CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2017 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1001003 20 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
2 CVE-2017-1001002 94 Exec Code 2017-11-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
3 CVE-2017-1000248 502 2017-11-17 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
4 CVE-2017-1000237 918 2017-11-17 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
5 CVE-2017-1000235 78 2017-11-17 2017-11-29
10.0
None Remote Low Not required Complete Complete Complete
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
6 CVE-2017-1000232 415 2017-11-17 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
7 CVE-2017-1000231 415 2017-11-17 2018-02-04
7.5
None Remote Low Not required Partial Partial Partial
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
8 CVE-2017-1000228 20 Exec Code 2017-11-17 2017-11-30
10.0
None Remote Low Not required Complete Complete Complete
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
9 CVE-2017-1000220 78 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
10 CVE-2017-1000219 78 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
11 CVE-2017-1000218 119 DoS Exec Code Overflow 2017-11-17 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
12 CVE-2017-1000215 78 Exec Code 2017-11-17 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
13 CVE-2017-1000214 78 2017-11-27 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
GitPHP by xiphux is vulnerable to OS Command Injections
14 CVE-2017-1000212 Exec Code 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
15 CVE-2017-1000210 119 DoS Exec Code Overflow 2017-11-17 2017-11-29
7.5
None Remote Low Not required Partial Partial Partial
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
16 CVE-2017-1000206 119 Exec Code Overflow 2017-11-17 2017-12-01
7.5
None Remote Low Not required Partial Partial Partial
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
17 CVE-2017-1000203 78 Exec Code 2017-11-17 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
18 CVE-2017-1000197 417 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
19 CVE-2017-1000196 94 Exec Code 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
20 CVE-2017-1000194 434 2017-11-17 2020-08-03
7.5
None Remote Low Not required Partial Partial Partial
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server.
21 CVE-2017-1000191 400 2017-11-17 2017-12-04
7.8
None Remote Low Not required None None Complete
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
22 CVE-2017-1000173 125 Exec Code Overflow 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow.
23 CVE-2017-1000172 416 Exec Code 2017-11-17 2017-11-30
7.5
None Remote Low Not required Partial Partial Partial
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.
24 CVE-2017-1000169 20 Exec Code 2017-11-17 2017-12-02
10.0
None Remote Low Not required Complete Complete Complete
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.
25 CVE-2017-1000158 190 Exec Code Overflow 2017-11-17 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
26 CVE-2017-1000154 287 2017-11-03 2017-11-13
7.5
None Remote Low Not required Partial Partial Partial
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended.
27 CVE-2017-1000153 732 2017-11-03 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account.
28 CVE-2017-1000152 2017-11-03 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such as an admin changing another user's account settings.
29 CVE-2017-1000121 190 Overflow 2017-11-01 2017-11-21
7.5
None Remote Low Not required Partial Partial Partial
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
30 CVE-2017-17067 863 Bypass 2017-11-30 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.
31 CVE-2017-17065 20 DoS 2017-11-30 2017-12-20
7.8
None Remote Low Not required None None Complete
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request.
32 CVE-2017-17052 416 2017-11-29 2017-12-20
7.2
None Local Low Not required Complete Complete Complete
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program.
33 CVE-2017-17045 416 DoS +Priv +Info 2017-11-28 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
34 CVE-2017-16960 78 Exec Code 2017-11-27 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/interface.lua in uhttpd.
35 CVE-2017-16958 78 Exec Code 2017-11-27 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd.
36 CVE-2017-16957 78 Exec Code 2017-11-27 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function in /usr/lib/lua/luci/controller/admin/diagnostic.lua in uhttpd.
37 CVE-2017-16943 416 DoS Exec Code 2017-11-25 2021-05-04
7.5
None Remote Low Not required Partial Partial Partial
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
38 CVE-2017-16939 416 DoS +Priv 2017-11-24 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
39 CVE-2017-16934 78 Exec Code 2017-11-24 2017-12-11
10.0
None Remote Low Not required Complete Complete Complete
The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp request, which supports a "<%%25call system.exec:" string in the passwd parameter.
40 CVE-2017-16931 119 Overflow 2017-11-23 2021-07-20
7.5
None Remote Low Not required Partial Partial Partial
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
41 CVE-2017-16927 119 DoS Overflow 2017-11-23 2020-07-08
7.2
None Local Low Not required Complete Complete Complete
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.
42 CVE-2017-16926 78 Exec Code 2017-11-22 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
43 CVE-2017-16923 78 Exec Code 2017-11-21 2019-10-03
8.3
None Local Network Low Not required Complete Complete Complete
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the "sub_A6E8 usbeject_process_entry" function executes a system function with untrusted input.
44 CVE-2017-16920 2017-11-21 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via a member api swfupload action to index.php.
45 CVE-2017-16903 22 Exec Code Dir. Trav. 2017-11-20 2017-12-12
7.5
None Remote Low Not required Partial Partial Partial
LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php.
46 CVE-2017-16902 119 Overflow 2017-11-20 2017-12-12
7.8
None Remote Low Not required None None Complete
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.
47 CVE-2017-16896 89 Sql 2017-11-20 2017-12-05
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
48 CVE-2017-16872 119 Overflow 2017-11-17 2021-09-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted back to strings, a buffer overrun. This will lead to a potential exploit using carefully crafted invalid values.
49 CVE-2017-16855 384 2017-11-16 2017-12-04
7.5
None Remote Low Not required Partial Partial Partial
Ipsilon before 2.1.0 has a "SAML2 multi-session vulnerability."
50 CVE-2017-16851 89 Sql 2017-11-16 2018-08-07
7.5
None Remote Low Not required Partial Partial Partial
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter.
Total number of vulnerabilities : 346   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.