CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2017-13995 287 2017-10-05 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables.
552 CVE-2017-13994 79 XSS 2017-10-05 2019-10-09
4.3
None Remote Medium Not required None Partial None
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link.
553 CVE-2017-13993 427 Exec Code 2017-10-05 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. This vulnerability does not affect the connected blood glucose monitor and would not impact delivery of therapy to the patient.
554 CVE-2017-13992 331 Exec Code 2017-10-05 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.
555 CVE-2017-13772 119 Exec Code Overflow 2017-10-23 2020-08-31
9.0
None Remote Low ??? Complete Complete Complete
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.
556 CVE-2017-13723 119 Overflow 2017-10-10 2018-02-04
4.6
None Local Low Not required Partial Partial Partial
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
557 CVE-2017-13722 125 2017-10-11 2017-11-13
3.6
None Local Low Not required Partial None Partial
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
558 CVE-2017-13721 269 2017-10-10 2019-10-03
1.9
None Local Medium Not required None None Partial
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
559 CVE-2017-13720 125 DoS 2017-10-11 2017-11-13
3.6
None Local Low Not required Partial None Partial
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.
560 CVE-2017-13706 611 DoS +Info 2017-10-10 2017-11-05
6.5
None Remote Low ??? Partial Partial Partial
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705.
561 CVE-2017-13704 20 2017-10-03 2018-05-11
5.0
None Remote Low Not required None None Partial
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
562 CVE-2017-13683 772 2017-10-23 2019-10-03
2.3
None Local Network Medium ??? None None Partial
In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.
563 CVE-2017-13682 772 2017-10-23 2019-10-03
2.3
None Local Network Medium ??? None None Partial
In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.
564 CVE-2017-13679 DoS 2017-10-10 2019-10-03
1.4
None Local Network High ??? None None Partial
A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
565 CVE-2017-13675 DoS 2017-10-10 2019-10-03
2.3
None Local Network Medium ??? None None Partial
A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
566 CVE-2017-13127 200 +Info 2017-10-20 2017-11-08
6.8
None Remote Medium Not required Partial Partial Partial
The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack.
567 CVE-2017-13090 119 Overflow 2017-10-27 2017-12-30
9.3
None Remote Medium Not required Complete Complete Complete
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer.
568 CVE-2017-13089 119 Overflow 2017-10-27 2017-12-30
9.3
None Remote Medium Not required Complete Complete Complete
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.
569 CVE-2017-13088 330 2017-10-17 2019-10-03
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
570 CVE-2017-13087 330 2017-10-17 2019-10-03
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
571 CVE-2017-13086 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
572 CVE-2017-13084 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
573 CVE-2017-13083 494 Exec Code 2017-10-18 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code
574 CVE-2017-13082 330 2017-10-17 2019-10-03
5.8
None Local Network Low Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
575 CVE-2017-13081 330 2017-10-17 2019-10-03
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
576 CVE-2017-13080 330 2017-10-17 2020-11-10
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
577 CVE-2017-13079 330 2017-10-17 2019-10-03
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
578 CVE-2017-13078 330 2017-10-17 2019-10-03
2.9
None Local Network Medium Not required None Partial None
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
579 CVE-2017-13077 330 2017-10-17 2019-10-03
5.4
None Local Network Medium Not required Partial Partial Partial
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
580 CVE-2017-13069 77 2017-10-06 2017-11-01
7.5
None Remote Low Not required Partial Partial Partial
QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS.
581 CVE-2017-13068 89 Sql +Info 2017-10-06 2017-10-13
5.0
None Remote Low Not required Partial None None
QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.
582 CVE-2017-12861 521 2017-10-10 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device
583 CVE-2017-12860 798 2017-10-10 2019-10-03
5.0
None Remote Low Not required Partial None None
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.
584 CVE-2017-12849 200 +Info 2017-10-12 2017-11-03
5.0
None Remote Low Not required Partial None None
Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks.
585 CVE-2017-12822 306 2017-10-04 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.
586 CVE-2017-12821 119 Exec Code Overflow Mem. Corr. 2017-10-04 2018-05-11
7.5
None Remote Low Not required Partial Partial Partial
Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.
587 CVE-2017-12820 119 DoS Overflow 2017-10-04 2018-05-11
5.0
None Remote Low Not required None None Partial
Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
588 CVE-2017-12819 287 2017-10-04 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55.
589 CVE-2017-12818 119 DoS Overflow 2017-10-04 2018-05-11
5.0
None Remote Low Not required None None Partial
Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
590 CVE-2017-12796 502 Exec Code 2017-10-23 2017-11-21
10.0
None Remote Low Not required Complete Complete Complete
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system commands by crafting malicious XML payloads, as demonstrated by a single admin/reports/reportSchemaXml.form request.
591 CVE-2017-12792 79 XSS CSRF 2017-10-03 2017-10-13
4.3
None Remote Medium Not required None Partial None
Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php.
592 CVE-2017-12732 119 Exec Code Overflow 2017-10-05 2019-10-09
4.9
None Local Network Medium ??? Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution.
593 CVE-2017-12730 428 Exec Code 2017-10-06 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges.
594 CVE-2017-12728 269 Exec Code 2017-10-05 2020-08-19
7.2
None Local Low Not required Complete Complete Complete
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services.
595 CVE-2017-12705 119 Exec Code Overflow 2017-10-25 2017-11-14
4.6
None Local Low Not required Partial Partial Partial
A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an attacker to execute arbitrary code.
596 CVE-2017-12639 119 Exec Code Overflow 2017-10-03 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
597 CVE-2017-12638 119 Exec Code Overflow 2017-10-03 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.
598 CVE-2017-12629 611 Exec Code 2017-10-14 2022-04-19
7.5
None Remote Low Not required Partial Partial Partial
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
599 CVE-2017-12628 502 Exec Code 2017-10-20 2017-11-08
7.2
None Local Low Not required Complete Complete Complete
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library.
600 CVE-2017-12623 611 2017-10-10 2017-11-05
4.0
None Remote Low ??? Partial None None
An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release.
Total number of vulnerabilities : 1429   Page : 1 2 3 4 5 6 7 8 9 10 11 12 (This Page)13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.