and CVE-2017-8534.
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 SP3, and CVE- Microsoft Office 2010 SP2 allows 2017-0284 improper disclosure of memory contents, BID(link is aka "Windows Uniscribe Information external) Disclosure Vulnerability". This CVE ID not yet CONFIRM microsoft -- windows is unique from CVE-2017-0282, CVE- 2017- calcula(link is 2017-0285, and CVE-2017-8534. 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, CVE- 1511, 1607, and 1703, and Windows 2017-0294 Server 2016 allow an attacker to execute BID(link is remote code when Windows fails to external) properly handle cabinet files, aka not yet CONFIRM microsoft -- windows "Windows Remote Code Execution 2017- calcula(link is Vulnerability". 06-14 ted external)
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in CVE- memory, aka "Win32k Information 2017-8472 Disclosure Vulnerability". This CVE ID BID(link is is unique from CVE-2017-8470, CVE- external) 2017-8471, CVE-2017-8473, CVE-2017- not yet CONFIRM microsoft -- windows 8475, CVE-2017-8477, and CVE-2017- 2017- calcula(link is 8484. 06-14 ted external)
The kernel in Microsoft Windows Server CVE- not yet 2008 SP2 and R2 SP1, Windows 7 SP1, 2017-8469 microsoft -- windows 2017- calcula Windows 8.1, Windows Server 2012 BID(link is 06-14 ted Gold and R2, Windows RT 8.1, external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Windows 10 Gold, 1511, 1607, and CONFIRM Windows Server 2016 allows an (link is authenticated attacker to obtain external) information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- 2017-8483, CVE-2017-8482, CVE-2017- 8481, CVE-2017-8480, CVE-2017-8478, CVE-2017-8479, CVE-2017-8476, CVE- 2017-8474, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, CVE- 1511, 1607, and 1703, and Windows 2017-0296 Server 2016 allow an attacker to elevate BID(link is privilege when tdx.sys fails to check the external) length of a buffer prior to copying not yet CONFIRM microsoft -- windows memory to it, aka "Windows TDX 2017- calcula(link is Elevation of Privilege Vulnerability". 06-14 ted external)
Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the CVE- JavaScript engines fail to render when 2017-8517 handling objects in memory in Microsoft BID(link is browsers, aka "Scripting Engine Memory external) microsoft -- windows Corruption Vulnerability". This CVE ID not yet CONFIRM is unique from CVE-2017-8522 and 2017- calcula(link is CVE-2017-8524. 06-14 ted external)
not yet Microsoft Windows 8.1 and Windows CVE- microsoft -- windows 2017- calcula RT 8.1, Windows Server 2012 R2, 2017-8468 06-14 ted Windows 10 Gold, 1511, 1607, and BID(link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info 1703, and Windows Server 2016 allow external) an attacker to run processes in an CONFIRM elevated context when the Windows (link is kernel improperly handles objects in external) memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8465.
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow CVE- an attacker to set variables that are either 2017-8493 read-only or require authentication when BID(link is Windows fails to enforce case sensitivity external) for certain variable checks, aka not yet CONFIRM microsoft -- windows "Windows Security Feature Bypass 2017- calcula(link is Vulnerability". 06-14 ted external)
Windows Cursor in Windows 8.1, CVE- Windows Server 2012 Gold and R2, 2017-8466 Windows RT 8.1, Windows 10 Gold, BID(link is 1511, 1607, and Windows Server 2016 external) allows improper elevation of privilege, not yet CONFIRM microsoft -- windows aka "Windows Cursor Elevation of 2017- calcula(link is Privilege Vulnerability". 06-14 ted external)
Microsoft Windows 10 1511, 1607, and CVE- 1703, and Windows Server 2016 allow 2017-8515 an unauthenticated attacker to send a BID(link is specially crafted kernel mode request to external) cause a denial of service on the target not yet CONFIRM microsoft -- windows system, aka "Windows VAD Cloning 2017- calcula(link is Denial of Service Vulnerability". 06-14 ted external)
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated CVE- attacker to run a specially crafted 2017-8494 application on a targeted system when BID(link is Windows Secure Kernel Mode fails to external) properly handle objects in memory, aka not yet CONFIRM microsoft -- windows "Windows Elevation of Privilege 2017- calcula(link is Vulnerability". 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8474 8481, CVE-2017-8480, CVE-2017-8478, BID(link is CVE-2017-8479, CVE-2017-8476, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8481 8480, CVE-2017-8479, CVE-2017-8478, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, CVE- Windows 8.1, Windows Server 2012 2017-8479 not yet Gold and R2, Windows RT 8.1, BID(link is microsoft -- windows 2017- calcula Windows 10 Gold, 1511, 1607, 1703, external) 06-14 ted and Windows Server 2016 allows an CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info authenticated attacker to obtain (link is information via a specially crafted external) application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE- 2017-8485, CVE-2017-8483, CVE-2017- 8482, CVE-2017-8481, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8476 8481, CVE-2017-8480, CVE-2017-8478, BID(link is CVE-2017-8479, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, CVE- Windows 10 Gold, 1511, 1607, 1703, 2017-8482 and Windows Server 2016 allows an BID(link is authenticated attacker to obtain external) information via a specially crafted not yet CONFIRM application. aka "Windows Kernel microsoft -- windows 2017- calcula(link is Information Disclosure Vulnerability," a 06-14 ted external) different vulnerability than CVE-2017- Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE- 2017-8485, CVE-2017-8483, CVE-2017- 8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8485 8480, CVE-2017-8479, CVE-2017-8478, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in CVE- the context of the current user when 2017-8519 Internet Explorer improperly accesses BID(link is objects in memory, aka "Internet external) microsoft -- windows Explorer Memory Corruption not yet CONFIRM Vulnerability". This CVE ID is unique 2017- calcula(link is from CVE-2017-8547. 06-14 ted external)
The kernel in Microsoft Windows Server CVE- not yet 2008 SP2 and R2 SP1, Windows 7 SP1, 2017-8483 microsoft -- windows 2017- calcula Windows 8.1, Windows Server 2012 BID(link is 06-14 ted Gold and R2, Windows RT 8.1, external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Windows 10 Gold, 1511, 1607, 1703, CONFIRM and Windows Server 2016 allows an (link is authenticated attacker to obtain external) information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8492, CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE- 2017-8485, CVE-2017-8482, CVE-2017- 8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE- 2017-8469, CVE-2017-8462, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-8478 8481, CVE-2017-8480, CVE-2017-8479, BID(link is CVE-2017-8476, CVE-2017-8474, CVE- external) 2017-8469, CVE-2017-8462, CVE-2017- not yet CONFIRM microsoft -- windows 0300, CVE-2017-0299, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows CVE- 8.1, Windows Server 2012 Gold and R2, 2017-0287 Windows RT 8.1, Windows 10 Gold, BID(link is 1511, 1607, 1703, and Windows Server external) 2016 allows improper disclosure of not yet CONFIRM memory contents, aka "Graphics microsoft -- windows 2017- calcula(link is Uniscribe Information Disclosure 06-14 ted external) Vulnerability". This CVE ID is unique Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info from CVE-2017-0286, CVE-2017-0288, CVE-2017-0289, CVE-2017-8531, CVE- 2017-8532, and CVE-2017-8533.
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an CVE- attacker to execute arbitrary code in the 2017-8547 context of the current user when Internet BID(link is Explorer improperly accesses objects in external) memory, aka "Internet Explorer Memory not yet CONFIRM microsoft -- windows Corruption Vulnerability". This CVE ID 2017- calcula(link is is unique from CVE-2017-8519. 06-14 ted external)
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an CVE- attacker to detect specific files on the 2017-8529 user's computer when affected Microsoft BID(link is scripting engines do not properly handle external) objects in memory, aka "Microsoft not yet CONFIRM microsoft -- windows Browser Information Disclosure 2017- calcula(link is Vulnerability". 06-14 ted external)
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with CVE- malicious content when Microsoft Edge 2017-8530 does not properly enforce same-origin BID(link is policies, aka "Microsoft Edge Security external) Feature Bypass Vulnerability". This CVE not yet CONFIRM microsoft -- windows ID is unique from CVE-2017-8523 and 2017- calcula(link is CVE-2017-8555. 06-14 ted external)
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, CVE- Windows Server 2008 SP2 and R2 SP1, 2017-8552 and Windows 8 allows an elevation of not yet CONFIRM privilege when it fails to properly handle microsoft -- windows 2017- calcula(link is objects in memory, aka "Win32k 06-14 ted external) Elevation of Privilege Vulnerability". Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info This CVE is unique from CVE-2017- 0263.
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security CVE- Policy (CSP) fails to properly validate 2017-8555 certain specially crafted documents, aka BID(link is "Microsoft Edge Security Feature Bypass external) Vulnerability". This CVE ID is unique not yet CONFIRM microsoft -- windows from CVE-2017-8523 and CVE-2017- 2017- calcula(link is 8530. 06-14 ted external)
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to CVE- render when handling objects in memory 2017-8524 in Microsoft browsers, aka "Scripting BID(link is Engine Memory Corruption external) Vulnerability". This CVE ID is unique not yet CONFIRM microsoft -- windows from CVE-2017-8517 and CVE-2017- 2017- calcula(link is 8522. 06-14 ted external)
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious CVE- code into a Windows PowerShell session, 2017-0173 aka "Device Guard Code Integrity Policy BID(link is Security Feature Bypass Vulnerability." external) This CVE ID is unique from CVE-2017- not yet CONFIRM microsoft -- windows 0215, CVE-2017-0216, CVE-2017-0218, 2017- calcula(link is and CVE-2017-0219. 06-14 ted external)
Uniscribe in Windows Server 2008 SP2 CVE- not yet and R2 SP1, Windows 7 SP1, Windows 2017-8528 microsoft -- windows 2017- calcula 8.1, Windows Server 2012 Gold and R2, BID(link is 06-14 ted Windows RT 8.1, Windows 10 Gold, external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info 1511, 1607, Windows Server 2016, CONFIRM Microsoft Office 2007 SP3, and (link is Microsoft Office 2010 SP2 allows a external) remote code execution vulnerability due to the way it handles objects in memory, aka "Windows Uniscribe Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0283.
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, CVE- 1511, 1607, 1703, and Windows Server 2017-8527 2016 allows a remote code execution BID(link is vulnerability due to the way it handles external) objects in memory, aka "Windows not yet CONFIRM microsoft -- windows Graphics Remote Code Execution 2017- calcula(link is Vulnerability". 06-14 ted external)
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be CVE- disclosed when Edge allows JavaScript 2017-8498 XML DOM objects to detect installed BID(link is browser extensions, aka "Microsoft Edge external) microsoft -- windows Information Disclosure Vulnerability". not yet CONFIRM This CVE ID is unique from CVE-2017- 2017- calcula(link is 8504. 06-14 ted external)
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting CVE- engine fails to handle objects in memory, 2017-8499 aka "Scripting Engine Memory BID(link is Corruption Vulnerability". This CVE ID external) microsoft -- windows is unique from CVE-2017-8520, CVE- not yet CONFIRM 2017-8521, CVE-2017-8548, and CVE- 2017- calcula(link is 2017-8549. 06-14 ted external)
Windows PDF in Windows 8.1, CVE- Windows Server 2012 Gold and R2, 2017-8460 not yet Windows RT 8.1, Windows 10 Gold, BID(link is microsoft -- windows 2017- calcula 1511, 1607, 1703, and Windows Server external) 06-14 ted 2016 allows information disclosure when CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info a user opens a specially crafted PDF file, (link is aka "Windows PDF Information external) Disclosure Vulnerability".
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross- CVE- origin request when the Microsoft Edge 2017-8504 Fetch API incorrectly handles a filtered BID(link is response type, aka "Microsoft Edge external) microsoft -- windows Information Disclosure Vulnerability". not yet CONFIRM This CVE ID is unique from CVE-2017- 2017- calcula(link is 8498. 06-14 ted external)
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker CVE- to execute arbitrary code in the context of 2017-8497 the current user when Microsoft Edge BID(link is improperly accesses objects in memory, external) aka "Microsoft Edge Memory Corruption not yet CONFIRM microsoft -- windows Vulnerability". This CVE ID is unique 2017- calcula(link is from CVE-2017-8496. 06-14 ted external)
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting CVE- engine fails to handle objects in memory, 2017-8520 aka "Scripting Engine Memory BID(link is Corruption Vulnerability". This CVE ID external) microsoft -- windows is unique from CVE-2017-8499, CVE- not yet CONFIRM 2017-8521, CVE-2017-8548, and CVE- 2017- calcula(link is 2017-8549. 06-14 ted external)
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker CVE- to trick a user into loading a page with 2017-8523 malicious content when Microsoft Edge BID(link is fails to correctly apply Same Origin external) Policy for HTML elements present in not yet CONFIRM other browser windows, aka "Microsoft microsoft -- windows 2017- calcula(link is Edge Security Feature Bypass 06-14 ted external) Vulnerability". This CVE ID is unique Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info from CVE-2017-8530 and CVE-2017- 8555.
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when CVE- Microsoft Edge improperly improperly 2017-8549 handles objects in memory, aka BID(link is "Scripting Engine Memory Corruption external) Vulnerability". This CVE ID is unique not yet CONFIRM microsoft -- windows from CVE-2017-8499, CVE-2017-8520, 2017- calcula(link is CVE-2017-8521, and CVE-2017-8548. 06-14 ted external)
An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, CVE- Windows Server 2012 Gold and R2, 2017-8553 Windows RT 8.1, and Windows Server BID(link is 2016 when the Windows kernel external) improperly handles objects in memory, not yet CONFIRM microsoft -- windows aka "GDI Information Disclosure 2017- calcula(link is Vulnerability". 06-14 ted external)
The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE- CVE-2017-8488, CVE-2017-8485, CVE- 2017-0297 2017-8483, CVE-2017-8482, CVE-2017- BID(link is 8481, CVE-2017-8480, CVE-2017-8478, external) CVE-2017-8479, CVE-2017-8476, CVE- not yet CONFIRM microsoft -- windows 2017-8474, CVE-2017-8469, CVE-2017- 2017- calcula(link is 8462, CVE-2017-0299, CVE-2017-0300. 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server CVE- 2016, when configured to run as the 2017-0298 interactive user, allows an authenticated BID(link is attacker to run arbitrary code in another external) user's session, aka "Windows COM not yet CONFIRM microsoft -- windows Session Elevation of Privilege 2017- calcula(link is Vulnerability." 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- CVE- 2017-8483, CVE-2017-8482, CVE-2017- 2017-0299 8481, CVE-2017-8480, CVE-2017-8478, BID(link is CVE-2017-8479, CVE-2017-8476, CVE- external) 2017-8474, CVE-2017-8469, CVE-2017- not yet CONFIRM microsoft -- windows 8462, CVE-2017-0300, and CVE-2017- 2017- calcula(link is 0297. 06-14 ted external)
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious CVE- code into a Windows PowerShell session, 2017-0215 aka "Device Guard Code Integrity Policy BID(link is Security Feature Bypass Vulnerability." external) This CVE ID is unique from CVE-2017- not yet CONFIRM microsoft -- windows 0173, CVE-2017-0216, CVE-2017-0218, 2017- calcula(link is and CVE-2017-0219. 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when CVE- Microsoft Edge improperly improperly 2017-8548 handles objects in memory, aka BID(link is "Scripting Engine Memory Corruption external) Vulnerability". This CVE ID is unique not yet CONFIRM microsoft -- windows from CVE-2017-8499, CVE-2017-8520, 2017- calcula(link is CVE-2017-8521, and CVE-2017-8549. 06-14 ted external)
Windows RPC with Routing and Remote Access enabled in Windows XP and CVE- Windows Server 2003 allows an attacker 2017-8461 to execute code on a targeted RPC server BID(link is which has Routing and Remote Access external) enabled via a specially crafted not yet CONFIRM microsoft -- windows application, aka "Windows RPC Remote 2017- calcula(link is Code Execution Vulnerability." 06-15 ted external)
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious CVE- code into a Windows PowerShell session, 2017-0219 aka "Device Guard Code Integrity Policy BID(link is Security Feature Bypass Vulnerability." external) This CVE ID is unique from CVE-2017- not yet CONFIRM microsoft -- windows 0173, CVE-2017-0215, CVE-2017-0216, 2017- calcula(link is and CVE-2017-0218. 06-14 ted external)
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, CVE- Windows RT 8.1, Windows 10 Gold, 2017-8464 1511, 1607, 1703, and Windows Server BID(link is 2016 allows local users or remote external) attackers to execute arbitrary code via a not yet CONFIRM crafted .LNK file, which is not properly microsoft -- windows 2017- calcula(link is handled during icon display in Windows 06-14 ted external) Explorer or any other application that Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the CVE- JavaScript engines fail to render when 2017-8522 handling objects in memory in Microsoft BID(link is browsers, aka "Scripting Engine Memory external) Corruption Vulnerability". This CVE ID not yet CONFIRM microsoft -- windows is unique from CVE-2017-8517 and 2017- calcula(link is CVE-2017-8524. 06-14 ted external)
Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows CVE- an attacker to gain elevated privileges on 2017-0193 a target guest operating system when BID(link is Windows Hyper-V instruction emulation external) fails to properly enforce privilege levels, not yet CONFIRM microsoft -- windows aka "Hypervisor Code Integrity Elevation 2017- calcula(link is of Privilege Vulnerability". 06-14 ted external)
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and CVE- Microsoft Office 2010 SP2 allows 2017-8534 improper disclosure of memory contents, BID(link is aka "Windows Uniscribe Information external) Disclosure Vulnerability". This CVE ID not yet CONFIRM microsoft -- windows is unique from CVE-2017-0282, CVE- 2017- calcula(link is 2017-0284, and CVE-2017-0285. 06-14 ted external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of CVE- memory contents, aka "Graphics 2017-8533 Uniscribe Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-0286, CVE-2017-0287, not yet CONFIRM microsoft -- windows CVE-2017-0288, CVE-2017-0289, CVE- 2017- calcula(link is 2017-8531, and CVE-2017-8532. 06-14 ted external)
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and CVE- 1703, and Windows Server 2016 allow 2017-8543 an attacker to take control of the affected BID(link is system when Windows Search fails to external) handle objects in memory, aka "Windows not yet CONFIRM microsoft -- windows Search Remote Code Execution 2017- calcula(link is Vulnerability". 06-14 ted external)
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of CVE- memory contents, aka "Graphics 2017-8532 Uniscribe Information Disclosure BID(link is Vulnerability". This CVE ID is unique external) from CVE-2017-0286, CVE-2017-0287, not yet CONFIRM microsoft -- windows CVE-2017-0288, CVE-2017-0289, CVE- 2017- calcula(link is 2017-8531, and CVE-2017-8533. 06-14 ted external)
The kernel in Microsoft Windows Server CVE- 2008 SP2 and R2 SP1, Windows 7 SP1, 2017-8462 not yet Windows 8.1, Windows Server 2012 BID(link is microsoft -- windows 2017- calcula Gold and R2, Windows RT 8.1, external) 06-14 ted Windows 10 Gold, 1511, 1607, 1703, CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info and Windows Server 2016 allows an (link is authenticated attacker to obtain external) information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017- 8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE- 2017-8483, CVE-2017-8482, CVE-2017- 8481, CVE-2017-8480, CVE-2017-8478, CVE-2017-8479, CVE-2017-8476, CVE- 2017-8474, CVE-2017-8469, CVE-2017- 0300, CVE-2017-0299, and CVE-2017- 0297.
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper disclosure of memory CVE- contents, aka "Graphics Uniscribe 2017-8531 Information Disclosure Vulnerability". BID(link is This CVE ID is unique from CVE-2017- external) 0286, CVE-2017-0287, CVE-2017-0288, not yet CONFIRM microsoft -- windows CVE-2017-0289, CVE-2017-8532, and 2017- calcula(link is CVE-2017-8533. 06-14 ted external)
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted CVE- application. aka "Windows Kernel 2017-0300 Information Disclosure Vulnerability," a BID(link is different vulnerability than CVE-2017- external) 8491, CVE-2017-8490, CVE-2017-8489, not yet CONFIRM CVE-2017-8488, CVE-2017-8485, CVE- microsoft -- windows 2017- calcula(link is 2017-8483, CVE-2017-8482, CVE-2017- 06-14 ted external) 8481, CVE-2017-8480, CVE-2017-8478, Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE-2017-8479, CVE-2017-8476, CVE- 2017-8474, CVE-2017-8469, CVE-2017- 8462, CVE-2017-0299, and CVE-2017- 0297.
CVE- 2017-9527 The mark_context_stack function in gc.c CONFIRM in mruby through 1.2.0 allows attackers (link is to cause a denial of service (heap-based external) use-after-free and application crash) or not yet CONFIRM mruby -- mruby possibly have unspecified other impact 2017- calcula(link is via a crafted .rb file. 06-11 ted external)
CVE- 2017-2206 BID(link is external) Untrusted search path vulnerability in the JVN(link is installer of SaAT Netizen ver.1.2.10.510 external) and earlier allows an attacker to gain not yet CONFIRM netmove -- saat_netizen privileges via a Trojan horse DLL in an 2017- calcula(link is unspecified directory. 06-09 ted external)
CVE- 2017-2207 BID(link is external) Untrusted search path vulnerability in the JVN(link is installer of SaAT Personal ver.1.0.10.272 external) and earlier allows an attacker to gain not yet CONFIRM netmove -- saat_netizen privileges via a Trojan horse DLL in an 2017- calcula(link is unspecified directory. 06-09 ted external)
New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause CVE- of an INSERT statement, after bypassing not yet 2017-9246 new_relic -- .net_agent a SET SHOWPLAN_ALL ON protection 2017- calculaMISC(link mechanism. 06-13 ted is external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. CVE- Afterward, all system settings can be read 2017-9324 and changed. The URLs in question MISC(link open_ticket_request_system -- contain index.pl?Action=Installer with not yet is external) open_ticket_request_system ;Subaction=Intro or ;Subaction=Start or 2017- calculaMISC(link ;Subaction=System appended at the end. 06-12 ted is external)
In SimpleCE 2.3.0, an authenticated XSS CVE- vulnerability was found on not yet 2017-9674 pascal-bajorat -- simplece index.php/content/text/1?return_url=[XS 2017- calculaMISC(link S] exploitable as a regular or admin user. 06-15 ted is external)
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new CVE- URI) or change its settings (via the not yet 2017-9673 pascal-bajorat -- simplece index.php/user/1 URI), including its 2017- calculaMISC(link password. 06-15 ted is external)
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to authenticate against not yet CVE- external SAML or OpenID Connect 2017- calcula2017-4963 pivotal -- cloud_foundry based identity providers. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This not yet CVE- pivotal -- cloud_foundry could cause application downtime if the 2017- calcula2016-8219 restage fails. 06-13 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. An authorized user can use a blind SQL injection attack to query the contents of the UAA database, aka not yet CVE- pivotal -- cloud_foundry "Blind SQL Injection with privileged 2017- calcula2017-4974 UAA endpoints." 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. A vulnerability has been identified not yet CVE- pivotal -- cloud_foundry with the groups endpoint in UAA 2017- calcula2017-4973 allowing users to elevate their privileges. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application root. Applications containing a Staticfile.auth file but not a Static file had their basic auth turned off when an operator upgraded the Static file build pack in the foundation to one of the not yet CVE- vulnerable versions. Note that Static file pivotal -- cloud_foundry 2017- calcula2017-4970 applications without a Static file are 06-13 ted CONFIRM technically misconfigured, and will not Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info successfully detect unless the Static file build pack is explicitly specified.
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. An attacker can use a blind SQL not yet CVE- pivotal -- cloud_foundry injection attack to query the contents of 2017- calcula2017-4972 the UAA database. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.16, 24.x versions prior to v24.11, 30.x versions prior to 30.4, and other versions prior to v40. There was an issue with forwarded http not yet CVE- pivotal -- cloud_foundry headers in UAA that could result in 2017- calcula2017-4994 account corruption. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to not yet CVE- pivotal -- cloud_foundry the routing API, aka an "Unauthenticated 2017- calcula2016-8218 JWT signing algorithm in routing" issue. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all not yet CVE- 260.x versions. In certain cases an pivotal -- cloud_foundry 2017- calcula2017-4961 authenticated Director user can provide a 06-13 ted CONFIRM malicious checksum that could allow Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf- mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by CVE- many Cloud Foundry components. A 2016-6655 malicious user may exploit numerous not yet BID(link is pivotal -- cloud_foundry vectors to execute arbitrary commands on 2017- calculaexternal) servers running Cloud Foundry. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.15, 24.x versions prior to v24.10, 30.x versions prior to 30.3, and other versions prior to v37. not yet CVE- pivotal -- cloud_foundry There is privilege escalation (arbitrary 2017- calcula2017-4992 password reset) with user invitations. 06-13 ted CONFIRM
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36. Privileged users in one zone are allowed not yet CVE- pivotal -- cloud_foundry to perform a password reset for users in a 2017- calcula2017-4991 different zone. 06-13 ted CONFIRM
An issue was discovered in Pivotal PCF CVE- pivotal -- not yet Elastic Runtime 1.6.x versions prior to 2017-2773 pivotal_cloud_foundry_elastic_runti 2017- calcula 1.6.60, 1.7.x versions prior to 1.7.41, BID(link is me 06-13 ted 1.8.x versions prior to 1.8.23, and 1.9.x external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info versions prior to 1.9.1. Incomplete CONFIRM validation logic in JSON Web Token (link is (JWT) libraries can allow unprivileged external) attackers to impersonate other users in multiple components included in PCF Elastic Runtime, aka an "Unauthenticated JWT signing algorithm in multiple components" issue.
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to CVE- 1.6.65, 1.7.x versions prior to 1.7.48, 2017-4955 1.8.x versions prior to 1.8.28, and 1.9.x BID(link is pivotal -- versions prior to 1.9.5. Several external) pivotal_cloud_foundry_elastic_runti credentials were present in the logs for not yet CONFIRM me the Notifications errand in the PCF 2017- calcula(link is Elastic Runtime tile. 06-13 ted external)
An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. CVE- Pivotal Cloud Foundry deployments 2017-4959 using the Pivotal Account application are BID(link is pivotal -- vulnerable to a flaw which allows an external) pivotal_cloud_foundry_elastic_runti authorized user to take over the account not yet CONFIRM me of another user, causing account lockout 2017- calcula(link is and potential escalation of privileges. 06-13 ted external)
An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. CVE- pivotal -- Tiles created by the PCF Tile Generator 2017-4975 pivotal_cloud_foundry_tile_generat create a running open security group that not yet CONFIRM or overrides security groups set by the 2017- calcula(link is operator. 06-13 ted external)
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF CVE- versions: all 1.5.x versions, 1.6.x 2017-4966 versions prior to 1.6.18, and 1.7.x not yet CONFIRM versions prior to 1.7.15. RabbitMQ pivotal -- rabbitmq 2017- calcula(link is management UI stores signed-in user 06-13 ted external) credentials in a browser's local storage Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info without expiration, making it possible to retrieve them using a chained attack.
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to CVE- 3.6.9; and these RabbitMQ for PCF 2017-4965 versions: all 1.5.x versions, 1.6.x BID(link is versions prior to 1.6.18, and 1.7.x external) versions prior to 1.7.15. Several forms in not yet CONFIRM pivotal -- rabbitmq the RabbitMQ management UI are 2017- calcula(link is vulnerable to XSS attacks. 06-13 ted external)
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x CVE- versions prior to 1.6.18, and 1.7.x 2017-4967 versions prior to 1.7.15. Several forms in not yet CONFIRM pivotal -- rabbitmq the RabbitMQ management UI are 2017- calcula(link is vulnerable to XSS attacks. 06-13 ted external)
An issue was discovered in Pivotal Spring Web Flow through 2.4.4. CVE- Applications that do not change the value 2017-4971 of the MvcViewFactoryCreator BID(link is useSpringBinding property which is external) disabled by default (i.e., set to 'false') can CONFIRM be vulnerable to malicious EL (link is expressions in view states that process external) form submissions but do not have a sub- not yet CONFIRM pivotal -- spring_web_flow element to declare explicit data binding 2017- calcula(link is property mappings. 06-13 ted external)
An open redirect vulnerability is present in Piwigo 2.9 and probably prior versions, allowing remote attackers to CVE- redirect users to arbitrary web sites and 2017-9464 conduct phishing attacks. The MISC(link identification.php component is affected not yet is external) piwigo -- piwigo by this issue: the "redirect" parameter is 2017- calculaMISC(link not validated. 06-14 ted is external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly prior. This vulnerability allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the CVE- database. The user_list_backend.php 2017-9463 component is affected: values of the MISC(link iDisplayStart & iDisplayLength is external) parameters are not sanitized; these are MISC(link used to construct a SQL query and not yet is external) piwigo -- piwigo retrieve a list of registered users into the 2017- calculaMISC(link application. 06-14 ted is external)
CVE- 2016-3704 CONFIRM (link is external) CONFIRM MISC(link is external) MISC(link is external) FEDORA not yet CONFIRM pulp -- pulp Pulp before 2.8.5 uses bash's $RANDOM 2017- calcula(link is in an unsafe way to generate passwords. 06-13 ted external)
CVE- 2016-3696 CONFIRM (link is external) CONFIRM FEDORA The pulp-qpid-ssl-cfg script in Pulp not yet CONFIRM pulp -- pulp before 2.8.5 allows local users to obtain 2017- calcula(link is the CA key. 06-13 ted external)
Memory leak in QEMU (aka Quick CVE- not yet Emulator), when built with USB EHCI 2017-9374 qemu -- qemu 2017- calcula Emulation support, allows local guest OS CONFIRM 06-16 ted privileged users to cause a denial of MLIST(lin Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info service (memory consumption) by k is repeatedly hot-unplugging the device. external) CONFIRM (link is external)
CVE- 2017-9503 QEMU (aka Quick Emulator), when built MLIST(lin with MegaRAID SAS 8708EM2 Host k is Bus Adapter emulation support, allows external) local guest OS privileged users to cause a CONFIRM denial of service (NULL pointer (link is dereference and QEMU process crash) not yet external) qemu -- qemu via vectors involving megasas command 2017- calculaMLIST processing. 06-16 ted MLIST
CVE- 2017-9375 CONFIRM MLIST(lin k is QEMU (aka Quick Emulator), when built external) with USB xHCI controller emulator BID(link is support, allows local guest OS privileged external) users to cause a denial of service (infinite not yet CONFIRM qemu -- qemu recursive call) via vectors involving 2017- calcula(link is control transfer descriptors sequencing. 06-16 ted external)
CVE- 2017-9373 CONFIRM MLIST(lin Memory leak in QEMU (aka Quick k is Emulator), when built with IDE AHCI external) Emulation support, allows local guest OS BID(link is privileged users to cause a denial of external) service (memory consumption) by not yet CONFIRM qemu -- qemu repeatedly hot-unplugging the AHCI 2017- calcula(link is device. 06-16 ted external)
not yet CVE- qnap -- qts QNAP QTS before 4.2.6 build 20170517 2017- calcula 2017-7876 allows command injection. 06-15 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info (link is external)
CVE- 2017-7629 QNAP QTS before 4.2.6 build 20170517 not yet CONFIRM qnap -- qts has a flaw in the change password 2017- calcula(link is function. 06-15 ted external)
CVE- 2016-5411 /var/lib/ovirt-engine/setup/engine-DC- BID(link is config.py in Red Hat QuickStart Cloud external) Installer (QCI) before 1.0 GA is created not yet CONFIRM red_hat -- quickstart_cloud_installer world readable and contains the root 2017- calcula(link is password of the deployed system. 06-13 ted external)
A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00- 20121012, 7.00-20130108, 7.00- 20130325, 7.00-20130619, 7.00- 20140128, 7.00-20140310, 7.00- 20140429, 7.00-20140621, 7.00- 20140729, 7.00-20141022, 8.00- 20140730, and 8.00-20141023. There is rockwell_automation -- no authorization check when connecting not yet CVE- panelview_plus_6 to the device, allowing an attacker remote 2017- calcula2017-7914 access. 06-14 ted MISC
CVE- 2015-9096 MISC(link Net::SMTP in Ruby before 2.4.0 is is external) vulnerable to SMTP command injection MISC(link via CRLF sequences in a RCPT TO or is external) MAIL FROM command, as MISC(link demonstrated by CRLF sequences not yet is external) ruby -- ruby immediately before and after a DATA 2017- calculaMISC(link substring. 06-12 ted is external) Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info CVE- 2015-9097 MISC(link is external) MISC(link is external) MISC(link is external) The mail gem before 2.5.5 for Ruby (aka MISC(link A Really Ruby Mail Library) is is external) vulnerable to SMTP command injection MISC(link via CRLF sequences in a RCPT TO or is external) MAIL FROM command, as MISC(link demonstrated by CRLF sequences not yet is external) ruby -- ruby immediately before and after a DATA 2017- calculaMISC(link substring. 06-12 ted is external)
CVE- Stored Cross-site scripting (XSS) 2017-9613 vulnerability in SAP SuccessFactors MISC before b1705.1234962 allows remote BID(link is authenticated users to inject arbitrary web not yet external) sap -- successfactors script or HTML via the file upload 2017- calculaMISC(link functionality. 06-15 ted is external)
CVE- 2017-9736 CONFIRM (link is external) CONFIRM SPIP 3.1.x before 3.1.6 and 3.2.x before (link is Beta 3 does not remove shell external) metacharacters from the host field, not yet CONFIRM spip -- spip allowing a remote attacker to cause 2017- calcula(link is remote code execution. 06-17 ted external)
A design flaw in authentication in CVE- Synology Photo Station 6.0-2528 through 2017-9552 6.7.1-3419 allows local users to obtain MISC(link credentials via cmdline. Synology Photo is external) Station employs the synophoto_dsm_user not yet CONFIRM program to authenticate username and synology -- photo_station 2017- calcula(link is password by "synophoto_dsm_user -- 06-13 ted external) auth USERNAME PASSWORD", and Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info local users are able to obtain credentials by sniffing "/proc/*/cmdline".
An exploitable vulnerability exists in the Databook loading functionality of Tablib CVE- 0.11.4. A yaml loaded Databook can 2017-2810 execute arbitrary python commands BID(link is resulting in command execution. An not yet external) tablib -- tablib attacker can insert python into loaded 2017- calculaMISC(link yaml to trigger this vulnerability. 06-14 ted is external)
CVE- 2017-9624 CONFIRM Multiple cross-site scripting (XSS) (link is vulnerabilities in Telaxus/EPESI 1.8.2 external) and earlier allow remote attackers to not yet CONFIRM inject arbitrary web script or HTML via 2017- calcula(link is telaxus -- epesi crafted currency decimal-sign data. 06-14 ted external)
Cross-site scripting (XSS) vulnerability CVE- in 2017-9621 modules/Base/Lang/Administrator/updat CONFIRM e_translation.php in EPESI in (link is Telaxus/EPESI 1.8.2 and earlier allows external) remote attackers to inject arbitrary web not yet CONFIRM telaxus -- epesi script or HTML via the (1) original or (2) 2017- calcula(link is new parameter. 06-14 ted external)
CVE- 2017-9622 CONFIRM Multiple cross-site scripting (XSS) (link is vulnerabilities in Telaxus/EPESI 1.8.2 external) and earlier allow remote attackers to not yet CONFIRM telaxus -- epesi inject arbitrary web script or HTML via 2017- calcula(link is crafted common data. 06-14 ted external)
CVE- Multiple cross-site scripting (XSS) 2017-9623 vulnerabilities in Telaxus/EPESI 1.8.2 CONFIRM and earlier allow remote attackers to not yet (link is telaxus -- epesi inject arbitrary web script or HTML via 2017- calcula external) crafted country data. 06-14 ted CONFIRM Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info (link is external)
CVE- 2017-2193 JVN(link is external) Untrusted search path vulnerability in the BID(link is installer of Tera Term 4.94 and earlier external) allows an attacker to gain privileges via a not yet CONFIRM tera_term -- tera_term Trojan horse DLL in an unspecified 2017- calcula(link is directory. 06-09 ted external)
CVE- 2015-3220 CONFIRM (link is external) CONFIRM (link is The tlslite library before 0.4.9 for Python external) allows remote attackers to trigger a not yet MLIST(lin tslite -- tslite denial of service (runtime exception and 2017- calculak is process crash). 06-13 ted external)
In uClibc 0.9.33.2, there is an out-of- CVE- bounds read in the get_subexp function not yet 2017-9728 uclibc -- uclibc in misc/regex/regexec.c when processing 2017- calculaMISC(link a crafted regular expression. 06-16 ted is external)
In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in CVE- the check_dst_limits_calc_pos_1 not yet 2017-9729 uclibc -- uclibc function in misc/regex/regexec.c when 2017- calculaMISC(link processing a crafted regular expression. 06-16 ted is external)
CVE- 2016-7838 BID(link is external) CONFIRM Untrusted search path vulnerability in (link is WinSparkle versions prior to 0.5.3 allows external) remote attackers to execute arbitrary code not yet JVN(link is winsparkle -- winsparkle via a specially crafted executable file in 2017- calcula external) an unspecified directory. 06-09 ted JVN(link is Primary Publis CVSS Source & Vendor -- Product Description hed Score Patch Info external) CONFIRM
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the not yet CVE- wireshark -- wireshark dissect_mp4_box function in 2017- calcula2017-9616 epan/dissectors/file-mp4.c. 06-14 ted CONFIRM
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in not yet CVE- wireshark -- wireshark epan/dissectors/packet-daap.c in the 2017- calcula2017-9617 DAAP dissector. 06-14 ted CONFIRM
Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields CVE- Search plugin 0.3.28 for WordPress not yet 2017-9419 wordpress -- wordpress allows remote attackers to inject arbitrary 2017- calculaMISC(link JavaScript via the cs-all-0 parameter. 06-15 ted is external)
SQL injection vulnerability in the WP CVE- Jobs plugin before 1.5 for WordPress 2017-9603 allows authenticated users to execute not yet MISC(link wordpress -- wordpress arbitrary SQL commands via the jobid 2017- calculais external) parameter to wp-admin/edit.php. 06-13 ted MISC
SQL injection vulnerability in the WP- Testimonials plugin 3.4.1 for WordPress CVE- allows an authenticated user to execute not yet 2017-9418 wordpress -- wordpress arbitrary SQL commands via the testid 2017- calculaMISC(link parameter to wp-admin/admin.php. 06-12 ted is external)
SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an CVE- authenticated user to execute arbitrary not yet 2017-9429 wordpress -- wordpress SQL commands via the id parameter to 2017- calculaMISC(link wp-admin/admin.php. 06-13 ted is external)
In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core - Pyro 2.3, attackers can obtain sensitive information not yet CVE- yocto_project -- yp_core_pyro by reading a URL in a Source entry in an 2017- calcula2017-9731 ipk package. 06-16 ted CONFIRM