VYPR

CVEs

101,975 total · page 1842 of 2,040

  • CVE-2017-17535HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17534HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521.

  • CVE-2017-17533HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot…

  • CVE-2017-17532HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17531HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17530HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: this is disputed by a third party because no…

  • CVE-2017-17529HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17528HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17527HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has…

  • CVE-2017-17526HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17525HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17524HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17522HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.04

    Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that…

  • CVE-2017-17521HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534.

  • CVE-2017-17520HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is…

  • CVE-2017-17519HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17518HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being…

  • CVE-2017-17517HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17516HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2017-17515HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to…

  • CVE-2017-17514HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does…

  • CVE-2017-17513HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun,…

  • CVE-2017-17511HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.

  • CVE-2017-5663HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating, an authenticated user with client/loan/center/staff/group read permissions is able to inject malicious SQL into SELECT queries. The 'sqlSearch' parameter on a number of endpoints is not sanitized and…

  • CVE-2017-17684HigDec 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.

  • CVE-2017-17683HigDec 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.

  • CVE-2017-7738HigDec 13, 2017
    risk 0.47cvss 7.2epss 0.01

    An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI…

  • CVE-2017-17665HigDec 13, 2017
    risk 0.57cvss 8.8epss 0.01

    In Octopus Deploy before 4.1.3, the machine update process doesn't check that the user has access to all environments. This allows an access-control bypass because the set of environments to which a machine is scoped may include environments in which the user lacks access.

  • CVE-2017-1635HigDec 13, 2017
    risk 0.52cvss 8.0epss 0.03

    IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID:…

  • CVE-2017-17537HigDec 13, 2017
    risk 0.49cvss 7.5epss 0.02

    MikroTik RouterBOARD v6.39.2 and v6.40.5 allows an unauthenticated remote attacker to cause a denial of service by connecting to TCP port 53 and sending data that begins with many '\0' characters, possibly related to DNS.

  • CVE-2017-17615HigDec 13, 2017
    risk 0.60cvss 8.8epss 0.02

    Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.

  • CVE-2017-17593HigDec 13, 2017
    risk 0.52cvss 7.5epss 0.06

    Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.

  • CVE-2017-17568HigDec 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

  • CVE-2017-17567HigDec 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.

  • CVE-2017-17538HigDec 13, 2017
    risk 0.52cvss 7.5epss 0.08

    MikroTik v6.40.5 devices allow remote attackers to cause a denial of service via a flood of ICMP packets.

  • CVE-2017-5534HigDec 13, 2017
    risk 0.57cvss 8.8epss 0.01

    The tibbr user profiles components of tibbr Community, and tibbr Enterprise expose a weakness in an improperly sandboxed third-party component. Affected releases are TIBCO Software Inc. tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below;…

  • CVE-2017-5530HigDec 13, 2017
    risk 0.53cvss 8.1epss 0.01

    The tibbr web server components of tibbr Community, and tibbr Enterprise contain SAML protocol handling errors which may allow authorized users to impersonate other users, and therefore escalate their access privileges. Affected releases are tibbr Community 5.2.1 and below;…

  • CVE-2017-14362HigDec 13, 2017
    risk 0.47cvss 7.3epss 0.01

    Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack.

  • CVE-2017-14361HigDec 13, 2017
    risk 0.48cvss 7.4epss 0.01

    Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack.

  • CVE-2017-13099HigDec 13, 2017
    risk 0.54cvss 7.5epss 0.25

    wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."

  • CVE-2017-13098HigDec 13, 2017
    risk 0.47cvss 7.5epss 0.24

    BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a…

  • CVE-2017-17566HigDec 12, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

  • CVE-2017-17564HigDec 12, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.

  • CVE-2017-17563HigDec 12, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.

  • CVE-2017-11936HigDec 12, 2017
    risk 0.58cvss 8.8epss 0.04

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

  • CVE-2017-11935HigDec 12, 2017
    risk 0.52cvss 7.8epss 0.19

    Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".

  • CVE-2017-11932HigDec 12, 2017
    risk 0.53cvss 8.1epss 0.06

    Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability".

  • CVE-2017-11930HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.09

    ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the…

  • CVE-2017-11918HigDec 12, 2017
    risk 0.57cvss 7.5epss 0.63

    ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2017-11916HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.06

    ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889,…