| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-14076 |
89 |
|
Sql |
2017-08-31 |
2017-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action. |
|
2 |
CVE-2017-14069 |
89 |
|
Sql |
2017-08-31 |
2017-09-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php. |
|
3 |
CVE-2017-14064 |
119 |
|
Overflow |
2017-08-31 |
2019-05-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. |
|
4 |
CVE-2017-14063 |
20 |
|
|
2017-08-31 |
2020-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL (CVE-2016-8624) and Oracle Java 8 java.net.URL. |
|
5 |
CVE-2017-14062 |
190 |
|
DoS Overflow |
2017-08-31 |
2020-12-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. |
|
6 |
CVE-2017-14061 |
190 |
|
DoS Overflow |
2017-08-31 |
2019-10-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. |
|
7 |
CVE-2017-14059 |
834 |
|
|
2017-08-31 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large "duration" field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop. |
|
8 |
CVE-2017-14057 |
834 |
|
|
2017-08-31 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large "name_len" or "count" field in the header but does not contain sufficient backing data, is provided, the loops over the name and markers would consume huge CPU and memory resources, since there is no EOF check inside these loops. |
|
9 |
CVE-2017-14056 |
834 |
|
|
2017-08-31 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted RL2 file, which claims a large "frame_count" field in the header but does not contain sufficient backing data, is provided, the loops (for offset and size tables) would consume huge CPU and memory resources, since there is no EOF check inside these loops. |
|
10 |
CVE-2017-14055 |
834 |
|
|
2017-08-31 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "nb_frames" field in the header but does not contain sufficient backing data, is provided, the loop over the frames would consume huge CPU and memory resources, since there is no EOF check inside the loop. |
|
11 |
CVE-2017-14054 |
834 |
|
|
2017-08-31 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would consume huge CPU resources, since there is no EOF check inside the loop. |
|
12 |
CVE-2017-14050 |
434 |
|
Exec Code |
2017-08-31 |
2017-09-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file. |
|
13 |
CVE-2017-14048 |
352 |
|
CSRF |
2017-08-31 |
2017-09-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. NOTE: this can be exploited via CSRF. |
|
14 |
CVE-2017-14041 |
787 |
|
DoS Exec Code Overflow |
2017-08-30 |
2021-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. |
|
15 |
CVE-2017-14040 |
787 |
|
DoS |
2017-08-30 |
2021-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact. |
|
16 |
CVE-2017-14039 |
787 |
|
DoS Overflow |
2017-08-30 |
2021-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. |
|
17 |
CVE-2017-14038 |
601 |
|
|
2017-08-30 |
2017-09-01 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability. |
|
18 |
CVE-2017-14035 |
502 |
|
|
2017-08-30 |
2017-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CrushFTP 8.x before 8.2.0 has a serialization vulnerability. |
|
19 |
CVE-2017-14032 |
287 |
|
Bypass |
2017-08-30 |
2017-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. |
|
20 |
CVE-2017-13780 |
22 |
|
Dir. Trav. |
2017-08-30 |
2021-02-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter. |
|
21 |
CVE-2017-13777 |
834 |
|
DoS |
2017-08-30 |
2019-12-16 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. |
|
22 |
CVE-2017-13776 |
834 |
|
DoS |
2017-08-30 |
2019-12-16 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. |
|
23 |
CVE-2017-13775 |
|
|
DoS |
2017-08-30 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. |
|
24 |
CVE-2017-13767 |
20 |
|
|
2017-08-30 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation. |
|
25 |
CVE-2017-13766 |
787 |
|
|
2017-08-30 |
2017-12-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. |
|
26 |
CVE-2017-13765 |
125 |
|
|
2017-08-30 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. |
|
27 |
CVE-2017-13764 |
476 |
|
|
2017-08-30 |
2017-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation. |
|
28 |
CVE-2017-13763 |
770 |
|
|
2017-08-30 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited. |
|
29 |
CVE-2017-13753 |
20 |
|
DoS |
2017-08-29 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function JPC_NOMINALGAIN() in jpc/jpc_t1cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
30 |
CVE-2017-13752 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
31 |
CVE-2017-13751 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
32 |
CVE-2017-13750 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
33 |
CVE-2017-13749 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
34 |
CVE-2017-13748 |
772 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. |
|
35 |
CVE-2017-13747 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
36 |
CVE-2017-13746 |
617 |
|
DoS |
2017-08-29 |
2021-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. |
|
37 |
CVE-2017-13745 |
617 |
|
DoS |
2017-08-29 |
2021-02-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. |
|
38 |
CVE-2017-13740 |
119 |
|
DoS Overflow |
2017-08-29 |
2017-12-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. |
|
39 |
CVE-2017-13739 |
119 |
|
DoS Exec Code Overflow |
2017-08-29 |
2017-09-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. |
|
40 |
CVE-2017-13738 |
125 |
|
|
2017-08-29 |
2017-12-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. |
|
41 |
CVE-2017-13735 |
20 |
|
DoS |
2017-08-29 |
2017-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. |
|
42 |
CVE-2017-13716 |
770 |
|
DoS |
2017-08-28 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). |
|
43 |
CVE-2017-13715 |
665 |
|
DoS Exec Code |
2017-08-29 |
2022-01-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet. |
|
44 |
CVE-2017-13712 |
476 |
|
DoS |
2017-08-28 |
2017-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument. |
|
45 |
CVE-2017-13710 |
476 |
|
DoS |
2017-08-27 |
2017-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. |
|
46 |
CVE-2017-13709 |
20 |
|
|
2017-08-27 |
2017-09-06 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. |
|
47 |
CVE-2017-13708 |
119 |
|
Exec Code Overflow |
2017-08-31 |
2017-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. |
|
48 |
CVE-2017-13707 |
269 |
|
Exec Code +Priv |
2017-08-27 |
2020-05-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in order to navigate the filesystem and modify a critical file such as /etc/passwd. |
|
49 |
CVE-2017-13692 |
20 |
|
DoS |
2017-08-25 |
2017-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attackers to cause a denial of service (Segmentation Fault), as demonstrated by an invalid ISALNUM argument. |
|
50 |
CVE-2017-13686 |
476 |
|
DoS |
2017-08-24 |
2017-08-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system calls. NOTE: this does not affect any stable release. |
