| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14243 | Cri | 0.68 | 9.8 | 0.15 | Sep 17, 2017 | An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi,… | ||
| CVE-2017-9328 | Cri | 0.64 | 9.8 | 0.07 | Sep 15, 2017 | Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root. | ||
| CVE-2017-0898 | Cri | 0.60 | 9.1 | 0.10 | Sep 15, 2017 | Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap. | ||
| CVE-2017-10845 | Cri | 0.64 | 9.8 | 0.03 | Sep 15, 2017 | Wi-Fi STATION L-02F Software version V10g and earlier allows remote attackers to access the device with administrative privileges and perform unintended operations through a backdoor account. | ||
| CVE-2013-7429 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php. | ||
| CVE-2017-13067 | Cri | 0.68 | 9.8 | 0.17 | Sep 14, 2017 | QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a… | ||
| CVE-2017-1002028 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query. | ||
| CVE-2017-1002027 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php. | ||
| CVE-2017-1002023 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php | ||
| CVE-2017-1002022 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. | ||
| CVE-2017-1002021 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. | ||
| CVE-2017-1002020 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query. | ||
| CVE-2017-1002019 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter. | ||
| CVE-2017-1002018 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter. | ||
| CVE-2017-1002016 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files. | ||
| CVE-2017-1002015 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter. | ||
| CVE-2017-1002014 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter. | ||
| CVE-2017-1002013 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php. | ||
| CVE-2017-1002012 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement. | ||
| CVE-2017-1002010 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function. | ||
| CVE-2017-1002009 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function. | ||
| CVE-2017-1002008 | Cri | 0.68 | 9.8 | 0.17 | Sep 14, 2017 | Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges. | ||
| CVE-2017-1002003 | Cri | 0.68 | 9.8 | 0.12 | Sep 14, 2017 | Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com. | ||
| CVE-2017-1002002 | Cri | 0.68 | 9.8 | 0.13 | Sep 14, 2017 | Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/ | ||
| CVE-2017-1002001 | Cri | 0.68 | 9.8 | 0.11 | Sep 14, 2017 | Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com. | ||
| CVE-2017-1002000 | Cri | 0.69 | 9.8 | 0.27 | Sep 14, 2017 | Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content. | ||
| CVE-2017-13725 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). | ||
| CVE-2017-13690 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. | ||
| CVE-2017-13689 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). | ||
| CVE-2017-13688 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). | ||
| CVE-2017-13687 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). | ||
| CVE-2017-13055 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). | ||
| CVE-2017-13054 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). | ||
| CVE-2017-13053 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). | ||
| CVE-2017-13052 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). | ||
| CVE-2017-13051 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2017 | The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | ||
| CVE-2017-13050 | Cri | 0.64 | 9.8 | 0.05 | Sep 14, 2017 | The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). | ||
| CVE-2017-13049 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). | ||
| CVE-2017-13048 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | ||
| CVE-2017-13047 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). | ||
| CVE-2017-13046 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). | ||
| CVE-2017-13045 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). | ||
| CVE-2017-13044 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print(). | ||
| CVE-2017-13043 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn(). | ||
| CVE-2017-13042 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print(). | ||
| CVE-2017-13041 | Cri | 0.64 | 9.8 | 0.05 | Sep 14, 2017 | The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). | ||
| CVE-2017-13040 | Cri | 0.64 | 9.8 | 0.05 | Sep 14, 2017 | The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. | ||
| CVE-2017-13039 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. | ||
| CVE-2017-13038 | Cri | 0.64 | 9.8 | 0.04 | Sep 14, 2017 | The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). | ||
| CVE-2017-13037 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). |
- risk 0.68cvss 9.8epss 0.15
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi,…
- risk 0.64cvss 9.8epss 0.07
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
- risk 0.60cvss 9.1epss 0.10
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
- risk 0.64cvss 9.8epss 0.03
Wi-Fi STATION L-02F Software version V10g and earlier allows remote attackers to access the device with administrative privileges and perform unintended operations through a backdoor account.
- risk 0.64cvss 9.8epss 0.02
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.
- risk 0.68cvss 9.8epss 0.17
QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a…
- risk 0.64cvss 9.8epss 0.02
Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php
- risk 0.64cvss 9.8epss 0.04
Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query.
- risk 0.64cvss 9.8epss 0.04
Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query.
- risk 0.64cvss 9.8epss 0.04
Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.
- risk 0.64cvss 9.8epss 0.02
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
- risk 0.64cvss 9.8epss 0.02
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php.
- risk 0.64cvss 9.8epss 0.03
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.
- risk 0.64cvss 9.8epss 0.02
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function.
- risk 0.64cvss 9.8epss 0.02
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function.
- risk 0.68cvss 9.8epss 0.17
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
- risk 0.68cvss 9.8epss 0.12
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
- risk 0.68cvss 9.8epss 0.13
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
- risk 0.68cvss 9.8epss 0.11
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
- risk 0.69cvss 9.8epss 0.27
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
- risk 0.64cvss 9.8epss 0.03
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
- risk 0.64cvss 9.8epss 0.03
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
- risk 0.64cvss 9.8epss 0.03
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
- risk 0.64cvss 9.8epss 0.03
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
- risk 0.64cvss 9.8epss 0.03
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
- risk 0.64cvss 9.8epss 0.03
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
- risk 0.64cvss 9.8epss 0.03
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
- risk 0.64cvss 9.8epss 0.03
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
- risk 0.64cvss 9.8epss 0.03
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
- risk 0.64cvss 9.8epss 0.04
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
- risk 0.64cvss 9.8epss 0.05
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
- risk 0.64cvss 9.8epss 0.03
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
- risk 0.64cvss 9.8epss 0.03
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
- risk 0.64cvss 9.8epss 0.03
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
- risk 0.64cvss 9.8epss 0.03
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
- risk 0.64cvss 9.8epss 0.03
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
- risk 0.64cvss 9.8epss 0.03
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
- risk 0.64cvss 9.8epss 0.03
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
- risk 0.64cvss 9.8epss 0.03
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
- risk 0.64cvss 9.8epss 0.05
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
- risk 0.64cvss 9.8epss 0.05
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
- risk 0.64cvss 9.8epss 0.03
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
- risk 0.64cvss 9.8epss 0.04
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
- risk 0.64cvss 9.8epss 0.03
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().