The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2017-6029 | A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution. | LOW | May 8, 2017 |
| CVE-2017-6028 | An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials could then be used to log into the web application. | Medium | Jul 7, 2017 |
| CVE-2017-6027 | An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution. | HIGH | May 19, 2017 |
| CVE-2017-6026 | A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and are shared between several users. This may allow a current session to be compromised. | Medium | Jul 7, 2017 |
| CVE-2017-6025 | A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. | HIGH | May 19, 2017 |
| CVE-2017-6024 | A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. This vulnerability may allow an attacker to cause a denial of service condition by sending a series of specific CIP-based commands to the controller. | HIGH | May 8, 2017 |
| CVE-2017-6023 | An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and CM25E versions prior to V3.6 Build 170215. A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution or crash the affected device. | HIGH | Mar 16, 2017 |
| CVE-2017-6022 | A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database. | High | Jul 5, 2017 |
| CVE-2017-6021 | In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | MEDIUM | May 14, 2018 |
| CVE-2017-6020 | Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level. | MEDIUM | Apr 18, 2018 |
| CVE-2017-6019 | An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot. | HIGH | Apr 10, 2017 |
| CVE-2017-6018 | An open redirect issue was discovered in B. Braun Medical SpaceCom module, which is integrated into the SpaceStation docking station: SpaceStation with SpaceCom module (integrated as part number 8713142U), software versions prior to Version 012U000040, and SpaceStation (part number 8713140U) with installed SpaceCom module (part number 8713160U), software versions prior to Version 012U000040. The web server of the affected product accepts untrusted input which could allow attackers to redirect the request to an unintended URL contained within untrusted input. | MEDIUM | Jun 29, 2017 |
| CVE-2017-6017 | A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover. | High | Jul 5, 2017 |
| CVE-2017-6016 | An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges. | MEDIUM | May 19, 2017 |
| CVE-2017-6015 | Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later. | HIGH | May 12, 2018 |
| CVE-2017-6014 | In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. | HIGH | Feb 17, 2017 |
| CVE-2017-6013 | Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter. | HIGH | Mar 26, 2017 |
| CVE-2017-6011 | An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the simple_vec function in the extract.c source file. This affects icotool. | MEDIUM | Feb 23, 2017 |
| CVE-2017-6010 | An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the extract_icons function in the extract.c source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash. | MEDIUM | Feb 23, 2017 |
| CVE-2017-6009 | An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the decode_ne_resource_id function in the restable.c source file. This is happening because the len parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool. | MEDIUM | Feb 23, 2017 |
| CVE-2017-6008 | A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call. | MEDIUM | Sep 13, 2017 |
| CVE-2017-6007 | A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call. | MEDIUM | Sep 13, 2017 |
| CVE-2017-6006 | Symphony 2.6.11 has XSS in publish/articles/new/ via the Body field. | -- | Mar 26, 2017 |
| CVE-2017-6005 | Waves MaxxAudio, as installed on Dell laptops, adds a WavesSysSvc Windows service with File Version 1.1.6.0. This service has a vulnerability known as Unquoted Service Path. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. | MEDIUM | Jul 26, 2017 |
| CVE-2017-6004 | The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression. | MEDIUM | Feb 16, 2017 |
| CVE-2017-6003 | dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. | MEDIUM | Mar 26, 2017 |
| CVE-2017-6002 | Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add any blog entry, and can optionally insert XSS into that entry via the body parameter. | MEDIUM | Mar 26, 2017 |
| CVE-2017-6001 | Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786. | HIGH | Feb 23, 2017 |
| CVE-2017-6000 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-5999 | An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPT_RIJNDAEL_256() function (the 256-bit block version of Rijndael, not AES) instead of MCRYPT_RIJNDAEL_128 (real AES) could help an attacker to create unknown havoc in the remote system. | MEDIUM | Mar 7, 2017 |
| CVE-2017-5998 | Cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the str_log_name parameter in a Web Admin Portal > Log Configuration > Add action. | LOW | Feb 23, 2017 |
| CVE-2017-5997 | The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972. | MEDIUM | Feb 23, 2017 |
| CVE-2017-5996 | The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%ProgramData permissions. | HIGH | Oct 28, 2017 |
| CVE-2017-5995 | The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors. | MEDIUM | Mar 9, 2017 |
| CVE-2017-5994 | Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter. | LOW | Mar 16, 2017 |
| CVE-2017-5993 | Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands. | MEDIUM | Mar 16, 2017 |
| CVE-2017-5992 | Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document. | MEDIUM | Feb 17, 2017 |
| CVE-2017-5991 | An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. | MEDIUM | Feb 24, 2017 |
| CVE-2017-5990 | An issue was discovered in PhreeBooksERP before 2017-02-13. The vulnerability exists due to insufficient filtration of user-supplied data in the form HTTP GET parameter passed to the PhreeBooksERP-master/extensions/ShippingMethods/ups/label_mgr/js_include.php and PhreeBooksERP-master/extensions/ShippingMethods/yrc/label_mgr/js_include.php URLs. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. NOTE: these js_include.php files do not exist in the SourceForge stable release (aka R37RC1). | MEDIUM | Feb 15, 2017 |
| CVE-2017-5988 | NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | MEDIUM | Apr 10, 2017 |
| CVE-2017-5987 | The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer. | LOW | Mar 22, 2017 |
| CVE-2017-5986 | Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | HIGH | Feb 23, 2017 |
| CVE-2017-5985 | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check. | LOW | Mar 14, 2017 |
| CVE-2017-5984 | In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read. | Medium | May 23, 2019 |
| CVE-2017-5983 | The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. | HIGH | Apr 10, 2017 |
| CVE-2017-5982 | Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd. | MEDIUM | Mar 2, 2017 |
| CVE-2017-5981 | seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file. | MEDIUM | Mar 6, 2017 |
| CVE-2017-5980 | The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | MEDIUM | Mar 6, 2017 |
| CVE-2017-5979 | The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | MEDIUM | Mar 6, 2017 |
| CVE-2017-5978 | The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | MEDIUM | Mar 6, 2017 |
