Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 216078 entries
IDDescriptionPriorityModified date
CVE-2017-15967 Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template. HIGH Oct 29, 2017
CVE-2017-15966 The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. HIGH Oct 29, 2017
CVE-2017-15965 The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. HIGH Oct 29, 2017
CVE-2017-15964 Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. HIGH Oct 29, 2017
CVE-2017-15963 iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. HIGH Oct 29, 2017
CVE-2017-15962 iStock Management System 1.0 allows Arbitrary File Upload via user/profile. HIGH Oct 29, 2017
CVE-2017-15961 iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. HIGH Oct 29, 2017
CVE-2017-15960 Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. HIGH Oct 29, 2017
CVE-2017-15959 Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576. HIGH Oct 29, 2017
CVE-2017-15958 D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php. HIGH Oct 29, 2017
CVE-2017-15957 my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. MEDIUM Oct 29, 2017
CVE-2017-15956 ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php. MEDIUM Oct 29, 2017
CVE-2017-15955 bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an Access violation near NULL on destination operand and crash when processing a malformed CUE (.cue) file. MEDIUM Oct 28, 2017
CVE-2017-15954 bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file. MEDIUM Oct 28, 2017
CVE-2017-15953 bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file. MEDIUM Oct 28, 2017
CVE-2017-15951 The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the negative state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. HIGH Oct 27, 2017
CVE-2017-15950 Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the Destination directory field, either within an XML document or through use of passive mode. MEDIUM Oct 31, 2017
CVE-2017-15949 Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php. MEDIUM Oct 27, 2017
CVE-2017-15948 Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field. This is exploitable with a Limited Admin account. LOW Oct 27, 2017
CVE-2017-15947 Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp. LOW Oct 27, 2017
CVE-2017-15946 In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. HIGH Oct 27, 2017
CVE-2017-15945 The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. HIGH Oct 27, 2017
CVE-2017-15944 Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. HIGH Dec 11, 2017
CVE-2017-15943 The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery (SSRF) attacks and consequently obtain sensitive information via vectors related to parsing of external entities. MEDIUM Dec 11, 2017
CVE-2017-15942 Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface. MEDIUM Dec 11, 2017
CVE-2017-15941 Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. MEDIUM Jan 10, 2018
CVE-2017-15940 The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors. HIGH Dec 11, 2017
CVE-2017-15939 dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. MEDIUM Oct 27, 2017
CVE-2017-15938 dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). MEDIUM Oct 27, 2017
CVE-2017-15937 Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX). MEDIUM Oct 27, 2017
CVE-2017-15936 In Artica Pandora FMS version 7.0, an Attacker with write Permission can create an agent with an XSS Payload; when a user enters the agent definitions page, the script will get executed. LOW Oct 27, 2017
CVE-2017-15935 Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file. HIGH Oct 27, 2017
CVE-2017-15934 Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter. LOW Oct 27, 2017
CVE-2017-15933 SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. MEDIUM Oct 27, 2017
CVE-2017-15932 In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. MEDIUM Oct 27, 2017
CVE-2017-15931 In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems. MEDIUM Oct 27, 2017
CVE-2017-15930 In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. MEDIUM Oct 27, 2017
CVE-2017-15928 In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated Ox should handle the error more gracefully but has not confirmed a security implication. MEDIUM Oct 27, 2017
CVE-2017-15924 In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. HIGH Oct 27, 2017
CVE-2017-15923 Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes. MEDIUM Nov 15, 2017
CVE-2017-15922 In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. MEDIUM Oct 28, 2017
CVE-2017-15921 In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. MEDIUM Oct 31, 2017
CVE-2017-15920 In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. MEDIUM Oct 31, 2017
CVE-2017-15919 The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. HIGH Oct 26, 2017
CVE-2017-15918 Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks. LOW Nov 1, 2017
CVE-2017-15917 In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. MEDIUM Oct 26, 2017
CVE-2017-15914 Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3. MEDIUM Feb 8, 2018
CVE-2017-15913 The Installer in Whale allows DLL hijacking. MEDIUM Jan 7, 2018
CVE-2017-15911 The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allows arbitrary client-side JavaScript code execution on victims who click a crafted setup/setup-host-settings.jsp?domain= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. LOW Oct 26, 2017
CVE-2017-15909 D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. HIGH Oct 25, 2017
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online