| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2017-1000235 |
78 |
|
|
2017-11-17 |
2017-11-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised. |
|
2 |
CVE-2017-1000228 |
20 |
|
Exec Code |
2017-11-17 |
2017-11-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function |
|
3 |
CVE-2017-1000215 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution |
|
4 |
CVE-2017-1000214 |
78 |
|
|
2017-11-27 |
2017-12-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
GitPHP by xiphux is vulnerable to OS Command Injections |
|
5 |
CVE-2017-1000203 |
78 |
|
Exec Code |
2017-11-17 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution |
|
6 |
CVE-2017-1000169 |
20 |
|
Exec Code |
2017-11-17 |
2017-12-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB. |
|
7 |
CVE-2017-17067 |
863 |
|
Bypass |
2017-11-30 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks. |
|
8 |
CVE-2017-16960 |
78 |
|
Exec Code |
2017-11-27 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/interface.lua in uhttpd. |
|
9 |
CVE-2017-16958 |
78 |
|
Exec Code |
2017-11-27 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd. |
|
10 |
CVE-2017-16957 |
78 |
|
Exec Code |
2017-11-27 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function in /usr/lib/lua/luci/controller/admin/diagnostic.lua in uhttpd. |
|
11 |
CVE-2017-16934 |
78 |
|
Exec Code |
2017-11-24 |
2017-12-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp request, which supports a "<%%25call system.exec:" string in the passwd parameter. |
|
12 |
CVE-2017-16926 |
78 |
|
Exec Code |
2017-11-22 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount. |
|
13 |
CVE-2017-16844 |
119 |
|
DoS Exec Code Overflow |
2017-11-16 |
2018-02-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. |
|
14 |
CVE-2017-16820 |
415 |
|
|
2017-11-14 |
2018-09-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact). |
|
15 |
CVE-2017-16667 |
78 |
|
Exec Code |
2017-11-08 |
2019-04-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft an unreadable file with a specific name to run arbitrary shell commands. |
|
16 |
CVE-2017-16660 |
668 |
|
Exec Code |
2017-11-08 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header. |
|
17 |
CVE-2017-16659 |
732 |
|
+Priv |
2017-11-08 |
2020-09-16 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows local users to gain privileges by leveraging access to the assp user account to install a Trojan horse /usr/share/assp/assp.pl script. |
|
18 |
CVE-2017-16641 |
78 |
|
Exec Code |
2017-11-07 |
2017-11-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php. |
|
19 |
CVE-2017-16638 |
732 |
|
+Priv |
2017-11-06 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script. |
|
20 |
CVE-2017-16566 |
287 |
|
|
2017-11-17 |
2021-04-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level control of the device. |
|
21 |
CVE-2017-16523 |
|
|
|
2017-11-03 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented. |
|
22 |
CVE-2017-16522 |
276 |
|
Exec Code |
2017-11-03 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute. |
|
23 |
CVE-2017-15673 |
434 |
|
Exec Code |
2017-11-28 |
2017-12-20 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page. |
|
24 |
CVE-2017-15114 |
295 |
|
+Priv |
2017-11-27 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes. |
|
25 |
CVE-2017-14591 |
88 |
|
Exec Code |
2017-11-29 |
2017-12-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing attackers to execute arbitrary code on a system running the impacted software. |
|
26 |
CVE-2017-14585 |
918 |
|
Exec Code |
2017-11-27 |
2017-12-20 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was introduced in version 2.2.0 of Hipchat Server and version 3.0.0 of Hipchat Data Center. Versions of Hipchat Server starting with 2.2.0 and before 2.2.6 are affected by this vulnerability. Versions of Hipchat Data Center starting with 3.0.0 and before 3.1.0 are affected. |
|
27 |
CVE-2017-14375 |
290 |
|
Bypass |
2017-11-01 |
2021-08-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. |
|
28 |
CVE-2017-14189 |
521 |
|
|
2017-11-29 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password. |
|
29 |
CVE-2017-14176 |
|
|
Exec Code |
2017-11-27 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. |
|
30 |
CVE-2017-14029 |
427 |
|
|
2017-11-06 |
2019-10-09 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine. |
|
31 |
CVE-2017-14027 |
798 |
|
|
2017-11-01 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. The software uses undocumented hard-coded credentials that may allow an attacker to gain remote access. |
|
32 |
CVE-2017-14024 |
119 |
|
Exec Code Overflow |
2017-11-13 |
2017-12-01 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution with high privileges. |
|
33 |
CVE-2017-14021 |
798 |
|
|
2017-11-01 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks. |
|
34 |
CVE-2017-14020 |
427 |
|
|
2017-11-13 |
2018-08-01 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number DM-PGMSW) Versions 2.0.3 and prior; GS Drives Configuration Software (Part Number GSOFT) Versions 4.0.6 and prior; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) Versions 1.1.0.5 and prior; and DirectSOFT Programming Software Versions 6.1 and prior, an uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. Once loaded by the application, the DLL could run malicious code at the privilege level of the application. |
|
35 |
CVE-2017-13872 |
287 |
|
|
2017-11-29 |
2017-12-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name. |
|
36 |
CVE-2017-13846 |
|
|
DoS |
2017-11-13 |
2017-11-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
37 |
CVE-2017-13843 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
38 |
CVE-2017-13838 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
39 |
CVE-2017-13834 |
119 |
|
DoS Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary. |
|
40 |
CVE-2017-13833 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2019-04-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
41 |
CVE-2017-13830 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
42 |
CVE-2017-13829 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
43 |
CVE-2017-13815 |
|
|
DoS |
2017-11-13 |
2017-11-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
44 |
CVE-2017-13811 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
45 |
CVE-2017-13808 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
46 |
CVE-2017-13800 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2017-11-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
47 |
CVE-2017-13799 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-13 |
2019-03-08 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
|
48 |
CVE-2017-12739 |
1188 |
|
Exec Code |
2017-11-15 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attackers to execute arbitrary code on the affected device. |
|
49 |
CVE-2017-12636 |
78 |
|
Exec Code |
2017-11-14 |
2019-05-13 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet. |
|
50 |
CVE-2017-12635 |
269 |
|
Exec Code |
2017-11-14 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges. |
