The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2017-16969 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16968 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16967 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16966 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16965 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16964 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none | -- | Nov 7, 2023 |
| CVE-2017-16962 | The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in a note name, (5) JavaScript in a task name, or (6) HTML e-mail that is mishandled in the Inbox component. | MEDIUM | Nov 27, 2017 |
| CVE-2017-16961 | A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. The attack uses an admin/trees/add/process request with a crafted _tags[] parameter that is mishandled in a later admin/ajax/dashboard/approve-change request. | MEDIUM | Nov 27, 2017 |
| CVE-2017-16960 | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/interface.lua in uhttpd. | HIGH | Nov 27, 2017 |
| CVE-2017-16959 | The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd. | MEDIUM | Nov 27, 2017 |
| CVE-2017-16958 | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd. | HIGH | Nov 27, 2017 |
| CVE-2017-16957 | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function in /usr/lib/lua/luci/controller/admin/diagnostic.lua in uhttpd. | HIGH | Nov 27, 2017 |
| CVE-2017-16956 | b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a private letter with a certain /article URI, and a second private letter with a modified title. | MEDIUM | Nov 27, 2017 |
| CVE-2017-16955 | SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the keyword parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php. | MEDIUM | Nov 27, 2017 |
| CVE-2017-16953 | connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request. | MEDIUM | Dec 1, 2017 |
| CVE-2017-16952 | KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. | MEDIUM | Nov 28, 2017 |
| CVE-2017-16951 | Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file. | MEDIUM | Nov 28, 2017 |
| CVE-2017-16950 | Cross - site scripting (XSS) vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | MEDIUM | Dec 17, 2017 |
| CVE-2017-16949 | An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and file-uploader/file-uploader-class.php. This allows the attacker to upload anything they want to the server, as demonstrated by an action=ap_file_upload_action&allowedExtensions[]=php request to /wp-admin/admin-ajax.php that results in a .php file upload and resultant PHP code execution. | HIGH | Dec 19, 2017 |
| CVE-2017-16948 | TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \.Viragtlt. | MEDIUM | Nov 26, 2017 |
| CVE-2017-16946 | The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a hashed password by reading the audit log. | MEDIUM | Nov 25, 2017 |
| CVE-2017-16945 | The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path. | High | Feb 14, 2018 |
| CVE-2017-16944 | The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function. | MEDIUM | Nov 25, 2017 |
| CVE-2017-16943 | The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands. | HIGH | Nov 25, 2017 |
| CVE-2017-16942 | In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. | MEDIUM | Nov 25, 2017 |
| CVE-2017-16941 | ** DISPUTED ** October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a .htaccess file. NOTE: the vendor says I don\'t think [an attacker able to login to the system under an account that has access to manage/upload themes] is a threat model that we need to be considering. | MEDIUM | Dec 20, 2017 |
| CVE-2017-16939 | The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages. | HIGH | Nov 25, 2017 |
| CVE-2017-16938 | A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file. | MEDIUM | Nov 24, 2017 |
| CVE-2017-16936 | Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring. | LOW | Nov 24, 2017 |
| CVE-2017-16935 | Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by obtaining account details via a users/search.json request, and then modifying the account via an editUser request. | MEDIUM | Nov 24, 2017 |
| CVE-2017-16934 | The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp request, which supports a <%%25call system.exec: string in the passwd parameter. | HIGH | Nov 24, 2017 |
| CVE-2017-16933 | etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.0 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_USER account for creation of a link. | MEDIUM | Nov 24, 2017 |
| CVE-2017-16932 | parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | MEDIUM | Nov 23, 2017 |
| CVE-2017-16931 | parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a \'%\' character in a DTD name. | HIGH | Nov 23, 2017 |
| CVE-2017-16930 | The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging. | HIGH | Dec 5, 2017 |
| CVE-2017-16929 | The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathname to miner_file or miner_getfile. | HIGH | Dec 5, 2017 |
| CVE-2017-16928 | The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip. | High | Feb 14, 2018 |
| CVE-2017-16927 | The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream. | HIGH | Nov 23, 2017 |
| CVE-2017-16926 | Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount. | HIGH | Nov 22, 2017 |
| CVE-2017-16924 | Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10.0.137 allows attackers to download unencrypted XML files containing all data for configuration policies via a predictable /client-data/<client_id>/collections/##/usermgmt.xml URL, as demonstrated by passwords and Wi-Fi keys. This is fixed in build 100157. | MEDIUM | Feb 18, 2018 |
| CVE-2017-16923 | Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the sub_A6E8 usbeject_process_entry function executes a system function with untrusted input. | HIGH | Nov 21, 2017 |
| CVE-2017-16922 | In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request. | MEDIUM | Mar 5, 2018 |
| CVE-2017-16921 | In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user. | HIGH | Dec 8, 2017 |
| CVE-2017-16920 | v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via a member api swfupload action to index.php. | HIGH | Nov 21, 2017 |
| CVE-2017-16919 | MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter. | LOW | Nov 21, 2017 |
| CVE-2017-16914 | The stub_send_ret_submit() function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet. | High | Feb 16, 2018 |
| CVE-2017-16913 | The stub_recv_cmd_submit() function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | High | Feb 16, 2018 |
| CVE-2017-16912 | The get_pipe() function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet. | High | Feb 16, 2018 |
| CVE-2017-16911 | The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP. | Low | Feb 16, 2018 |
| CVE-2017-16910 | An error within the LibRaw::xtrans_interpolate() function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. | MEDIUM | Dec 8, 2018 |
