| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
451 |
CVE-2017-10912 |
|
|
|
2017-07-05 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. |
|
452 |
CVE-2017-10911 |
200 |
|
+Info |
2017-07-05 |
2018-09-07 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216. |
|
453 |
CVE-2017-10810 |
772 |
|
DoS |
2017-07-04 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. |
|
454 |
CVE-2017-10807 |
287 |
|
|
2017-07-04 |
2017-11-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled. |
|
455 |
CVE-2017-10805 |
863 |
|
|
2017-07-04 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users. |
|
456 |
CVE-2017-10804 |
306 |
|
Bypass |
2017-07-04 |
2017-07-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before 2.6.3 is used. |
|
457 |
CVE-2017-10803 |
502 |
|
Exec Code |
2017-07-04 |
2019-10-03 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used. |
|
458 |
CVE-2017-10801 |
79 |
|
XSS |
2017-07-19 |
2017-08-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI. |
|
459 |
CVE-2017-10800 |
400 |
|
DoS |
2017-07-03 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. |
|
460 |
CVE-2017-10799 |
400 |
|
DoS |
2017-07-03 |
2019-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). |
|
461 |
CVE-2017-10798 |
79 |
|
XSS |
2017-07-03 |
2017-07-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In ObjectPlanet Opinio before 7.6.4, there is XSS. |
|
462 |
CVE-2017-10796 |
287 |
|
|
2017-07-02 |
2017-07-19 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
On TP-Link NC250 devices with firmware through 1.2.1 build 170515, anyone can view video and audio without authentication via an rtsp://admin@yourip:554/h264_hd.sdp URL. |
|
463 |
CVE-2017-10795 |
79 |
|
XSS |
2017-07-02 |
2018-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote attackers to inject arbitrary web script or HTML via the body to blog/add/, a different vulnerability than CVE-2017-6069. |
|
464 |
CVE-2017-10794 |
119 |
|
Overflow |
2017-07-02 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. |
|
465 |
CVE-2017-10792 |
476 |
|
DoS |
2017-07-02 |
2017-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. |
|
466 |
CVE-2017-10791 |
190 |
|
DoS Overflow |
2017-07-02 |
2017-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. |
|
467 |
CVE-2017-10790 |
476 |
|
DoS |
2017-07-02 |
2021-06-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. |
|
468 |
CVE-2017-10789 |
|
|
|
2017-07-01 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be encrypted" statement), which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152. |
|
469 |
CVE-2017-10788 |
416 |
|
DoS |
2017-07-01 |
2017-07-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples. |
|
470 |
CVE-2017-10783 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393." |
|
471 |
CVE-2017-10782 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca." |
|
472 |
CVE-2017-10781 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByName+0x00000000000000a5." |
|
473 |
CVE-2017-10780 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000372b4a." |
|
474 |
CVE-2017-10779 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000013a20." |
|
475 |
CVE-2017-10778 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000233125." |
|
476 |
CVE-2017-10777 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000372b24." |
|
477 |
CVE-2017-10776 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at ntdll_77df0000!LdrShutdownProcess+0x0000000000000130." |
|
478 |
CVE-2017-10775 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb." |
|
479 |
CVE-2017-10774 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!FindSortHashNode+0x0000000000000040." |
|
480 |
CVE-2017-10773 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at MSCTF!_CtfImeCreateThreadMgr+0x00000000000000a8." |
|
481 |
CVE-2017-10772 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (with RPC initialization). |
|
482 |
CVE-2017-10771 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCreateSplitBlock+0x0000000000000510." |
|
483 |
CVE-2017-10770 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCreateSplitBlock+0x000000000000053a." |
|
484 |
CVE-2017-10769 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (without RPC initialization). |
|
485 |
CVE-2017-10768 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca." |
|
486 |
CVE-2017-10767 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!StateObjectListFind+0x0000000000000005." |
|
487 |
CVE-2017-10766 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAnalyse+0x00000000000001c8." |
|
488 |
CVE-2017-10765 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at IMM32!ImmLockImeDpi+0x0000000000000050." |
|
489 |
CVE-2017-10764 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at COMCTL32!Tab_OnGetItem+0x000000000000002f." |
|
490 |
CVE-2017-10763 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByHandle+0x0000000000000031." |
|
491 |
CVE-2017-10762 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x000000000000042f." |
|
492 |
CVE-2017-10761 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429." |
|
493 |
CVE-2017-10760 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at COMCTL32!SetStatusText+0x0000000000000029." |
|
494 |
CVE-2017-10759 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInsertDependencyRecord+0x0000000000000039." |
|
495 |
CVE-2017-10758 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000004b4." |
|
496 |
CVE-2017-10757 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6." |
|
497 |
CVE-2017-10756 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpRemoveUCRBlock+0x0000000000000046." |
|
498 |
CVE-2017-10755 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInitializeThread+0x000000000000010b." |
|
499 |
CVE-2017-10754 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031." |
|
500 |
CVE-2017-10753 |
119 |
|
DoS Overflow |
2017-07-05 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByMapping+0x0000000000000046." |
