| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2017-17933 |
79 |
|
XSS |
2017-12-29 |
2021-09-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter. |
|
52 |
CVE-2017-17932 |
119 |
|
DoS Exec Code Overflow |
2017-12-28 |
2019-05-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888. |
|
53 |
CVE-2017-17931 |
89 |
|
Sql |
2017-12-27 |
2018-01-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. |
|
54 |
CVE-2017-17930 |
352 |
|
CSRF |
2017-12-27 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. |
|
55 |
CVE-2017-17929 |
79 |
|
XSS |
2017-12-27 |
2018-01-10 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
PHP Scripts Mall Professional Service Script has XSS via the admin/bannerview.php view parameter. |
|
56 |
CVE-2017-17928 |
89 |
|
Sql |
2017-12-27 |
2018-01-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. |
|
57 |
CVE-2017-17927 |
22 |
|
Dir. Trav. +Info |
2017-12-27 |
2018-01-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. |
|
58 |
CVE-2017-17926 |
200 |
|
+Info |
2017-12-27 |
2018-01-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. |
|
59 |
CVE-2017-17925 |
79 |
|
XSS |
2017-12-27 |
2018-01-10 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
PHP Scripts Mall Professional Service Script has XSS via the admin/general_settingupd.php website_title parameter. |
|
60 |
CVE-2017-17924 |
22 |
|
Dir. Trav. +Info |
2017-12-27 |
2018-01-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. |
|
61 |
CVE-2017-17920 |
89 |
|
Exec Code Sql |
2017-12-29 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input. |
|
62 |
CVE-2017-17919 |
89 |
|
Exec Code Sql |
2017-12-29 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input. |
|
63 |
CVE-2017-17917 |
89 |
|
Exec Code Sql |
2017-12-29 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input. |
|
64 |
CVE-2017-17916 |
89 |
|
Exec Code Sql |
2017-12-29 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input. |
|
65 |
CVE-2017-17915 |
125 |
|
|
2017-12-27 |
2020-02-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. |
|
66 |
CVE-2017-17914 |
834 |
|
DoS |
2017-12-27 |
2020-09-08 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. |
|
67 |
CVE-2017-17913 |
125 |
|
|
2017-12-27 |
2020-02-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. |
|
68 |
CVE-2017-17912 |
125 |
|
|
2017-12-27 |
2020-02-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. |
|
69 |
CVE-2017-17911 |
79 |
|
XSS |
2017-12-27 |
2018-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?p=core/contact request, aka Open Bug Bounty ID OBB-278503. |
|
70 |
CVE-2017-17910 |
330 |
|
+Info |
2017-12-29 |
2019-10-03 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The interception of the one-time pairing process is specifically not required. Due to use of AES-128 with an initial static random value and static data vector (all of this static information is the same across different customers' installations), the attacker can easily derive the utilized encryption key and decrypt the intercepted packet. The key can be verified by decrypting the intercepted packet and checking for known plaintext. Subsequently, an attacker can create arbitrary radio frames with the correct encryption key to control BiSecur garage and entrance gate operators and possibly other BiSecur systems as well ("wireless cloning"). To conduct the attack, a low cost Software Defined Radio (SDR) is sufficient. This affects Hoermann Hand Transmitter HS5-868-BS, HSE1-868-BS, and HSE2-868-BS devices. |
|
71 |
CVE-2017-17909 |
79 |
|
XSS |
2017-12-27 |
2018-01-10 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter. |
|
72 |
CVE-2017-17908 |
352 |
|
CSRF |
2017-12-27 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. |
|
73 |
CVE-2017-17907 |
79 |
|
XSS |
2017-12-27 |
2018-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. |
|
74 |
CVE-2017-17906 |
89 |
|
Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. |
|
75 |
CVE-2017-17905 |
352 |
|
CSRF |
2017-12-27 |
2018-01-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. |
|
76 |
CVE-2017-17904 |
79 |
|
XSS |
2017-12-27 |
2018-01-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the edit_profile_first_name parameter to user/edit_profile. |
|
77 |
CVE-2017-17903 |
352 |
|
CSRF |
2017-12-27 |
2018-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. |
|
78 |
CVE-2017-17901 |
400 |
|
DoS |
2017-12-29 |
2018-01-17 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (CPU consumption) via a flood of IP packets with a TTL of 1. |
|
79 |
CVE-2017-17900 |
89 |
|
Exec Code Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter. |
|
80 |
CVE-2017-17899 |
89 |
|
Exec Code Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter. |
|
81 |
CVE-2017-17898 |
200 |
|
+Info |
2017-12-27 |
2018-01-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information. |
|
82 |
CVE-2017-17897 |
89 |
|
Exec Code Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
|
83 |
CVE-2017-17896 |
79 |
|
XSS |
2017-12-27 |
2018-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Readymade Job Site Script has XSS via the keyword parameter to the /job URI. |
|
84 |
CVE-2017-17895 |
89 |
|
Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. |
|
85 |
CVE-2017-17894 |
352 |
|
CSRF |
2017-12-27 |
2018-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Readymade Job Site Script has CSRF via the /job URI. |
|
86 |
CVE-2017-17893 |
79 |
|
XSS |
2017-12-27 |
2018-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Readymade Video Sharing Script has XSS via the search_video.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter. |
|
87 |
CVE-2017-17892 |
89 |
|
Sql |
2017-12-27 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter. |
|
88 |
CVE-2017-17891 |
352 |
|
CSRF |
2017-12-27 |
2018-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Readymade Video Sharing Script has CSRF via user-profile-edit.php. |
|
89 |
CVE-2017-17888 |
78 |
|
Exec Code |
2017-12-27 |
2018-01-17 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary OS commands via crafted multipart/form-data content, a different vulnerability than CVE-2017-9097. |
|
90 |
CVE-2017-17887 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage. |
|
91 |
CVE-2017-17886 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file. |
|
92 |
CVE-2017-17885 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file. |
|
93 |
CVE-2017-17884 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file. |
|
94 |
CVE-2017-17883 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file. |
|
95 |
CVE-2017-17882 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file. |
|
96 |
CVE-2017-17881 |
772 |
|
DoS |
2017-12-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file. |
|
97 |
CVE-2017-17880 |
125 |
|
|
2017-12-27 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. |
|
98 |
CVE-2017-17879 |
125 |
|
|
2017-12-27 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. |
|
99 |
CVE-2017-17878 |
327 |
|
|
2017-12-27 |
2018-01-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting). |
|
100 |
CVE-2017-17877 |
|
|
|
2017-12-27 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878. |
