The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2017-17750 | Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify. | LOW | Mar 24, 2018 |
CVE-2017-17749 | Bose SoundTouch devices allow XSS via crafted song data from a music service, as demonstrated by Pandora. | LOW | Mar 24, 2018 |
CVE-2017-17747 | Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout functionality, triggering a denial of service condition. | LOW | Dec 20, 2017 |
CVE-2017-17746 | Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authentication record is stored on the device; thus if an administrator authenticates from a NAT network, the authentication applies to the IP address of the NAT gateway, and any user behind that NAT gateway is also treated as authenticated. | HIGH | Dec 20, 2017 |
CVE-2017-17745 | Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter. | LOW | Dec 20, 2017 |
CVE-2017-17744 | A cross-site scripting (XSS) vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_id parameter to view/advancedsettings.php. | MEDIUM | Dec 20, 2017 |
CVE-2017-17743 | Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the /bin/sh string. In some situations, authentication can be achieved via the bhu85tgb default password for the admin account. | MEDIUM | Mar 22, 2018 |
CVE-2017-17742 | Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick. | MEDIUM | Apr 6, 2018 |
CVE-2017-17741 | The KVM implementation in the Linux kernel through 4.14.7 allows attackers to cause a denial of service (write_mmio stack-based out-of-bounds read) or possibly have unspecified other impact, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. | LOW | Dec 18, 2017 |
CVE-2017-17740 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | MEDIUM | Dec 18, 2017 |
CVE-2017-17739 | The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files. | HIGH | Dec 18, 2017 |
CVE-2017-17738 | The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html. | MEDIUM | Dec 18, 2017 |
CVE-2017-17737 | The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. | MEDIUM | Dec 18, 2017 |
CVE-2017-17736 | Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. | HIGH | Mar 23, 2018 |
CVE-2017-17735 | CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. | MEDIUM | Dec 18, 2017 |
CVE-2017-17734 | CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. | MEDIUM | Dec 18, 2017 |
CVE-2017-17733 | Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request. | HIGH | Dec 18, 2017 |
CVE-2017-17731 | DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. | HIGH | Dec 18, 2017 |
CVE-2017-17730 | DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php. | HIGH | Dec 18, 2017 |
CVE-2017-17727 | DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php. | MEDIUM | Dec 18, 2017 |
CVE-2017-17725 | In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference. | MEDIUM | Feb 12, 2018 |
CVE-2017-17724 | In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the != 0x1c case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file. | MEDIUM | Feb 12, 2018 |
CVE-2017-17723 | In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file. | MEDIUM | Feb 12, 2018 |
CVE-2017-17722 | In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file. | MEDIUM | Feb 12, 2018 |
CVE-2017-17721 | CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter. | HIGH | Dec 18, 2017 |
CVE-2017-17719 | A cross-site scripting (XSS) vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the result_message parameter to includes/concours_page.php. | MEDIUM | Dec 20, 2017 |
CVE-2017-17718 | The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation. | MEDIUM | Dec 17, 2017 |
CVE-2017-17717 | Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature. | HIGH | Dec 17, 2017 |
CVE-2017-17716 | GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verification, but a verify_certificates LDAP option was mentioned in the 9.4 release announcement. This issue occurred because code was not merged. This is related to use of the omniauth-ldap library and the gitlab_omniauth-ldap gem. | MEDIUM | Dec 17, 2017 |
CVE-2017-17715 | The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak. | MEDIUM | Dec 16, 2017 |
CVE-2017-17714 | Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, the /register lat parameter, the /register lon parameter, the /register org parameter, the /register query parameter, the /register region parameter, the /register regionName parameter, the /register timezone parameter, the /register vId parameter, the /register zip parameter, or the /tping id parameter. | MEDIUM | Dec 16, 2017 |
CVE-2017-17713 | Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, the /register lat parameter, the /register lon parameter, the /register org parameter, the /register query parameter, the /register region parameter, the /register regionName parameter, the /register timezone parameter, the /register vId parameter, the /register zip parameter, or the /tping id parameter. | HIGH | Dec 16, 2017 |
CVE-2017-17712 | The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges. | MEDIUM | Dec 15, 2017 |
CVE-2017-17708 | Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3. | MEDIUM | Jul 31, 2018 |
CVE-2017-17707 | Due to missing authorization checks, any authenticated user is able to list, upload, or delete attachments to password safe entries in Pleasant Password Server before 7.8.3. To perform those actions on an entry, the user needs to know the corresponding CredentialId value, which uniquely identifies a password safe entry. Since CredentialId values are implemented as GUIDs, they are hard to guess. However, if for example an entry's owner grants read-only access to a malicious user, the value gets exposed to the malicious user. The same holds true for temporary grants. | MEDIUM | Jul 31, 2018 |
CVE-2017-17704 | A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode and restarts with the fixed IV, leading to replay attacks of entire messages. There is no authentication of messages beyond the use of the fixed AES key, so message forgery is also possible. | MEDIUM | Dec 30, 2017 |
CVE-2017-17703 | Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 has Persistent XSS. | Medium | Feb 23, 2018 |
CVE-2017-17701 | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request. | High | Dec 20, 2017 |
CVE-2017-17700 | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. | High | Dec 20, 2017 |
CVE-2017-17699 | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. | High | Dec 20, 2017 |
CVE-2017-17698 | Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec. | MEDIUM | Dec 15, 2017 |
CVE-2017-17697 | The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping. | MEDIUM | Nov 6, 2019 |
CVE-2017-17696 | Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. | MEDIUM | Dec 15, 2017 |
CVE-2017-17695 | Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. | MEDIUM | Dec 15, 2017 |
CVE-2017-17694 | Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. | LOW | Dec 15, 2017 |
CVE-2017-17693 | Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. | MEDIUM | Dec 15, 2017 |
CVE-2017-17692 | Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code. | MEDIUM | Dec 21, 2017 |
CVE-2017-17691 | Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack. | MEDIUM | Sep 7, 2018 |
CVE-2017-17689 | The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. | MEDIUM | May 17, 2018 |
CVE-2017-17688 | ** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification. | MEDIUM | Oct 3, 2019 |