CVE List - 2017 / July
Showing 701 - 800 of 1268 CVEs for July 2017 (Page 8 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-11345 | 2017-07-16 | Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U,... |
| CVE-2017-11346 | 2017-07-16 | Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos. |
| CVE-2017-11347 | 2017-07-16 | Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php. |
| CVE-2017-11348 | 2017-07-17 | In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files.... |
| CVE-2017-11349 | 2017-07-17 | dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. |
| CVE-2017-11352 | 2017-07-17 | In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144. |
| CVE-2017-11353 | 2017-07-17 | yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to... |
| CVE-2017-11354 | 2017-07-17 | Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name. |
| CVE-2017-11360 | 2017-07-17 | The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value. |
| CVE-2017-11362 | 2017-07-17 | In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and... |
| CVE-2017-9951 | 2017-07-17 | The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a... |
| CVE-2017-11367 | 2017-07-17 | The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data. |
| CVE-2017-8000 | 2017-07-17 | In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager... |
| CVE-2017-8004 | 2017-07-17 | The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle... |
| CVE-2017-8005 | 2017-07-17 | The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle... |
| CVE-2017-8006 | 2017-07-17 | In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a... |
| CVE-2017-8011 | 2017-07-17 | EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R... |
| CVE-2017-8034 | 2017-07-17 | The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on... |
| CVE-2017-10978 | 2017-07-17 | An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. |
| CVE-2017-10979 | 2017-07-17 | An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary... |
| CVE-2017-10980 | 2017-07-17 | An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service. |
| CVE-2017-10981 | 2017-07-17 | An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service. |
| CVE-2017-10982 | 2017-07-17 | An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. |
| CVE-2017-10983 | 2017-07-17 | An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service. |
| CVE-2017-10984 | 2017-07-17 | An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary... |
| CVE-2017-10985 | 2017-07-17 | An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service. |
| CVE-2017-10986 | 2017-07-17 | An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service. |
| CVE-2017-10987 | 2017-07-17 | An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. |
| CVE-2017-11361 | 2017-07-17 | Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. (Exploitation is... |
| CVE-2017-2642 | 2017-07-17 | Moodle 3.x has user fullname disclosure on the user preferences page. |
| CVE-2017-7531 | 2017-07-17 | In Moodle 3.3, the course overview block reveals activities in hidden courses. |
| CVE-2017-7532 | 2017-07-17 | In Moodle 3.x, course creators are able to change system default settings for courses. |
| CVE-2017-11127 | 2017-07-17 | Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header. |
| CVE-2017-11128 | 2017-07-17 | Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry. |
| CVE-2017-11399 | 2017-07-17 | Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have... |
| CVE-2017-9639 | 2017-07-17 | An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memory... |
| CVE-2017-3742 | 2017-07-17 | In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password... |
| CVE-2017-3754 | 2017-07-17 | Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to... |
| CVE-2017-6741 | 2017-07-17 | A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit... |
| CVE-2017-7947 | 2017-07-17 | NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command... |
| CVE-2017-8896 | 2017-07-17 | ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters. |
| CVE-2017-9338 | 2017-07-17 | Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user... |
| CVE-2017-9339 | 2017-07-17 | A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the... |
| CVE-2017-9340 | 2017-07-17 | An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2. |
| CVE-2017-9609 | 2017-07-17 | Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php. |
| CVE-2017-9669 | 2017-07-17 | A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file. |
| CVE-2017-9671 | 2017-07-17 | A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with... |
| CVE-2017-9810 | 2017-07-17 | There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would... |
| CVE-2017-9811 | 2017-07-17 | The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine... |
| CVE-2017-9812 | 2017-07-17 | The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version... |
| CVE-2017-9813 | 2017-07-17 | In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS). |
| CVE-2017-9933 | 2017-07-17 | Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents. |
| CVE-2017-9934 | 2017-07-17 | Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability. |
| CVE-2017-6736 | 2017-07-17 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an... |
| CVE-2017-6737 | 2017-07-17 | A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit... |
| CVE-2017-6738 | 2017-07-17 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an... |
| CVE-2017-6739 | 2017-07-17 | A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit... |
| CVE-2017-6740 | 2017-07-17 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an... |
| CVE-2017-6742 | 2017-07-17 | A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit... |
| CVE-2017-6743 | 2017-07-17 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an... |
| CVE-2017-6744 | 2017-07-17 | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an... |
| CVE-2017-11403 | 2017-07-18 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. |
| CVE-2017-11404 | 2017-07-18 | In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php. |
| CVE-2017-11405 | 2017-07-18 | In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a CMSContentManager action to admin/moduleinterface.php, followed by a FilePicker action to admin/moduleinterface.php in which type=image... |
| CVE-2017-11412 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET['id']. |
| CVE-2017-11413 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET['id']. |
| CVE-2017-11414 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id']. |
| CVE-2017-11415 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level']. |
| CVE-2017-11416 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. |
| CVE-2017-11417 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id']. |
| CVE-2017-11418 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i]. |
| CVE-2017-11419 | 2017-07-18 | Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. |
| CVE-2017-11420 | 2017-07-18 | Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U,... |
| CVE-2017-1318 | 2017-07-18 | IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730. |
| CVE-2017-10961 | 2017-07-18 | REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components. |
| CVE-2017-10962 | 2017-07-18 | REDCap before 7.5.1 has XSS via the query string. |
| CVE-2017-6320 | 2017-07-18 | A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can... |
| CVE-2017-7506 | 2017-07-18 | spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. |
| CVE-2017-5246 | 2017-07-18 | Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double... |
| CVE-2017-5247 | 2017-07-18 | Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a... |
| CVE-2017-11421 | 2017-07-18 | gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the... |
| CVE-2017-10708 | 2017-07-18 | An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path... |
| CVE-2017-11423 | 2017-07-18 | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application... |
| CVE-2017-11406 | 2017-07-18 | In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values. |
| CVE-2017-11407 | 2017-07-18 | In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt. |
| CVE-2017-11408 | 2017-07-18 | In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. |
| CVE-2017-11409 | 2017-07-18 | In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type. |
| CVE-2017-11410 | 2017-07-18 | In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in... |
| CVE-2017-11411 | 2017-07-18 | In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists... |
| CVE-2017-9245 | 2017-07-19 | The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL. |
| CVE-2017-10801 | 2017-07-19 | phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI. |
| CVE-2017-11435 | 2017-07-19 | The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router... |
| CVE-2017-11436 | 2017-07-19 | D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. |
| CVE-2017-11439 | 2017-07-19 | In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter. |
| CVE-2017-11440 | 2017-07-19 | In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi parameter and the admin/LinqScratchPad.aspx Reference parameter. |
| CVE-2017-11441 | 2017-07-19 | The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale... |
| CVE-2017-11444 | 2017-07-19 | Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array. |
| CVE-2017-11445 | 2017-07-19 | Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array. |
| CVE-2017-11446 | 2017-07-19 | The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file. |
| CVE-2017-11447 | 2017-07-19 | The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. |