CVE List - 2017 / September
Showing 801 - 900 of 1228 CVEs for September 2017 (Page 9 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2015-4681 | 2017-09-19 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. |
| CVE-2015-4682 | 2017-09-19 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager. |
| CVE-2015-4683 | 2017-09-19 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests. |
| CVE-2015-4684 | 2017-09-19 | Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier... |
| CVE-2015-4685 | 2017-09-19 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration. |
| CVE-2017-12168 | 2017-09-20 | The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by... |
| CVE-2017-14604 | 2017-09-20 | GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends... |
| CVE-2017-8770 | 2017-09-20 | There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter. |
| CVE-2017-8771 | 2017-09-20 | On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user... |
| CVE-2017-8772 | 2017-09-20 | On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire... |
| CVE-2015-1329 | 2017-09-20 | Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code. |
| CVE-2015-4072 | 2017-09-20 | Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and... |
| CVE-2015-4073 | 2017-09-20 | Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or... |
| CVE-2015-4074 | 2017-09-20 | Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a... |
| CVE-2015-4075 | 2017-09-20 | The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task. |
| CVE-2015-5179 | 2017-09-20 | FreeIPA might display user data improperly via vectors involving non-printable characters. |
| CVE-2015-5248 | 2017-09-20 | Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform. |
| CVE-2015-5607 | 2017-09-20 | Cross-site request forgery in the REST API in IPython 2 and 3. |
| CVE-2015-8224 | 2017-09-20 | Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL00C00B210 allows remote attackers to obtain user equipment (aka UE) measurements of signal strengths. |
| CVE-2017-14339 | 2017-09-20 | The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite... |
| CVE-2017-7924 | 2017-09-20 | An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller... |
| CVE-2017-9607 | 2017-09-20 | The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial... |
| CVE-2017-9645 | 2017-09-20 | An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar... |
| CVE-2017-9649 | 2017-09-20 | A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants... |
| CVE-2017-14607 | 2017-09-20 | In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory... |
| CVE-2017-14608 | 2017-09-20 | In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially... |
| CVE-2016-6795 | 2017-09-20 | In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and... |
| CVE-2016-8738 | 2017-09-20 | In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special... |
| CVE-2017-12611 | 2017-09-20 | In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. |
| CVE-2017-9793 | 2017-09-20 | The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using... |
| CVE-2017-9804 | 2017-09-20 | In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to... |
| CVE-2014-9758 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1. |
| CVE-2015-0162 | 2017-09-20 | IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges. |
| CVE-2015-1866 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before 1.10.1 and 1.11.x before 1.11.2. |
| CVE-2015-2826 | 2017-09-20 | WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote attackers to obtain sensitive information. |
| CVE-2015-2927 | 2017-09-20 | node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption). |
| CVE-2015-3890 | 2017-09-20 | Use-after-free vulnerability in Open Litespeed before 1.3.10. |
| CVE-2015-4707 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path. |
| CVE-2015-5395 | 2017-09-20 | Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0. |
| CVE-2015-5608 | 2017-09-20 | Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. |
| CVE-2015-6673 | 2017-09-20 | Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32. |
| CVE-2015-7347 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages Content Management System 1.1. |
| CVE-2017-14595 | 2017-09-20 | In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state. |
| CVE-2017-14596 | 2017-09-20 | In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. |
| CVE-2015-1865 | 2017-09-20 | fts.c in coreutils 8.4 allows local users to delete arbitrary files. |
| CVE-2017-14609 | 2017-09-20 | The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging... |
| CVE-2017-14610 | 2017-09-20 | bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary... |
| CVE-2017-14615 | 2017-09-20 | An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded... |
| CVE-2017-14616 | 2017-09-20 | An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the... |
| CVE-2015-9231 | 2017-09-20 | iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A new (default) feature was added to iTerm2 version 3.0.0 (and unreleased 2.9.x versions such as... |
| CVE-2017-14618 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. |
| CVE-2017-14619 | 2017-09-20 | Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module. |
| CVE-2017-14617 | 2017-09-20 | In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files. |
| CVE-2015-9232 | 2017-09-20 | The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its Authentication Delegation API intent. Also, the Good Dynamic application activation process does not attempt to... |
| CVE-2017-14621 | 2017-09-20 | Portus 2.2.0 has XSS via the Team field, related to typeahead. |
| CVE-2017-14623 | 2017-09-20 | In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker may be able to login with an empty password. This issue affects an application using this package if... |
| CVE-2017-12214 | 2017-09-21 | A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to gain elevated privileges.... |
| CVE-2017-12215 | 2017-09-21 | A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to... |
| CVE-2017-12219 | 2017-09-21 | A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device... |
| CVE-2017-12248 | 2017-09-21 | A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of... |
| CVE-2017-12250 | 2017-09-21 | A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to... |
| CVE-2017-12252 | 2017-09-21 | A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality,... |
| CVE-2017-12253 | 2017-09-21 | A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF)... |
| CVE-2017-12254 | 2017-09-21 | A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is... |
| CVE-2017-12255 | 2017-09-21 | A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands... |
| CVE-2017-14624 | 2017-09-21 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. |
| CVE-2017-14625 | 2017-09-21 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. |
| CVE-2017-14626 | 2017-09-21 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. |
| CVE-2017-6720 | 2017-09-21 | A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting... |
| CVE-2017-14632 | 2017-09-21 | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. |
| CVE-2017-14633 | 2017-09-21 | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). |
| CVE-2017-14634 | 2017-09-21 | In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. |
| CVE-2017-14628 | 2017-09-21 | In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp. |
| CVE-2017-14629 | 2017-09-21 | In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. |
| CVE-2017-14630 | 2017-09-21 | In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. |
| CVE-2017-14631 | 2017-09-21 | In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integer signedness error leading to a heap-based buffer overflow. |
| CVE-2017-14245 | 2017-09-21 | An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN... |
| CVE-2017-14246 | 2017-09-21 | An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN... |
| CVE-2017-14635 | 2017-09-21 | In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection. |
| CVE-2015-0276 | 2017-09-21 | Cross-site request forgery (CSRF) vulnerability in Kallithea before 0.2. |
| CVE-2015-3296 | 2017-09-21 | Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs. |
| CVE-2015-4706 | 2017-09-21 | Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path. |
| CVE-2015-5284 | 2017-09-21 | ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable. |
| CVE-2015-8559 | 2017-09-21 | The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages. |
| CVE-2017-14160 | 2017-09-21 | The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via... |
| CVE-2017-10996 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is... |
| CVE-2017-10997 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory. |
| CVE-2017-10998 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the... |
| CVE-2017-10999 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing... |
| CVE-2017-11000 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds... |
| CVE-2017-11001 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read. |
| CVE-2017-11002 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. |
| CVE-2017-11040 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. |
| CVE-2017-11041 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. |
| CVE-2017-12153 | 2017-09-21 | A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a... |
| CVE-2017-8247 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened... |
| CVE-2017-8250 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. An integer overflow... |
| CVE-2017-8251 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not checked, and could overflow the array stream_cfg_cmd->stream_handle. |
| CVE-2017-8277 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was... |
| CVE-2017-8278 | 2017-09-21 | In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. |