| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
501 |
CVE-2017-14089 |
119 |
|
Overflow Mem. Corr. |
2017-10-06 |
2018-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues. |
|
502 |
CVE-2017-14088 |
119 |
|
Exec Code Overflow Mem. Corr. |
2017-10-06 |
2017-10-13 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability. |
|
503 |
CVE-2017-14087 |
20 |
|
|
2017-10-06 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. |
|
504 |
CVE-2017-14086 |
400 |
|
|
2017-10-06 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with dump files from continuous HTTP requests. |
|
505 |
CVE-2017-14085 |
200 |
|
+Info |
2017-10-06 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules. |
|
506 |
CVE-2017-14084 |
|
|
Exec Code |
2017-10-06 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations. |
|
507 |
CVE-2017-14083 |
|
|
|
2017-10-06 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. |
|
508 |
CVE-2017-14019 |
428 |
|
|
2017-10-19 |
2019-10-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges. |
|
509 |
CVE-2017-14017 |
427 |
|
Exec Code |
2017-10-19 |
2019-10-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file. |
|
510 |
CVE-2017-14013 |
669 |
|
+Priv Bypass |
2017-10-17 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the user's session only on the client side. This may allow an attacker to bypass protection mechanisms, gain privileges, or assume the identity of an authenticated user. |
|
511 |
CVE-2017-14011 |
352 |
|
Exec Code CSRF |
2017-10-17 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the configuration of the device. |
|
512 |
CVE-2017-14009 |
319 |
|
|
2017-10-17 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When an authenticated user uses the Change Password feature on the application, the current password for the user is specified in plaintext. This may allow an attacker who has been authenticated to gain access to the password. |
|
513 |
CVE-2017-14007 |
613 |
|
|
2017-10-17 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user's session is available for an extended period beyond the last activity, allowing an attacker to reuse an old session for authorization. |
|
514 |
CVE-2017-14005 |
640 |
|
|
2017-10-17 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes. |
|
515 |
CVE-2017-14003 |
287 |
|
Bypass |
2017-10-11 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass authentication by accessing a specific uniform resource locator. |
|
516 |
CVE-2017-14000 |
287 |
|
|
2017-10-05 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating. |
|
517 |
CVE-2017-13999 |
119 |
|
Overflow |
2017-10-17 |
2018-01-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be able to crash the application or run arbitrary code. |
|
518 |
CVE-2017-13998 |
522 |
|
|
2017-10-05 |
2019-10-09 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access. |
|
519 |
CVE-2017-13997 |
306 |
|
Exec Code Bypass |
2017-10-03 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio provides the capability for an HMI client to trigger script execution on the server for the purposes of performing customized calculations or actions. A remote malicious entity could bypass the server authentication and trigger the execution of an arbitrary command. The command is executed under high privileges and could lead to a complete compromise of the server. |
|
520 |
CVE-2017-13996 |
22 |
|
Exec Code Dir. Trav. |
2017-10-05 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code. |
|
521 |
CVE-2017-13995 |
287 |
|
|
2017-10-05 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables. |
|
522 |
CVE-2017-13994 |
79 |
|
XSS |
2017-10-05 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link. |
|
523 |
CVE-2017-13993 |
427 |
|
Exec Code |
2017-10-05 |
2019-10-09 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. This vulnerability does not affect the connected blood glucose monitor and would not impact delivery of therapy to the patient. |
|
524 |
CVE-2017-13992 |
331 |
|
Exec Code |
2017-10-05 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution. |
|
525 |
CVE-2017-13772 |
119 |
|
Exec Code Overflow |
2017-10-23 |
2020-08-31 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm. |
|
526 |
CVE-2017-13723 |
119 |
|
Overflow |
2017-10-10 |
2018-02-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. |
|
527 |
CVE-2017-13722 |
125 |
|
|
2017-10-11 |
2017-11-13 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
|
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. |
|
528 |
CVE-2017-13720 |
125 |
|
DoS |
2017-10-11 |
2017-11-13 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
|
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters. |
|
529 |
CVE-2017-13706 |
611 |
|
DoS +Info |
2017-10-10 |
2017-11-05 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705. |
|
530 |
CVE-2017-13704 |
20 |
|
|
2017-10-03 |
2018-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. |
|
531 |
CVE-2017-13127 |
200 |
|
+Info |
2017-10-20 |
2017-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack. |
|
532 |
CVE-2017-13090 |
119 |
|
Overflow |
2017-10-27 |
2017-12-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer. |
|
533 |
CVE-2017-13089 |
119 |
|
Overflow |
2017-10-27 |
2017-12-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. |
|
534 |
CVE-2017-13086 |
330 |
|
|
2017-10-17 |
2019-10-03 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
|
535 |
CVE-2017-13084 |
330 |
|
|
2017-10-17 |
2019-10-03 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
|
536 |
CVE-2017-13083 |
494 |
|
Exec Code |
2017-10-18 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code |
|
537 |
CVE-2017-13082 |
330 |
|
|
2017-10-17 |
2019-10-03 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
|
538 |
CVE-2017-13077 |
330 |
|
|
2017-10-17 |
2019-10-03 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
|
539 |
CVE-2017-13069 |
77 |
|
|
2017-10-06 |
2017-11-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS. |
|
540 |
CVE-2017-13068 |
89 |
|
Sql +Info |
2017-10-06 |
2017-10-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. |
|
541 |
CVE-2017-12861 |
521 |
|
|
2017-10-10 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device |
|
542 |
CVE-2017-12860 |
798 |
|
|
2017-10-10 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices. |
|
543 |
CVE-2017-12849 |
200 |
|
+Info |
2017-10-12 |
2017-11-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks. |
|
544 |
CVE-2017-12822 |
306 |
|
|
2017-10-04 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors. |
|
545 |
CVE-2017-12821 |
119 |
|
Exec Code Overflow Mem. Corr. |
2017-10-04 |
2018-05-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution. |
|
546 |
CVE-2017-12820 |
119 |
|
DoS Overflow |
2017-10-04 |
2018-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. |
|
547 |
CVE-2017-12819 |
287 |
|
|
2017-10-04 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. |
|
548 |
CVE-2017-12818 |
119 |
|
DoS Overflow |
2017-10-04 |
2018-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. |
|
549 |
CVE-2017-12796 |
502 |
|
Exec Code |
2017-10-23 |
2017-11-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request. |
|
550 |
CVE-2017-12792 |
79 |
|
XSS CSRF |
2017-10-03 |
2017-10-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php. |
