| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2714 | Hig | 0.52 | 8.0 | 0.01 | Nov 22, 2017 | The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system. | ||
| CVE-2017-2707 | Hig | 0.46 | 7.1 | 0.00 | Nov 22, 2017 | Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send… | ||
| CVE-2017-2706 | Hig | 0.46 | 7.1 | 0.01 | Nov 22, 2017 | Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and… | ||
| CVE-2017-2704 | Hig | 0.49 | 7.5 | 0.01 | Nov 22, 2017 | Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and… | ||
| CVE-2017-2700 | Hig | 0.49 | 7.5 | 0.01 | Nov 22, 2017 | AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks. | ||
| CVE-2017-2699 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and… | ||
| CVE-2017-2698 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to… | ||
| CVE-2017-2697 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier… | ||
| CVE-2017-2696 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and… | ||
| CVE-2017-2693 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and… | ||
| CVE-2017-2692 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier… | ||
| CVE-2017-15098 | Hig | 0.53 | 8.1 | 0.04 | Nov 22, 2017 | Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory. | ||
| CVE-2017-8863 | Hig | 0.49 | 7.5 | 0.01 | Nov 22, 2017 | Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser. | ||
| CVE-2017-5729 | Hig | 0.48 | 7.4 | 0.01 | Nov 21, 2017 | Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle. | ||
| CVE-2017-5712 | Hig | 0.47 | 7.2 | 0.04 | Nov 21, 2017 | Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. | ||
| CVE-2017-5711 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege. | ||
| CVE-2017-5710 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector. | ||
| CVE-2017-5709 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. | ||
| CVE-2017-5708 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector. | ||
| CVE-2017-5707 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code. | ||
| CVE-2017-5706 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. | ||
| CVE-2017-5705 | Hig | 0.51 | 7.8 | 0.01 | Nov 21, 2017 | Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. | ||
| CVE-2017-16923 | Hig | 0.57 | 8.8 | 0.03 | Nov 21, 2017 | Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01,… | ||
| CVE-2017-16664 | Hig | 0.57 | 8.8 | 0.02 | Nov 21, 2017 | Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation. | ||
| CVE-2017-15044 | Hig | 0.57 | 8.8 | 0.02 | Nov 21, 2017 | The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API. An attacker can also gain… | ||
| CVE-2017-2919 | Hig | 0.51 | 7.8 | 0.02 | Nov 20, 2017 | An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability | ||
| CVE-2017-2897 | Hig | 0.51 | 7.8 | 0.02 | Nov 20, 2017 | An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | ||
| CVE-2017-2896 | Hig | 0.51 | 7.8 | 0.02 | Nov 20, 2017 | An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | ||
| CVE-2017-12111 | Hig | 0.57 | 8.8 | 0.02 | Nov 20, 2017 | An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. | ||
| CVE-2017-12110 | Hig | 0.57 | 8.8 | 0.02 | Nov 20, 2017 | An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution. | ||
| CVE-2017-12608 | Hig | 0.51 | 7.8 | 0.03 | Nov 20, 2017 | A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code… | ||
| CVE-2017-12607 | Hig | 0.51 | 7.8 | 0.03 | Nov 20, 2017 | A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution. | ||
| CVE-2017-16902 | Hig | 0.52 | 7.5 | 0.08 | Nov 20, 2017 | On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. | ||
| CVE-2017-16899 | Hig | 0.46 | 7.1 | 0.01 | Nov 20, 2017 | An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in… | ||
| CVE-2017-9806 | Hig | 0.51 | 7.8 | 0.02 | Nov 20, 2017 | A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code… | ||
| CVE-2017-16544 | Hig | 0.58 | 8.8 | 0.06 | Nov 20, 2017 | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially… | ||
| CVE-2016-6804 | Hig | 0.51 | 7.8 | 0.03 | Nov 20, 2017 | The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been… | ||
| CVE-2017-16894 | Hig | 0.59 | 7.5 | 0.87 | Nov 20, 2017 | In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in… | ||
| CVE-2017-16892 | Hig | 0.49 | 7.5 | 0.01 | Nov 19, 2017 | In Bftpd before 4.7, there is a memory leak in the file rename function. | ||
| CVE-2017-16882 | Hig | 0.51 | 7.8 | 0.00 | Nov 18, 2017 | Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a non-root account), which allows local users to gain privileges by leveraging… | ||
| CVE-2017-1000217 | Hig | 0.50 | 8.8 | 0.02 | Nov 17, 2017 | Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0. | ||
| CVE-2017-4939 | Hig | 0.51 | 7.8 | 0.01 | Nov 17, 2017 | VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code. | ||
| CVE-2017-1000230 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2017 | The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack. | ||
| CVE-2017-14111 | Hig | 0.47 | 7.2 | 0.02 | Nov 17, 2017 | The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user… | ||
| CVE-2017-6168 | Hig | 0.53 | 7.4 | 0.20 | Nov 17, 2017 | On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack)… | ||
| CVE-2017-13703 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2017 | An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. | ||
| CVE-2017-1000170 | Hig | 0.56 | 7.5 | 0.59 | Nov 17, 2017 | jqueryFileTree 2.1.5 and older Directory Traversal | ||
| CVE-2017-16877 | Hig | 0.43 | 7.5 | 0.14 | Nov 17, 2017 | ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information. | ||
| CVE-2017-1000191 | Hig | 0.49 | 7.5 | 0.01 | Nov 17, 2017 | Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS. | ||
| CVE-2017-16875 | Hig | 0.49 | 7.5 | 0.03 | Nov 17, 2017 | An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger… |
- risk 0.52cvss 8.0epss 0.01
The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system.
- risk 0.46cvss 7.1epss 0.00
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send…
- risk 0.46cvss 7.1epss 0.01
Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and…
- risk 0.49cvss 7.5epss 0.01
Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and…
- risk 0.49cvss 7.5epss 0.01
AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks.
- risk 0.51cvss 7.8epss 0.01
The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and…
- risk 0.51cvss 7.8epss 0.01
The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to…
- risk 0.51cvss 7.8epss 0.01
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier…
- risk 0.51cvss 7.8epss 0.01
The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and…
- risk 0.51cvss 7.8epss 0.01
ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and…
- risk 0.51cvss 7.8epss 0.01
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier…
- risk 0.53cvss 8.1epss 0.04
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.
- risk 0.49cvss 7.5epss 0.01
Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser.
- risk 0.48cvss 7.4epss 0.01
Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.
- risk 0.47cvss 7.2epss 0.04
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
- risk 0.51cvss 7.8epss 0.01
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector.
- risk 0.51cvss 7.8epss 0.01
Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.
- risk 0.51cvss 7.8epss 0.01
Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code.
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.
- risk 0.57cvss 8.8epss 0.03
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01,…
- risk 0.57cvss 8.8epss 0.02
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
- risk 0.57cvss 8.8epss 0.02
The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API. An attacker can also gain…
- risk 0.51cvss 7.8epss 0.02
An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability
- risk 0.51cvss 7.8epss 0.02
An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.02
An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.02
An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.02
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.
- risk 0.51cvss 7.8epss 0.03
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code…
- risk 0.51cvss 7.8epss 0.03
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
- risk 0.52cvss 7.5epss 0.08
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.
- risk 0.46cvss 7.1epss 0.01
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in…
- risk 0.51cvss 7.8epss 0.02
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code…
- risk 0.58cvss 8.8epss 0.06
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially…
- risk 0.51cvss 7.8epss 0.03
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been…
- risk 0.59cvss 7.5epss 0.87
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in…
- risk 0.49cvss 7.5epss 0.01
In Bftpd before 4.7, there is a memory leak in the file rename function.
- risk 0.51cvss 7.8epss 0.00
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a non-root account), which allows local users to gain privileges by leveraging…
- risk 0.50cvss 8.8epss 0.02
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.
- risk 0.51cvss 7.8epss 0.01
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code.
- risk 0.49cvss 7.5epss 0.01
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
- risk 0.47cvss 7.2epss 0.02
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user…
- risk 0.53cvss 7.4epss 0.20
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack)…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur.
- risk 0.56cvss 7.5epss 0.59
jqueryFileTree 2.1.5 and older Directory Traversal
- risk 0.43cvss 7.5epss 0.14
ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.
- risk 0.49cvss 7.5epss 0.01
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger…