The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-7484 | It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-7485 | In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-7486 | PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-7644 | The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, and 7.1.x before 7.1.9 allows remote authenticated users to obtain sensitive information by leveraging incorrect permission validation, aka PAN-SA-2017-0013 and PAN-70541. | MEDIUM | May 11, 2017 | n/a |
CVE-2017-7698 | A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-7720 | Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long password. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-7887 | Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-7888 | Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-7911 | A Code Injection issue was discovered in CyberVision Kaa IoT Platform, Version 0.7.4. An insufficient-encapsulation vulnerability has been identified, which may allow remote code execution. | MEDIUM | May 8, 2017 | n/a |
CVE-2017-7923 | A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information. | MEDIUM | May 8, 2017 | n/a |
CVE-2017-7925 | A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information. | MEDIUM | May 8, 2017 | n/a |
CVE-2017-7929 | An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. | MEDIUM | May 8, 2017 | n/a |
CVE-2017-7945 | The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769. | MEDIUM | May 11, 2017 | n/a |
CVE-2017-7957 | XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML(<void/>) call. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-7983 | In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-7984 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering leads to XSS in the template manager component. | MEDIUM | May 2, 2017 | n/a |
CVE-2017-7985 | In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-7986 | In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components. | MEDIUM | May 2, 2017 | n/a |
CVE-2017-7987 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping of file and folder names leads to XSS vulnerabilities in the template manager component. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-7988 | In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of form contents allows overwriting the author of an article. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-7989 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden. | MEDIUM | May 2, 2017 | n/a |
CVE-2017-8057 | In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-8058 | Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | MEDIUM | May 8, 2017 | n/a |
CVE-2017-8059 | Acceptance of invalid/self-signed TLS certificates in Foxit PDF - PDF reader, editor, form, signature before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8060 | Acceptance of invalid/self-signed TLS certificates in Panda Mobile Security 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-8080 | Atlassian Hipchat Server before 2.2.4 allows remote authenticated users with user level privileges to execute arbitrary code via vectors involving image uploads. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8081 | Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce. | MEDIUM | May 11, 2017 | n/a |
CVE-2017-8086 | Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable. | MEDIUM | May 11, 2017 | n/a |
CVE-2017-8112 | hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-8114 | Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-8115 | Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote attackers to obtain system directory information. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8217 | TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-8219 | TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-8221 | Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud feature) for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8222 | Wireless IP Camera (P2P) WIFICAM devices have an Apple Production IOS Push Services private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8223 | On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8244 | In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable dbg_buf, dbg_buf->curr and dbg_buf->filled_size could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. buffer->curr itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write). | MEDIUM | May 12, 2017 | n/a |
CVE-2017-8245 | In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-8246 | In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used. | MEDIUM | May 12, 2017 | n/a |
CVE-2017-8288 | gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (e.g., what applications you have opened or what music you were playing), or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extensionSystem.js. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-8291 | Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a /OutputFile (%pipe% substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-8294 | libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function. | MEDIUM | May 3, 2017 | n/a |
CVE-2017-8295 | WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8296 | kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the password command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-8304 | An issue was discovered on Accellion FTA devices before FTA_9_12_180. courier/1000@/oauth/playground/callback.html allows XSS with a crafted URI. | MEDIUM | May 5, 2017 | n/a |
CVE-2017-8308 | In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components. | MEDIUM | May 9, 2017 | n/a |
CVE-2017-8325 | The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-8326 | libimageworsener.a in ImageWorsener before 1.3.1 has left shift cannot be represented in type int undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c. | MEDIUM | May 10, 2017 | n/a |
CVE-2017-8339 | PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \.PSMEMDriver. | MEDIUM | May 11, 2017 | n/a |
CVE-2017-8342 | Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. | MEDIUM | May 11, 2017 | n/a |