| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-8366 |
119 |
|
DoS Overflow |
2017-04-30 |
2017-11-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter. |
|
2 |
CVE-2017-8364 |
119 |
|
DoS Overflow |
2017-04-30 |
2020-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. |
|
3 |
CVE-2017-8361 |
119 |
|
DoS Overflow |
2017-04-30 |
2019-03-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. |
|
4 |
CVE-2017-8359 |
787 |
|
|
2017-04-30 |
2017-12-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c. |
|
5 |
CVE-2017-8358 |
119 |
|
Overflow |
2017-04-30 |
2017-05-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. |
|
6 |
CVE-2017-8327 |
400 |
|
DoS |
2017-04-29 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image. |
|
7 |
CVE-2017-8326 |
682 |
|
DoS |
2017-04-29 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c. |
|
8 |
CVE-2017-8325 |
119 |
|
DoS Overflow |
2017-04-29 |
2019-09-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image. |
|
9 |
CVE-2017-8307 |
|
|
DoS |
2017-04-27 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also exploitable in conjunction with CVE-2017-8308 when Avast Self-Defense is enabled. The vulnerability allows for Denial of Service attacks and hiding traces of a possible attack. |
|
10 |
CVE-2017-8305 |
119 |
|
Overflow |
2017-04-27 |
2017-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy. |
|
11 |
CVE-2017-8297 |
22 |
|
Dir. Trav. |
2017-04-27 |
2017-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component). |
|
12 |
CVE-2017-8291 |
704 |
|
Exec Code Bypass |
2017-04-27 |
2018-01-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. |
|
13 |
CVE-2017-8289 |
119 |
|
DoS Overflow |
2017-04-27 |
2017-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via a malformed IPv6 address. |
|
14 |
CVE-2017-8288 |
20 |
|
Exec Code |
2017-04-27 |
2017-05-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (e.g., what applications you have opened or what music you were playing), or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extensionSystem.js. |
|
15 |
CVE-2017-8287 |
119 |
|
Overflow |
2017-04-27 |
2021-01-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. |
|
16 |
CVE-2017-8284 |
94 |
|
+Priv |
2017-04-26 |
2019-10-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
** DISPUTED ** The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes." |
|
17 |
CVE-2017-8283 |
22 |
|
Dir. Trav. |
2017-04-26 |
2017-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD. |
|
18 |
CVE-2017-8225 |
522 |
|
Bypass |
2017-04-25 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI. |
|
19 |
CVE-2017-8224 |
798 |
|
|
2017-04-25 |
2017-05-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. |
|
20 |
CVE-2017-8220 |
78 |
|
Exec Code |
2017-04-25 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data. |
|
21 |
CVE-2017-8218 |
1188 |
|
|
2017-04-25 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password. |
|
22 |
CVE-2017-8114 |
269 |
|
|
2017-04-29 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin. |
|
23 |
CVE-2017-8110 |
611 |
|
|
2017-04-25 |
2020-07-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php. |
|
24 |
CVE-2017-8105 |
787 |
|
Overflow |
2017-04-24 |
2021-01-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. |
|
25 |
CVE-2017-8101 |
352 |
|
CSRF |
2017-04-24 |
2017-04-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request. |
|
26 |
CVE-2017-8081 |
338 |
|
CSRF |
2017-04-30 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce. |
|
27 |
CVE-2017-8076 |
326 |
|
|
2017-04-23 |
2017-04-27 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. |
|
28 |
CVE-2017-8072 |
388 |
|
|
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors. |
|
29 |
CVE-2017-8070 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
30 |
CVE-2017-8069 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
31 |
CVE-2017-8068 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
32 |
CVE-2017-8067 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
33 |
CVE-2017-8066 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
34 |
CVE-2017-8065 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
35 |
CVE-2017-8064 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-11-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
36 |
CVE-2017-8063 |
119 |
|
DoS Overflow |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
37 |
CVE-2017-8062 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
38 |
CVE-2017-8061 |
119 |
|
DoS Overflow Mem. Corr. |
2017-04-23 |
2017-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. |
|
39 |
CVE-2017-8051 |
78 |
|
|
2017-04-21 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands. |
|
40 |
CVE-2017-7991 |
89 |
|
Sql |
2017-04-22 |
2020-04-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php. |
|
41 |
CVE-2017-7990 |
352 |
|
XSS CSRF |
2017-04-21 |
2017-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp. |
|
42 |
CVE-2017-7981 |
78 |
|
Exec Code |
2017-04-29 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this value, even with shell metacharacters, as demonstrated by a '<?plugin SyntaxHighlighter syntax="c;id"' line to execute the id command. |
|
43 |
CVE-2017-7979 |
20 |
|
DoS |
2017-04-19 |
2017-04-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possibly have unspecified other impact via "tc filter add" commands in certain contexts. NOTE: this does not affect stable kernels, such as 4.10.x, from kernel.org. |
|
44 |
CVE-2017-7975 |
190 |
|
DoS Exec Code Overflow |
2017-04-19 |
2017-11-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code. |
|
45 |
CVE-2017-7964 |
1188 |
|
|
2017-04-19 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process. |
|
46 |
CVE-2017-7961 |
119 |
|
DoS Overflow |
2017-04-19 |
2019-06-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components." |
|
47 |
CVE-2017-7951 |
352 |
|
CSRF |
2017-04-21 |
2017-04-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context. |
|
48 |
CVE-2017-7948 |
190 |
|
DoS Overflow |
2017-04-19 |
2019-03-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document. |
|
49 |
CVE-2017-7938 |
119 |
|
DoS Overflow |
2017-04-20 |
2017-08-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files. |
|
50 |
CVE-2017-7895 |
119 |
|
Overflow |
2017-04-28 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. |
