CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2017 (CVSS score >= 4)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2017-14357 79 XSS 2017-10-31 2017-11-21
4.3
None Remote Medium Not required None Partial None
A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow Reflected and Stored Cross-Site Scripting (XSS)
452 CVE-2017-14356 89 Sql 2017-10-31 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.
453 CVE-2017-14354 79 XSS 2017-10-05 2017-11-11
4.3
None Remote Medium Not required None Partial None
A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.
454 CVE-2017-14353 94 Exec Code 2017-10-05 2017-11-11
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution.
455 CVE-2017-14332 2017-10-23 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
456 CVE-2017-14331 Bypass 2017-10-23 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.
457 CVE-2017-14330 269 2017-10-23 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
458 CVE-2017-14329 269 2017-10-23 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
459 CVE-2017-14328 119 Overflow 2017-10-23 2019-10-17
7.8
None Remote Low Not required None None Complete
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
460 CVE-2017-14327 200 +Info 2017-10-23 2017-11-08
4.9
None Local Low Not required Complete None None
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.
461 CVE-2017-14322 287 Bypass 2017-10-18 2019-05-10
10.0
None Remote Low Not required Complete Complete Complete
The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted value.
462 CVE-2017-14250 20 2017-10-31 2017-11-22
6.8
None Remote Low ??? None None Complete
In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Firmware Version 3.11.7 Build 100603 Rel.56412n and Hardware Version: WR741N v1/v2 00000000, parameter SSID in the "Wireless Settings" is not properly validated. It's possible to inject malicious code: </script><H1>BUG/* </script><a href=XXX.com>. The second payload blocks the change of wireless settings. A factory reset is required.
463 CVE-2017-14182 20 DoS 2017-10-27 2017-10-31
4.0
None Remote Low ??? None None Partial
A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API.
464 CVE-2017-14163 384 2017-10-31 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5, and 17.x before 17.04.3. When one closes the browser without logging out of Mahara, the value in the usr_session table is not removed. If someone were to open a browser, visit the Mahara site, and adjust the 'mahara' cookie to the old value, they can get access to the user's account.
465 CVE-2017-14089 119 Overflow Mem. Corr. 2017-10-06 2018-10-09
7.5
None Remote Low Not required Partial Partial Partial
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
466 CVE-2017-14088 119 Exec Code Overflow Mem. Corr. 2017-10-06 2017-10-13
6.9
None Local Medium Not required Complete Complete Complete
Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
467 CVE-2017-14087 20 2017-10-06 2018-10-09
5.0
None Remote Low Not required None Partial None
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.
468 CVE-2017-14086 400 2017-10-06 2019-10-03
7.8
None Remote Low Not required None None Complete
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with dump files from continuous HTTP requests.
469 CVE-2017-14085 200 +Info 2017-10-06 2018-10-09
5.0
None Remote Low Not required Partial None None
Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules.
470 CVE-2017-14084 Exec Code 2017-10-06 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.
471 CVE-2017-14083 2017-10-06 2019-10-03
5.0
None Remote Low Not required Partial None None
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file.
472 CVE-2017-14019 428 2017-10-19 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges.
473 CVE-2017-14017 427 Exec Code 2017-10-19 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.
474 CVE-2017-14013 669 +Priv Bypass 2017-10-17 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the user's session only on the client side. This may allow an attacker to bypass protection mechanisms, gain privileges, or assume the identity of an authenticated user.
475 CVE-2017-14011 352 Exec Code CSRF 2017-10-17 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the configuration of the device.
476 CVE-2017-14009 319 2017-10-17 2019-10-09
4.0
None Remote Low ??? Partial None None
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When an authenticated user uses the Change Password feature on the application, the current password for the user is specified in plaintext. This may allow an attacker who has been authenticated to gain access to the password.
477 CVE-2017-14007 613 2017-10-17 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user's session is available for an extended period beyond the last activity, allowing an attacker to reuse an old session for authorization.
478 CVE-2017-14005 640 2017-10-17 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes.
479 CVE-2017-14003 287 Bypass 2017-10-11 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass authentication by accessing a specific uniform resource locator.
480 CVE-2017-14000 287 2017-10-05 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.
481 CVE-2017-13999 119 Overflow 2017-10-17 2018-01-13
7.5
None Remote Low Not required Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be able to crash the application or run arbitrary code.
482 CVE-2017-13998 522 2017-10-05 2019-10-09
6.0
None Remote Medium ??? Partial Partial Partial
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access.
483 CVE-2017-13997 306 Exec Code Bypass 2017-10-03 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio provides the capability for an HMI client to trigger script execution on the server for the purposes of performing customized calculations or actions. A remote malicious entity could bypass the server authentication and trigger the execution of an arbitrary command. The command is executed under high privileges and could lead to a complete compromise of the server.
484 CVE-2017-13996 22 Exec Code Dir. Trav. 2017-10-05 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.
485 CVE-2017-13995 287 2017-10-05 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables.
486 CVE-2017-13994 79 XSS 2017-10-05 2019-10-09
4.3
None Remote Medium Not required None Partial None
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link.
487 CVE-2017-13993 427 Exec Code 2017-10-05 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. This vulnerability does not affect the connected blood glucose monitor and would not impact delivery of therapy to the patient.
488 CVE-2017-13992 331 Exec Code 2017-10-05 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.
489 CVE-2017-13772 119 Exec Code Overflow 2017-10-23 2020-08-31
9.0
None Remote Low ??? Complete Complete Complete
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.
490 CVE-2017-13723 119 Overflow 2017-10-10 2018-02-04
4.6
None Local Low Not required Partial Partial Partial
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
491 CVE-2017-13706 611 DoS +Info 2017-10-10 2017-11-05
6.5
None Remote Low ??? Partial Partial Partial
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705.
492 CVE-2017-13704 20 2017-10-03 2018-05-11
5.0
None Remote Low Not required None None Partial
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
493 CVE-2017-13127 200 +Info 2017-10-20 2017-11-08
6.8
None Remote Medium Not required Partial Partial Partial
The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack.
494 CVE-2017-13090 119 Overflow 2017-10-27 2017-12-30
9.3
None Remote Medium Not required Complete Complete Complete
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer.
495 CVE-2017-13089 119 Overflow 2017-10-27 2017-12-30
9.3
None Remote Medium Not required Complete Complete Complete
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.
496 CVE-2017-13086 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
497 CVE-2017-13084 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
498 CVE-2017-13083 494 Exec Code 2017-10-18 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code
499 CVE-2017-13082 330 2017-10-17 2019-10-03
5.8
None Local Network Low Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
500 CVE-2017-13077 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Total number of vulnerabilities : 1249   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.