CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2017 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000253 119 Overflow 2017-10-05 2017-12-09
7.2
None Local Low Not required Complete Complete Complete
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
2 CVE-2017-1000116 78 2017-10-05 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
3 CVE-2017-1000111 787 2017-10-05 2020-10-15
7.2
None Local Low Not required Complete Complete Complete
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
4 CVE-2017-16228 Exec Code 2017-10-29 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
5 CVE-2017-15994 354 Bypass 2017-10-29 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.
6 CVE-2017-15993 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
7 CVE-2017-15992 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
8 CVE-2017-15991 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982.
9 CVE-2017-15990 434 2017-10-31 2020-05-06
7.5
None Remote Low Not required Partial Partial Partial
Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/.
10 CVE-2017-15989 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action.
11 CVE-2017-15988 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.
12 CVE-2017-15987 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter.
13 CVE-2017-15986 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
CPA Lead Reward Script allows SQL Injection via the username parameter.
14 CVE-2017-15985 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
15 CVE-2017-15984 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.
16 CVE-2017-15983 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
17 CVE-2017-15982 89 Sql 2017-10-31 2020-08-19
7.5
None Remote Low Not required Partial Partial Partial
Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
18 CVE-2017-15981 89 Sql 2017-10-31 2020-08-19
7.5
None Remote Low Not required Partial Partial Partial
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
19 CVE-2017-15980 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.
20 CVE-2017-15979 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.
21 CVE-2017-15978 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
22 CVE-2017-15977 89 Sql 2017-10-31 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
23 CVE-2017-15976 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
24 CVE-2017-15975 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.
25 CVE-2017-15974 89 Sql Bypass 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
26 CVE-2017-15973 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php.
27 CVE-2017-15972 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971.
28 CVE-2017-15971 89 Sql 2017-10-29 2020-08-19
7.5
None Remote Low Not required Partial Partial Partial
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.
29 CVE-2017-15970 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter.
30 CVE-2017-15969 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.
31 CVE-2017-15968 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.
32 CVE-2017-15967 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template.
33 CVE-2017-15966 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
34 CVE-2017-15965 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
35 CVE-2017-15964 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.
36 CVE-2017-15963 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.
37 CVE-2017-15962 434 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
iStock Management System 1.0 allows Arbitrary File Upload via user/profile.
38 CVE-2017-15961 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.
39 CVE-2017-15960 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.
40 CVE-2017-15959 89 Sql 2017-10-29 2017-11-16
7.5
None Remote Low Not required Partial Partial Partial
Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.
41 CVE-2017-15958 89 Sql 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
42 CVE-2017-15951 20 DoS 2017-10-28 2017-11-13
7.2
None Local Low Not required Complete Complete Complete
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
43 CVE-2017-15946 89 Sql 2017-10-28 2017-11-25
7.5
None Remote Low Not required Partial Partial Partial
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.
44 CVE-2017-15945 732 +Priv 2017-10-27 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.
45 CVE-2017-15935 94 Exec Code 2017-10-27 2017-11-14
9.0
None Remote Low ??? Complete Complete Complete
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file.
46 CVE-2017-15924 78 2017-10-27 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.
47 CVE-2017-15919 89 Sql 2017-10-26 2017-11-14
7.5
None Remote Low Not required Partial Partial Partial
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.
48 CVE-2017-15909 798 2017-10-26 2017-11-15
7.5
None Remote Low Not required Partial Partial Partial
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access.
49 CVE-2017-15907 89 Exec Code Sql 2017-10-26 2017-11-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php.
50 CVE-2017-15804 119 Overflow 2017-10-22 2018-06-20
7.5
None Remote Low Not required Partial Partial Partial
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
Total number of vulnerabilities : 286   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.