| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14847 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2017-14846 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2017-14845 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2017-14844 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter. | ||
| CVE-2017-14843 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla School Management System for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2017-14842 | Hig | 0.60 | 8.8 | 0.03 | Sep 28, 2017 | Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter. | ||
| CVE-2017-14840 | Hig | 0.60 | 8.8 | 0.04 | Sep 28, 2017 | TeamWork TicketPlus allows Arbitrary File Upload in updateProfile. | ||
| CVE-2017-14839 | Hig | 0.60 | 8.8 | 0.04 | Sep 28, 2017 | TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and changeCover. | ||
| CVE-2017-14838 | Hig | 0.60 | 8.8 | 0.04 | Sep 28, 2017 | TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange. | ||
| CVE-2017-1483 | Hig | 0.56 | 8.6 | 0.01 | Sep 28, 2017 | IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 128621. | ||
| CVE-2017-14796 | Hig | 0.57 | 8.8 | 0.02 | Sep 28, 2017 | The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in… | ||
| CVE-2017-14795 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2017 | The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in… | ||
| CVE-2017-14527 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2017 | Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a… | ||
| CVE-2017-14526 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2017 | Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user… | ||
| CVE-2017-1407 | Hig | 0.57 | 8.8 | 0.03 | Sep 28, 2017 | IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.… | ||
| CVE-2017-13676 | Hig | 0.46 | 7.0 | 0.00 | Sep 28, 2017 | Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will… | ||
| CVE-2017-11191 | Hig | 0.57 | 8.8 | 0.02 | Sep 28, 2017 | FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID (for the same user account) that had been created for an earlier session. NOTE: Vendor states that issue does not… | ||
| CVE-2015-3643 | Hig | 0.54 | 7.8 | 0.02 | Sep 28, 2017 | usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the… | ||
| CVE-2015-3138 | Hig | 0.42 | 7.5 | 0.02 | Sep 28, 2017 | print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). | ||
| CVE-2015-1537 | Hig | 0.51 | 7.8 | 0.02 | Sep 28, 2017 | Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. | ||
| CVE-2015-1336 | Hig | 0.54 | 7.8 | 0.01 | Sep 28, 2017 | The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use. | ||
| CVE-2017-14767 | Hig | 0.57 | 8.8 | 0.03 | Sep 27, 2017 | The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp… | ||
| CVE-2017-14766 | Hig | 0.49 | 7.5 | 0.02 | Sep 27, 2017 | The Simple Student Result plugin before 1.6.4 for WordPress has an Authentication Bypass vulnerability because the fn_ssr_add_st_submit() function and fn_ssr_del_st_submit() function in functions.php only require knowing the student id number. | ||
| CVE-2017-14764 | Hig | 0.57 | 8.8 | 0.02 | Sep 27, 2017 | In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module. | ||
| CVE-2017-14763 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2017 | In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme. | ||
| CVE-2017-14749 | Hig | 0.51 | 7.8 | 0.02 | Sep 26, 2017 | JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data. | ||
| CVE-2017-1539 | Hig | 0.57 | 8.8 | 0.02 | Sep 26, 2017 | IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID:… | ||
| CVE-2017-1527 | Hig | 0.53 | 8.1 | 0.02 | Sep 26, 2017 | IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 130156. | ||
| CVE-2017-14745 | Hig | 0.51 | 7.8 | 0.01 | Sep 26, 2017 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and… | ||
| CVE-2017-5200 | Hig | 0.57 | 8.8 | 0.03 | Sep 26, 2017 | Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client. | ||
| CVE-2017-5192 | Hig | 0.57 | 8.8 | 0.02 | Sep 26, 2017 | When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed. | ||
| CVE-2017-14704 | Hig | 0.61 | 8.8 | 0.08 | Sep 26, 2017 | Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct… | ||
| CVE-2017-14602 | Hig | 0.47 | 7.2 | 0.02 | Sep 26, 2017 | A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and… | ||
| CVE-2017-13129 | Hig | 0.55 | 8.0 | 0.01 | Sep 26, 2017 | Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens. | ||
| CVE-2017-14743 | Hig | 0.53 | 8.1 | 0.01 | Sep 26, 2017 | Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password. | ||
| CVE-2017-12154 | Hig | 0.46 | 7.1 | 0.01 | Sep 26, 2017 | The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to… | ||
| CVE-2017-14739 | Hig | 0.49 | 7.5 | 0.03 | Sep 26, 2017 | The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application… | ||
| CVE-2017-14001 | Hig | 0.58 | 8.8 | 0.06 | Sep 26, 2017 | An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS… | ||
| CVE-2017-9962 | Hig | 0.49 | 7.5 | 0.01 | Sep 26, 2017 | Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the… | ||
| CVE-2017-9961 | Hig | 0.51 | 7.8 | 0.00 | Sep 26, 2017 | A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to… | ||
| CVE-2017-9958 | Hig | 0.51 | 7.8 | 0.00 | Sep 26, 2017 | An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attacker to execute arbitrary code under the context of root. | ||
| CVE-2017-9956 | Hig | 0.48 | 7.3 | 0.01 | Sep 26, 2017 | An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as part of the HTTP cookie of a web request, resulting in… | ||
| CVE-2017-7969 | Hig | 0.57 | 8.8 | 0.01 | Sep 26, 2017 | A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type… | ||
| CVE-2014-8170 | Hig | 0.57 | 8.8 | 0.04 | Sep 26, 2017 | ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to… | ||
| CVE-2014-8156 | Hig | 0.51 | 7.8 | 0.00 | Sep 26, 2017 | The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git… | ||
| CVE-2014-0997 | Hig | 0.52 | 7.5 | 0.06 | Sep 26, 2017 | WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not… | ||
| CVE-2017-14734 | Hig | 0.57 | 8.8 | 0.02 | Sep 25, 2017 | The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to hevc_decode_init1. | ||
| CVE-2016-5868 | Hig | 0.46 | 7.0 | 0.01 | Sep 25, 2017 | drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. | ||
| CVE-2015-7293 | Hig | 0.60 | 8.8 | 0.03 | Sep 25, 2017 | Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x. | ||
| CVE-2015-5704 | Hig | 0.51 | 7.8 | 0.01 | Sep 25, 2017 | scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. |
- risk 0.60cvss 8.8epss 0.03
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.03
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.03
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.03
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.03
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.03
Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter.
- risk 0.60cvss 8.8epss 0.04
TeamWork TicketPlus allows Arbitrary File Upload in updateProfile.
- risk 0.60cvss 8.8epss 0.04
TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and changeCover.
- risk 0.60cvss 8.8epss 0.04
TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange.
- risk 0.56cvss 8.6epss 0.01
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 128621.
- risk 0.57cvss 8.8epss 0.02
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in…
- risk 0.57cvss 8.8epss 0.01
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in…
- risk 0.57cvss 8.8epss 0.01
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a…
- risk 0.57cvss 8.8epss 0.01
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user…
- risk 0.57cvss 8.8epss 0.03
IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.…
- risk 0.46cvss 7.0epss 0.00
Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will…
- risk 0.57cvss 8.8epss 0.02
FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID (for the same user account) that had been created for an earlier session. NOTE: Vendor states that issue does not…
- risk 0.54cvss 7.8epss 0.02
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the…
- risk 0.42cvss 7.5epss 0.02
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
- risk 0.51cvss 7.8epss 0.02
Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application.
- risk 0.54cvss 7.8epss 0.01
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
- risk 0.57cvss 8.8epss 0.03
The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp…
- risk 0.49cvss 7.5epss 0.02
The Simple Student Result plugin before 1.6.4 for WordPress has an Authentication Bypass vulnerability because the fn_ssr_add_st_submit() function and fn_ssr_del_st_submit() function in functions.php only require knowing the student id number.
- risk 0.57cvss 8.8epss 0.02
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.
- risk 0.57cvss 8.8epss 0.01
In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme.
- risk 0.51cvss 7.8epss 0.02
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data.
- risk 0.57cvss 8.8epss 0.02
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID:…
- risk 0.53cvss 8.1epss 0.02
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 130156.
- risk 0.51cvss 7.8epss 0.01
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and…
- risk 0.57cvss 8.8epss 0.03
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
- risk 0.57cvss 8.8epss 0.02
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
- risk 0.61cvss 8.8epss 0.08
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct…
- risk 0.47cvss 7.2epss 0.02
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and…
- risk 0.55cvss 8.0epss 0.01
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
- risk 0.53cvss 8.1epss 0.01
Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password.
- risk 0.46cvss 7.1epss 0.01
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to…
- risk 0.49cvss 7.5epss 0.03
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application…
- risk 0.58cvss 8.8epss 0.06
An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS…
- risk 0.49cvss 7.5epss 0.01
Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the…
- risk 0.51cvss 7.8epss 0.00
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to…
- risk 0.51cvss 7.8epss 0.00
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attacker to execute arbitrary code under the context of root.
- risk 0.48cvss 7.3epss 0.01
An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as part of the HTTP cookie of a web request, resulting in…
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type…
- risk 0.57cvss 8.8epss 0.04
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to…
- risk 0.51cvss 7.8epss 0.00
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git…
- risk 0.52cvss 7.5epss 0.06
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not…
- risk 0.57cvss 8.8epss 0.02
The build_msps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to hevc_decode_init1.
- risk 0.46cvss 7.0epss 0.01
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process.
- risk 0.60cvss 8.8epss 0.03
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
- risk 0.51cvss 7.8epss 0.01
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.