| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-1001004 |
20 |
|
Exec Code |
2017-11-27 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. |
|
2 |
CVE-2017-1001003 |
20 |
|
|
2017-11-27 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object. |
|
3 |
CVE-2017-1001002 |
94 |
|
Exec Code |
2017-11-27 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. |
|
4 |
CVE-2017-1000405 |
362 |
|
|
2017-11-30 |
2018-02-13 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp. |
|
5 |
CVE-2017-1000248 |
502 |
|
|
2017-11-17 |
2017-12-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis |
|
6 |
CVE-2017-1000244 |
352 |
|
CSRF |
2017-11-01 |
2019-05-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification |
|
7 |
CVE-2017-1000241 |
269 |
|
|
2017-11-17 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators. |
|
8 |
CVE-2017-1000238 |
434 |
|
|
2017-11-17 |
2017-11-30 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver. |
|
9 |
CVE-2017-1000237 |
918 |
|
|
2017-11-17 |
2017-11-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password. |
|
10 |
CVE-2017-1000235 |
78 |
|
|
2017-11-17 |
2017-11-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised. |
|
11 |
CVE-2017-1000232 |
415 |
|
|
2017-11-17 |
2020-04-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. |
|
12 |
CVE-2017-1000231 |
415 |
|
|
2017-11-17 |
2018-02-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. |
|
13 |
CVE-2017-1000229 |
190 |
|
DoS Exec Code Overflow |
2017-11-17 |
2019-05-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service. |
|
14 |
CVE-2017-1000228 |
20 |
|
Exec Code |
2017-11-17 |
2017-11-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function |
|
15 |
CVE-2017-1000220 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution |
|
16 |
CVE-2017-1000219 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user |
|
17 |
CVE-2017-1000218 |
119 |
|
DoS Exec Code Overflow |
2017-11-17 |
2017-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution. |
|
18 |
CVE-2017-1000217 |
74 |
|
Exec Code |
2017-11-17 |
2019-04-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0. |
|
19 |
CVE-2017-1000215 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution |
|
20 |
CVE-2017-1000214 |
78 |
|
|
2017-11-27 |
2017-12-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
GitPHP by xiphux is vulnerable to OS Command Injections |
|
21 |
CVE-2017-1000212 |
|
|
Exec Code |
2017-11-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code. |
|
22 |
CVE-2017-1000210 |
119 |
|
DoS Exec Code Overflow |
2017-11-17 |
2017-11-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack |
|
23 |
CVE-2017-1000208 |
502 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. |
|
24 |
CVE-2017-1000207 |
502 |
|
Exec Code |
2017-11-27 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification. |
|
25 |
CVE-2017-1000206 |
119 |
|
Exec Code Overflow |
2017-11-17 |
2017-12-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution |
|
26 |
CVE-2017-1000203 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution |
|
27 |
CVE-2017-1000197 |
417 |
|
|
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server. |
|
28 |
CVE-2017-1000196 |
94 |
|
Exec Code |
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server. |
|
29 |
CVE-2017-1000195 |
502 |
|
|
2017-11-17 |
2020-08-03 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server. |
|
30 |
CVE-2017-1000194 |
434 |
|
|
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server. |
|
31 |
CVE-2017-1000191 |
400 |
|
|
2017-11-17 |
2017-12-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS. |
|
32 |
CVE-2017-1000190 |
611 |
|
|
2017-11-17 |
2019-07-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on. |
|
33 |
CVE-2017-1000173 |
125 |
|
Exec Code Overflow |
2017-11-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow. |
|
34 |
CVE-2017-1000172 |
416 |
|
Exec Code |
2017-11-17 |
2017-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition. |
|
35 |
CVE-2017-1000169 |
20 |
|
Exec Code |
2017-11-17 |
2017-12-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB. |
|
36 |
CVE-2017-1000158 |
190 |
|
Exec Code Overflow |
2017-11-17 |
2022-06-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) |
|
37 |
CVE-2017-1000154 |
287 |
|
|
2017-11-03 |
2017-11-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended. |
|
38 |
CVE-2017-1000153 |
732 |
|
|
2017-11-03 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account. |
|
39 |
CVE-2017-1000152 |
|
|
|
2017-11-03 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such as an admin changing another user's account settings. |
|
40 |
CVE-2017-1000150 |
384 |
|
|
2017-11-03 |
2017-11-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks. |
|
41 |
CVE-2017-1000148 |
502 |
|
Exec Code |
2017-11-03 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize()" function when importing a skin from an XML file. |
|
42 |
CVE-2017-1000147 |
352 |
|
CSRF |
2017-11-03 |
2017-11-15 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. This could allow an attacker to trick a Mahara user into unknowingly uploading malicious files into their Mahara account. |
|
43 |
CVE-2017-1000139 |
918 |
|
|
2017-11-03 |
2017-11-15 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to server-side request forgery attacks as not all processes of curl redirects are checked against a white or black list. Employing SafeCurl will prevent issues. |
|
44 |
CVE-2017-1000134 |
732 |
|
|
2017-11-03 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable because group members can lose access to the group files they uploaded if another group member changes the access permissions on them. |
|
45 |
CVE-2017-1000121 |
190 |
|
Overflow |
2017-11-01 |
2017-11-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products. |
|
46 |
CVE-2017-17067 |
863 |
|
Bypass |
2017-11-30 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks. |
|
47 |
CVE-2017-17065 |
20 |
|
DoS |
2017-11-30 |
2017-12-20 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request. |
|
48 |
CVE-2017-17053 |
416 |
|
|
2017-11-29 |
2018-12-19 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y. |
|
49 |
CVE-2017-17052 |
416 |
|
|
2017-11-29 |
2017-12-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. |
|
50 |
CVE-2017-17045 |
416 |
|
DoS +Priv +Info |
2017-11-28 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors. |
