CVE List - 2017 / September
Showing 901 - 1000 of 1228 CVEs for September 2017 (Page 10 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-8280 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead... |
| CVE-2017-8281 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. |
| CVE-2017-9676 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using... |
| CVE-2017-9677 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not... |
| CVE-2017-9720 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur. |
| CVE-2017-9724 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code... |
| CVE-2017-9725 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation... |
| CVE-2015-3887 | 2017-09-21 | Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the... |
| CVE-2017-12928 | 2017-09-21 | A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root... |
| CVE-2017-12929 | 2017-09-21 | Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. |
| CVE-2017-12930 | 2017-09-21 | SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password. |
| CVE-2017-14320 | 2017-09-21 | Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files. |
| CVE-2017-14321 | 2017-09-21 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) customer name... |
| CVE-2015-1187 | 2017-09-21 | The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. |
| CVE-2017-14638 | 2017-09-21 | AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. |
| CVE-2017-14639 | 2017-09-21 | AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified... |
| CVE-2017-14640 | 2017-09-21 | A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. |
| CVE-2017-14641 | 2017-09-21 | A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial... |
| CVE-2017-14642 | 2017-09-21 | A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to... |
| CVE-2017-14643 | 2017-09-21 | The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h. |
| CVE-2017-14644 | 2017-09-21 | A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. |
| CVE-2017-14645 | 2017-09-21 | A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service. |
| CVE-2017-14646 | 2017-09-21 | The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. |
| CVE-2017-14647 | 2017-09-21 | A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. |
| CVE-2017-14648 | 2017-09-21 | A global buffer overflow was discovered in the iteration_loop function in loop.c in BladeEnc version 0.94.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or... |
| CVE-2017-14649 | 2017-09-21 | ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). |
| CVE-2017-14650 | 2017-09-21 | A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because... |
| CVE-2017-14651 | 2017-09-21 | WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter. |
| CVE-2017-14652 | 2017-09-21 | SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as... |
| CVE-2017-12170 | 2017-09-21 | Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default... |
| CVE-2017-7544 | 2017-09-21 | libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can... |
| CVE-2017-7549 | 2017-09-21 | A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat... |
| CVE-2017-9281 | 2017-09-21 | An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. |
| CVE-2017-9282 | 2017-09-21 | An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for... |
| CVE-2017-9283 | 2017-09-21 | An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. |
| CVE-2017-14682 | 2017-09-21 | GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted... |
| CVE-2017-14680 | 2017-09-21 | ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document. |
| CVE-2017-14681 | 2017-09-21 | The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access... |
| CVE-2017-14684 | 2017-09-22 | In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in... |
| CVE-2017-8007 | 2017-09-22 | In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice... |
| CVE-2017-8012 | 2017-09-22 | In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or... |
| CVE-2017-14685 | 2017-09-22 | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch... |
| CVE-2017-14686 | 2017-09-22 | Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting... |
| CVE-2017-14687 | 2017-09-22 | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch... |
| CVE-2017-14636 | 2017-09-22 | Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also... |
| CVE-2017-14637 | 2017-09-22 | In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp. However, this can also cause a write to an illegal address. |
| CVE-2017-14653 | 2017-09-22 | member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter. |
| CVE-2017-14688 | 2017-09-22 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at... |
| CVE-2017-14689 | 2017-09-22 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used... |
| CVE-2017-14690 | 2017-09-22 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address... |
| CVE-2017-14691 | 2017-09-22 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch... |
| CVE-2017-14692 | 2017-09-22 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000653b." |
| CVE-2017-14693 | 2017-09-22 | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls... |
| CVE-2017-3763 | 2017-09-22 | An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than... |
| CVE-2017-3770 | 2017-09-22 | Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA... |
| CVE-2017-9393 | 2017-09-22 | CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. |
| CVE-2017-14081 | 2017-09-22 | Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-11395 | 2017-09-22 | Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations. |
| CVE-2017-11396 | 2017-09-22 | Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console... |
| CVE-2017-14078 | 2017-09-22 | SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14079 | 2017-09-22 | Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14080 | 2017-09-22 | Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. |
| CVE-2017-6266 | 2017-09-22 | NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service. |
| CVE-2017-6267 | 2017-09-22 | NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a... |
| CVE-2017-6268 | 2017-09-22 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly... |
| CVE-2017-6269 | 2017-09-22 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without... |
| CVE-2017-6270 | 2017-09-22 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation... |
| CVE-2017-6271 | 2017-09-22 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block... |
| CVE-2017-6272 | 2017-09-22 | NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as... |
| CVE-2017-6277 | 2017-09-22 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly... |
| CVE-2017-14705 | 2017-09-22 | DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An... |
| CVE-2017-14706 | 2017-09-22 | DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects... |
| CVE-2017-14694 | 2017-09-22 | Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via... |
| CVE-2017-14712 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter. |
| CVE-2017-14717 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter. |
| CVE-2017-14713 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter. |
| CVE-2017-14714 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter. |
| CVE-2017-14715 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter. |
| CVE-2017-14716 | 2017-09-22 | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter. |
| CVE-2017-14627 | 2017-09-23 | Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist... |
| CVE-2017-14718 | 2017-09-23 | Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL. |
| CVE-2017-14719 | 2017-09-23 | Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. |
| CVE-2017-14720 | 2017-09-23 | Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name. |
| CVE-2017-14721 | 2017-09-23 | Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name. |
| CVE-2017-14722 | 2017-09-23 | Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. |
| CVE-2017-14723 | 2017-09-23 | Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks. |
| CVE-2017-14724 | 2017-09-23 | Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery. |
| CVE-2017-14725 | 2017-09-23 | Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php. |
| CVE-2017-14726 | 2017-09-23 | Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor. |
| CVE-2017-14727 | 2017-09-23 | logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized. |
| CVE-2017-14506 | 2017-09-25 | geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by uploading a gem file that has a crafted gem.homepage value in its .gemspec file. |
| CVE-2017-14683 | 2017-09-25 | geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload. |
| CVE-2017-1346 | 2017-09-25 | IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan.... |
| CVE-2017-9551 | 2017-09-25 | Mahara 15.04 before 15.04.14 and 16.04 before 16.04.8 and 16.10 before 16.10.5 and 17.04 before 17.04.3 are vulnerable to a user submitting potential dangerous payload, e.g. XSS code, to be... |
| CVE-2017-1235 | 2017-09-25 | IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914. |
| CVE-2017-1362 | 2017-09-25 | IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801. |
| CVE-2017-1424 | 2017-09-25 | IBM Business Process Manager 8.5.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading... |
| CVE-2017-14729 | 2017-09-25 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows... |
| CVE-2017-1551 | 2017-09-25 | IBM API Connect 5.0.0.0 through 5.0.7.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a... |
| CVE-2017-1555 | 2017-09-25 | IBM API Connect 5.0.0.0 through 5.0.7.2 could allow an authenticated user to generate an API token when not subscribed to the application plan. IBM X-Force ID: 131545. |