| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11354 | Cri | 0.64 | 9.8 | 0.01 | Jul 17, 2017 | Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name. | ||
| CVE-2017-11349 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. | ||
| CVE-2017-11346 | Cri | 0.70 | 9.8 | 0.43 | Jul 17, 2017 | Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos. | ||
| CVE-2017-11329 | Cri | 0.64 | 9.8 | 0.01 | Jul 17, 2017 | GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers. | ||
| CVE-2017-10601 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition… | ||
| CVE-2017-1000362 | Cri | 0.57 | 9.8 | 0.02 | Jul 17, 2017 | The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins… | ||
| CVE-2017-1000081 | Cri | 0.64 | 9.8 | 0.03 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution. | ||
| CVE-2017-1000075 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function | ||
| CVE-2017-1000074 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function. | ||
| CVE-2017-1000073 | Cri | 0.64 | 9.8 | 0.03 | Jul 17, 2017 | Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution. | ||
| CVE-2017-1000072 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations | ||
| CVE-2017-1000060 | Cri | 0.64 | 9.8 | 0.03 | Jul 17, 2017 | EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root | ||
| CVE-2017-1000056 | Cri | 0.57 | 9.8 | 0.02 | Jul 17, 2017 | Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object. | ||
| CVE-2017-1000047 | Cri | 0.64 | 9.8 | 0.04 | Jul 17, 2017 | rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution | ||
| CVE-2017-1000044 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering | ||
| CVE-2017-1000039 | Cri | 0.64 | 9.8 | 0.03 | Jul 17, 2017 | Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution | ||
| CVE-2017-1000037 | Cri | 0.64 | 9.8 | 0.06 | Jul 17, 2017 | RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution… | ||
| CVE-2017-1000030 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based… | ||
| CVE-2017-1000020 | Cri | 0.64 | 9.8 | 0.03 | Jul 17, 2017 | SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does… | ||
| CVE-2017-1000009 | Cri | 0.64 | 9.8 | 0.04 | Jul 17, 2017 | Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution. | ||
| CVE-2017-1000004 | Cri | 0.64 | 9.8 | 0.05 | Jul 17, 2017 | ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search,… | ||
| CVE-2017-1000003 | Cri | 0.64 | 9.8 | 0.02 | Jul 17, 2017 | ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the… | ||
| CVE-2017-1000002 | Cri | 0.69 | 9.8 | 0.31 | Jul 17, 2017 | ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component… | ||
| CVE-2017-0028 | Cri | 0.65 | 9.8 | 0.19 | Jul 17, 2017 | A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully… | ||
| CVE-2016-6793 | Cri | 0.60 | 9.1 | 0.08 | Jul 17, 2017 | The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute… | ||
| CVE-2017-9788 | Cri | 0.64 | 9.1 | 0.57 | Jul 13, 2017 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment… | ||
| CVE-2016-8964 | Cri | 0.64 | 9.8 | 0.02 | Jul 13, 2017 | IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853. | ||
| CVE-2017-11174 | Cri | 0.64 | 9.8 | 0.01 | Jul 12, 2017 | In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses. | ||
| CVE-2017-4053 | Cri | 0.64 | 9.8 | 0.03 | Jul 12, 2017 | Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter. | ||
| CVE-2017-4052 | Cri | 0.64 | 9.8 | 0.02 | Jul 12, 2017 | Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP… | ||
| CVE-2017-11187 | Cri | 0.64 | 9.8 | 0.01 | Jul 12, 2017 | phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly. | ||
| CVE-2017-11167 | Cri | 0.64 | 9.8 | 0.02 | Jul 12, 2017 | FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value. | ||
| CVE-2016-8638 | Cri | 0.52 | 9.1 | 0.02 | Jul 12, 2017 | A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and… | ||
| CVE-2017-11165 | Cri | 0.72 | 9.8 | 0.64 | Jul 12, 2017 | dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. | ||
| CVE-2017-8589 | Cri | 0.66 | 9.8 | 0.26 | Jul 11, 2017 | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in… | ||
| CVE-2017-7728 | Cri | 0.64 | 9.8 | 0.03 | Jul 11, 2017 | On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography. | ||
| CVE-2017-5640 | Cri | 0.64 | 9.8 | 0.03 | Jul 10, 2017 | It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not). If the malicious server responds with 'COMPLETE' before the… | ||
| CVE-2017-7175 | Cri | 0.68 | 9.9 | 0.07 | Jul 10, 2017 | NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field). | ||
| CVE-2017-9791 | Cri | 0.80 | 9.8 | 0.99 | KEV | Jul 10, 2017 | The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. | |
| CVE-2017-11147 | Cri | 0.60 | 9.1 | 0.05 | Jul 10, 2017 | In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | ||
| CVE-2017-11139 | Cri | 0.64 | 9.8 | 0.03 | Jul 10, 2017 | GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | ||
| CVE-2017-11125 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2017 | libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. | ||
| CVE-2017-11124 | Cri | 0.64 | 9.8 | 0.02 | Jul 10, 2017 | libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. | ||
| CVE-2017-4976 | Cri | 0.64 | 9.8 | 0.02 | Jul 9, 2017 | EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server. | ||
| CVE-2017-7512 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2017 | Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in… | ||
| CVE-2017-9629 | Cri | 0.64 | 9.8 | 0.10 | Jul 7, 2017 | A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context… | ||
| CVE-2017-1000082 | Cri | 0.64 | 9.8 | 0.04 | Jul 7, 2017 | systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended. | ||
| CVE-2017-10966 | Cri | 0.64 | 9.8 | 0.03 | Jul 7, 2017 | An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table. | ||
| CVE-2017-10965 | Cri | 0.64 | 9.8 | 0.03 | Jul 7, 2017 | An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. | ||
| CVE-2017-2237 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2017 | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. |
- risk 0.64cvss 9.8epss 0.01
Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name.
- risk 0.64cvss 9.8epss 0.02
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data.
- risk 0.70cvss 9.8epss 0.43
Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.
- risk 0.64cvss 9.8epss 0.01
GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.
- risk 0.64cvss 9.8epss 0.02
A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition…
- risk 0.57cvss 9.8epss 0.02
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins…
- risk 0.64cvss 9.8epss 0.03
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
- risk 0.64cvss 9.8epss 0.02
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function
- risk 0.64cvss 9.8epss 0.02
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.
- risk 0.64cvss 9.8epss 0.03
Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.
- risk 0.64cvss 9.8epss 0.02
Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations
- risk 0.64cvss 9.8epss 0.03
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root
- risk 0.57cvss 9.8epss 0.02
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
- risk 0.64cvss 9.8epss 0.04
rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution
- risk 0.64cvss 9.8epss 0.02
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
- risk 0.64cvss 9.8epss 0.03
Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution
- risk 0.64cvss 9.8epss 0.06
RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution…
- risk 0.64cvss 9.8epss 0.02
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based…
- risk 0.64cvss 9.8epss 0.03
SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does…
- risk 0.64cvss 9.8epss 0.04
Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.
- risk 0.64cvss 9.8epss 0.05
ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search,…
- risk 0.64cvss 9.8epss 0.02
ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the…
- risk 0.69cvss 9.8epss 0.31
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component…
- risk 0.65cvss 9.8epss 0.19
A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…
- risk 0.60cvss 9.1epss 0.08
The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute…
- risk 0.64cvss 9.1epss 0.57
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment…
- risk 0.64cvss 9.8epss 0.02
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.
- risk 0.64cvss 9.8epss 0.01
In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses.
- risk 0.64cvss 9.8epss 0.03
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.
- risk 0.64cvss 9.8epss 0.02
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP…
- risk 0.64cvss 9.8epss 0.01
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.
- risk 0.64cvss 9.8epss 0.02
FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value.
- risk 0.52cvss 9.1epss 0.02
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and…
- risk 0.72cvss 9.8epss 0.64
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.
- risk 0.66cvss 9.8epss 0.26
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in…
- risk 0.64cvss 9.8epss 0.03
On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography.
- risk 0.64cvss 9.8epss 0.03
It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not). If the malicious server responds with 'COMPLETE' before the…
- risk 0.68cvss 9.9epss 0.07
NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).
- risk 0.80cvss 9.8epss 0.99
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
- risk 0.60cvss 9.1epss 0.05
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
- risk 0.64cvss 9.8epss 0.03
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.
- risk 0.64cvss 9.8epss 0.02
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
- risk 0.64cvss 9.8epss 0.02
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
- risk 0.64cvss 9.8epss 0.02
EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server.
- risk 0.64cvss 9.8epss 0.02
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in…
- risk 0.64cvss 9.8epss 0.10
A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context…
- risk 0.64cvss 9.8epss 0.04
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer.
- risk 0.64cvss 9.8epss 0.02
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.