| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-5263 | Hig | 0.46 | 8.1 | 0.01 | Sep 25, 2017 | pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration. | ||
| CVE-2015-5184 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2017 | Console: CORS headers set to allow all in Red Hat AMQ. | ||
| CVE-2015-5183 | Hig | 0.49 | 7.5 | 0.02 | Sep 25, 2017 | Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. | ||
| CVE-2015-5182 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2017 | Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ. | ||
| CVE-2017-14730 | Hig | 0.51 | 7.8 | 0.00 | Sep 25, 2017 | The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link. | ||
| CVE-2015-7318 | Hig | 0.49 | 7.5 | 0.02 | Sep 25, 2017 | Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses. | ||
| CVE-2015-5237 | Hig | 0.58 | 8.8 | 0.05 | Sep 25, 2017 | protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. | ||
| CVE-2015-4669 | Hig | 0.54 | 7.8 | 0.01 | Sep 25, 2017 | The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system. | ||
| CVE-2017-14729 | Hig | 0.51 | 7.8 | 0.02 | Sep 25, 2017 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and… | ||
| CVE-2017-1362 | Hig | 0.51 | 7.8 | 0.00 | Sep 25, 2017 | IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801. | ||
| CVE-2017-14683 | Hig | 0.50 | 8.8 | 0.01 | Sep 25, 2017 | geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload. | ||
| CVE-2017-14727 | Hig | 0.49 | 7.5 | 0.03 | Sep 23, 2017 | logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized. | ||
| CVE-2017-14722 | Hig | 0.49 | 7.5 | 0.08 | Sep 23, 2017 | Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. | ||
| CVE-2017-14719 | Hig | 0.50 | 7.5 | 0.13 | Sep 23, 2017 | Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. | ||
| CVE-2017-14627 | Hig | 0.55 | 7.8 | 0.19 | Sep 23, 2017 | Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in… | ||
| CVE-2017-14694 | Hig | 0.51 | 7.8 | 0.07 | Sep 22, 2017 | Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow… | ||
| CVE-2017-14705 | Hig | 0.53 | 8.1 | 0.07 | Sep 22, 2017 | DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be… | ||
| CVE-2017-6277 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or… | ||
| CVE-2017-6272 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges. | ||
| CVE-2017-6269 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation which may lead to denial of service or possible escalation of privileges. | ||
| CVE-2017-6268 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or… | ||
| CVE-2017-14081 | Hig | 0.59 | 8.8 | 0.17 | Sep 22, 2017 | Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-14079 | Hig | 0.58 | 8.8 | 0.11 | Sep 22, 2017 | Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-11396 | Hig | 0.47 | 7.2 | 0.03 | Sep 22, 2017 | Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections. | ||
| CVE-2017-11395 | Hig | 0.58 | 8.8 | 0.14 | Sep 22, 2017 | Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-3770 | Hig | 0.57 | 8.8 | 0.01 | Sep 22, 2017 | Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system. | ||
| CVE-2017-14693 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613." | ||
| CVE-2017-14692 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000653b." | ||
| CVE-2017-14691 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_773a0000!RtlAddAccessAllowedAce+0x000000000000027a." | ||
| CVE-2017-14690 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000064e7." | ||
| CVE-2017-14689 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at… | ||
| CVE-2017-14688 | Hig | 0.51 | 7.8 | 0.00 | Sep 22, 2017 | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d917." | ||
| CVE-2017-14687 | Hig | 0.51 | 7.8 | 0.01 | Sep 22, 2017 | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of… | ||
| CVE-2017-14686 | Hig | 0.51 | 7.8 | 0.02 | Sep 22, 2017 | Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in… | ||
| CVE-2017-14685 | Hig | 0.51 | 7.8 | 0.01 | Sep 22, 2017 | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because… | ||
| CVE-2017-8012 | Hig | 0.48 | 7.4 | 0.02 | Sep 22, 2017 | In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition.… | ||
| CVE-2017-8007 | Hig | 0.57 | 8.8 | 0.03 | Sep 22, 2017 | In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access… | ||
| CVE-2017-14682 | Hig | 0.57 | 8.8 | 0.02 | Sep 21, 2017 | GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928. | ||
| CVE-2017-14680 | Hig | 0.52 | 7.5 | 0.04 | Sep 21, 2017 | ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document. | ||
| CVE-2017-9281 | Hig | 0.49 | 7.5 | 0.01 | Sep 21, 2017 | An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. | ||
| CVE-2017-14650 | Hig | 0.53 | 8.1 | 0.04 | Sep 21, 2017 | A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde… | ||
| CVE-2017-14647 | Hig | 0.57 | 8.8 | 0.02 | Sep 21, 2017 | A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | ||
| CVE-2017-14646 | Hig | 0.49 | 7.5 | 0.02 | Sep 21, 2017 | The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. | ||
| CVE-2017-14644 | Hig | 0.57 | 8.8 | 0.02 | Sep 21, 2017 | A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | ||
| CVE-2017-14639 | Hig | 0.57 | 8.8 | 0.02 | Sep 21, 2017 | AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact. | ||
| CVE-2017-14320 | Hig | 0.52 | 8.0 | 0.01 | Sep 21, 2017 | Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files. | ||
| CVE-2017-12929 | Hig | 0.61 | 8.8 | 0.10 | Sep 21, 2017 | Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. | ||
| CVE-2015-3887 | Hig | 0.44 | 7.8 | 0.00 | Sep 21, 2017 | Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path. | ||
| CVE-2017-9725 | Hig | 0.51 | 7.8 | 0.01 | Sep 21, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail. | ||
| CVE-2017-9724 | Hig | 0.51 | 7.8 | 0.00 | Sep 21, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. |
- risk 0.46cvss 8.1epss 0.01
pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration.
- risk 0.49cvss 7.5epss 0.01
Console: CORS headers set to allow all in Red Hat AMQ.
- risk 0.49cvss 7.5epss 0.02
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
- risk 0.51cvss 7.8epss 0.00
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link.
- risk 0.49cvss 7.5epss 0.02
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
- risk 0.58cvss 8.8epss 0.05
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
- risk 0.54cvss 7.8epss 0.01
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
- risk 0.51cvss 7.8epss 0.02
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and…
- risk 0.51cvss 7.8epss 0.00
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
- risk 0.50cvss 8.8epss 0.01
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
- risk 0.49cvss 7.5epss 0.03
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.
- risk 0.49cvss 7.5epss 0.08
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.
- risk 0.50cvss 7.5epss 0.13
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
- risk 0.55cvss 7.8epss 0.19
Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in…
- risk 0.51cvss 7.8epss 0.07
Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow…
- risk 0.53cvss 8.1epss 0.07
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be…
- risk 0.51cvss 7.8epss 0.00
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or…
- risk 0.51cvss 7.8epss 0.00
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation which may lead to denial of service or possible escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or…
- risk 0.59cvss 8.8epss 0.17
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
- risk 0.58cvss 8.8epss 0.11
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
- risk 0.47cvss 7.2epss 0.03
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.
- risk 0.58cvss 8.8epss 0.14
Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations.
- risk 0.57cvss 8.8epss 0.01
Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
- risk 0.51cvss 7.8epss 0.00
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613."
- risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000653b."
- risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_773a0000!RtlAddAccessAllowedAce+0x000000000000027a."
- risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000064e7."
- risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at…
- risk 0.51cvss 7.8epss 0.00
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d917."
- risk 0.51cvss 7.8epss 0.01
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of…
- risk 0.51cvss 7.8epss 0.02
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in…
- risk 0.51cvss 7.8epss 0.01
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because…
- risk 0.48cvss 7.4epss 0.02
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition.…
- risk 0.57cvss 8.8epss 0.03
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access…
- risk 0.57cvss 8.8epss 0.02
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
- risk 0.52cvss 7.5epss 0.04
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.
- risk 0.49cvss 7.5epss 0.01
An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
- risk 0.53cvss 8.1epss 0.04
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde…
- risk 0.57cvss 8.8epss 0.02
A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
- risk 0.49cvss 7.5epss 0.02
The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
- risk 0.57cvss 8.8epss 0.02
A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
- risk 0.57cvss 8.8epss 0.02
AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact.
- risk 0.52cvss 8.0epss 0.01
Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files.
- risk 0.61cvss 8.8epss 0.10
Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
- risk 0.44cvss 7.8epss 0.00
Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path.
- risk 0.51cvss 7.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.
- risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address.