| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-1000253 |
119 |
|
Overflow |
2017-10-05 |
2017-12-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary. |
|
2 |
CVE-2017-1000116 |
78 |
|
|
2017-10-05 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. |
|
3 |
CVE-2017-1000111 |
787 |
|
|
2017-10-05 |
2020-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. |
|
4 |
CVE-2017-16228 |
|
|
Exec Code |
2017-10-29 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117. |
|
5 |
CVE-2017-15994 |
354 |
|
Bypass |
2017-10-29 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects. |
|
6 |
CVE-2017-15993 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter. |
|
7 |
CVE-2017-15992 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. |
|
8 |
CVE-2017-15991 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982. |
|
9 |
CVE-2017-15990 |
434 |
|
|
2017-10-31 |
2020-05-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/. |
|
10 |
CVE-2017-15989 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. |
|
11 |
CVE-2017-15988 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. |
|
12 |
CVE-2017-15987 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. |
|
13 |
CVE-2017-15986 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CPA Lead Reward Script allows SQL Injection via the username parameter. |
|
14 |
CVE-2017-15985 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. |
|
15 |
CVE-2017-15984 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. |
|
16 |
CVE-2017-15983 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. |
|
17 |
CVE-2017-15982 |
89 |
|
Sql |
2017-10-31 |
2020-08-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. |
|
18 |
CVE-2017-15981 |
89 |
|
Sql |
2017-10-31 |
2020-08-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. |
|
19 |
CVE-2017-15980 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter. |
|
20 |
CVE-2017-15979 |
89 |
|
Sql |
2017-10-31 |
2017-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter. |
|
21 |
CVE-2017-15978 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. |
|
22 |
CVE-2017-15977 |
89 |
|
Sql |
2017-10-31 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. |
|
23 |
CVE-2017-15976 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604. |
|
24 |
CVE-2017-15975 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461. |
|
25 |
CVE-2017-15974 |
89 |
|
Sql Bypass |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php. |
|
26 |
CVE-2017-15973 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. |
|
27 |
CVE-2017-15972 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971. |
|
28 |
CVE-2017-15971 |
89 |
|
Sql |
2017-10-29 |
2020-08-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972. |
|
29 |
CVE-2017-15970 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. |
|
30 |
CVE-2017-15969 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. |
|
31 |
CVE-2017-15968 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter. |
|
32 |
CVE-2017-15967 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template. |
|
33 |
CVE-2017-15966 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. |
|
34 |
CVE-2017-15965 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. |
|
35 |
CVE-2017-15964 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. |
|
36 |
CVE-2017-15963 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. |
|
37 |
CVE-2017-15962 |
434 |
|
|
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
iStock Management System 1.0 allows Arbitrary File Upload via user/profile. |
|
38 |
CVE-2017-15961 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. |
|
39 |
CVE-2017-15960 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. |
|
40 |
CVE-2017-15959 |
89 |
|
Sql |
2017-10-29 |
2017-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576. |
|
41 |
CVE-2017-15958 |
89 |
|
Sql |
2017-10-29 |
2017-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php. |
|
42 |
CVE-2017-15951 |
20 |
|
DoS |
2017-10-28 |
2017-11-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. |
|
43 |
CVE-2017-15946 |
89 |
|
Sql |
2017-10-28 |
2017-11-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. |
|
44 |
CVE-2017-15945 |
732 |
|
+Priv |
2017-10-27 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. |
|
45 |
CVE-2017-15935 |
94 |
|
Exec Code |
2017-10-27 |
2017-11-14 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file. |
|
46 |
CVE-2017-15924 |
78 |
|
|
2017-10-27 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. |
|
47 |
CVE-2017-15919 |
89 |
|
Sql |
2017-10-26 |
2017-11-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. |
|
48 |
CVE-2017-15909 |
798 |
|
|
2017-10-26 |
2017-11-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. |
|
49 |
CVE-2017-15907 |
89 |
|
Exec Code Sql |
2017-10-26 |
2017-11-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php. |
|
50 |
CVE-2017-15804 |
119 |
|
Overflow |
2017-10-22 |
2018-06-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. |
