CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2017 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1001004 20 Exec Code 2017-11-27 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
2 CVE-2017-1001003 20 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
3 CVE-2017-1001002 94 Exec Code 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
4 CVE-2017-1000406 254 2017-11-30 2017-12-20
5.0
None Remote Low Not required None Partial None
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
5 CVE-2017-1000405 362 2017-11-30 2018-02-13
6.9
None Local Medium Not required Complete Complete Complete
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.
6 CVE-2017-1000248 502 2017-11-17 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
7 CVE-2017-1000247 20 2017-11-17 2017-12-04
5.0
None Remote Low Not required None Partial None
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
8 CVE-2017-1000246 330 2017-11-17 2019-10-03
5.0
None Remote Low Not required Partial None None
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
9 CVE-2017-1000245 522 2017-11-01 2019-10-03
5.0
None Remote Low Not required Partial None None
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.
10 CVE-2017-1000244 352 CSRF 2017-11-01 2019-05-22
6.8
None Remote Medium Not required Partial Partial Partial
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification
11 CVE-2017-1000241 269 2017-11-17 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
12 CVE-2017-1000238 434 2017-11-17 2017-11-30
6.5
None Remote Low ??? Partial Partial Partial
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver.
13 CVE-2017-1000237 918 2017-11-17 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
14 CVE-2017-1000235 78 2017-11-17 2017-11-29
10.0
None Remote Low Not required Complete Complete Complete
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
15 CVE-2017-1000234 200 +Info 2017-11-17 2017-11-29
5.0
None Remote Low Not required Partial None None
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter
16 CVE-2017-1000232 415 2017-11-17 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
17 CVE-2017-1000231 415 2017-11-17 2018-02-04
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
18 CVE-2017-1000230 20 DoS 2017-11-17 2017-12-02
5.0
None Remote Low Not required None None Partial
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.
19 CVE-2017-1000229 190 DoS Exec Code Overflow 2017-11-17 2019-05-06
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
20 CVE-2017-1000228 20 Exec Code 2017-11-17 2017-11-30
10.0
None Remote Low Not required Complete Complete Complete
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
21 CVE-2017-1000226 200 +Info 2017-11-17 2017-12-04
5.0
None Remote Low Not required Partial None None
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
22 CVE-2017-1000220 78 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
23 CVE-2017-1000219 78 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
24 CVE-2017-1000218 119 DoS Exec Code Overflow 2017-11-17 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
25 CVE-2017-1000217 74 Exec Code 2017-11-17 2019-04-29
6.8
None Remote Medium Not required Partial Partial Partial
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.
26 CVE-2017-1000215 78 Exec Code 2017-11-17 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
27 CVE-2017-1000214 78 2017-11-27 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
GitPHP by xiphux is vulnerable to OS Command Injections
28 CVE-2017-1000212 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
29 CVE-2017-1000211 416 2017-11-17 2018-02-04
5.0
None Remote Low Not required Partial None None
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.
30 CVE-2017-1000210 119 DoS Exec Code Overflow 2017-11-17 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
31 CVE-2017-1000208 502 Exec Code 2017-11-17 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
32 CVE-2017-1000207 502 Exec Code 2017-11-27 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
33 CVE-2017-1000206 119 Exec Code Overflow 2017-11-17 2017-12-01
7.5
None Remote Low Not required Partial Partial Partial
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
34 CVE-2017-1000203 78 Exec Code 2017-11-17 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
35 CVE-2017-1000200 476 DoS 2017-11-17 2017-12-02
5.0
None Remote Low Not required None None Partial
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
36 CVE-2017-1000199 200 +Info 2017-11-17 2017-12-02
5.0
None Remote Low Not required Partial None None
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
37 CVE-2017-1000198 119 DoS Overflow 2017-11-17 2017-12-02
5.0
None Remote Low Not required None None Partial
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
38 CVE-2017-1000197 417 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
39 CVE-2017-1000196 94 Exec Code 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
40 CVE-2017-1000195 502 2017-11-17 2020-08-03
6.4
None Remote Low Not required None Partial Partial
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server.
41 CVE-2017-1000194 434 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server.
42 CVE-2017-1000192 File Inclusion 2017-11-17 2019-10-03
5.0
None Remote Low Not required Partial None None
Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File Inclusion in the functionality of javascript files inclusion. The attacker can read the configuration files that contain the login and password from the database, private encryption key, as well as other sensitive information.
43 CVE-2017-1000191 400 2017-11-17 2017-12-04
7.8
None Remote Low Not required None None Complete
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
44 CVE-2017-1000190 611 2017-11-17 2019-07-23
6.4
None Remote Low Not required Partial None Partial
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.
45 CVE-2017-1000189 20 2017-11-17 2017-11-30
5.0
None Remote Low Not required None None Partial
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile()
46 CVE-2017-1000173 125 Exec Code Overflow 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow.
47 CVE-2017-1000172 416 Exec Code 2017-11-17 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.
48 CVE-2017-1000171 532 2017-11-03 2017-11-22
5.0
None Remote Low Not required Partial None None
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.
49 CVE-2017-1000170 22 Dir. Trav. 2017-11-17 2021-03-25
5.0
None Remote Low Not required Partial None None
jqueryFileTree 2.1.5 and older Directory Traversal
50 CVE-2017-1000169 20 Exec Code 2017-11-17 2017-12-02
10.0
None Remote Low Not required Complete Complete Complete
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.
Total number of vulnerabilities : 669   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.