CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
951 CVE-2016-3083 295 2017-05-30 2017-06-01
5.0
None Remote Low Not required None Partial None
Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be verifying the common name attribute of the certificate. In this way, if a JDBC client sends an SSL request to server abc.com, and the server responds with a valid certificate (certified by CA) but issued to xyz.com, the client will accept that as a valid certificate and the SSL handshake will go through.
952 CVE-2016-3032 79 XSS 2017-05-10 2017-05-15
3.5
None Remote Medium ??? None Partial None
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114516.
953 CVE-2016-2930 284 2017-05-03 2017-05-12
5.0
None Remote Low Not required None Partial None
IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM X-Force ID: 5512.
954 CVE-2016-2165 20 2017-05-25 2021-08-25
4.3
None Remote Medium Not required None Partial None
The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malicious scripts to be written directly into the 404 response.
955 CVE-2016-2126 264 2017-05-11 2018-05-11
4.0
None Remote Low ??? None None Partial
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
956 CVE-2016-1876 264 +Priv 2017-05-23 2017-06-07
7.2
None Local Low Not required Complete Complete Complete
The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors.
957 CVE-2016-0781 79 XSS 2017-05-25 2021-08-06
4.3
None Remote Medium Not required None Partial None
The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in either the OAuth scopes (SCIM groups) or SCIM group descriptions.
958 CVE-2016-0780 399 DoS Bypass 2017-05-25 2021-08-25
5.0
None Remote Low Not required None None Partial
It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications.
959 CVE-2016-0761 19 2017-05-25 2021-08-25
10.0
None Remote Low Not required Complete Complete Complete
Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host.
960 CVE-2016-0382 200 +Info 2017-05-03 2017-05-12
2.1
None Local Low Not required Partial None None
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
961 CVE-2016-0255 79 XSS 2017-05-05 2017-05-12
4.3
None Remote Medium Not required None Partial None
IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 110564.
962 CVE-2015-9059 77 Exec Code 2017-05-28 2020-06-28
10.0
None Remote Low Not required Complete Complete Complete
picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely.
963 CVE-2015-9058 601 2017-05-03 2017-05-16
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.
964 CVE-2015-9057 79 XSS 2017-05-03 2017-05-12
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm.
965 CVE-2015-9004 264 +Priv 2017-05-02 2017-05-12
9.3
None Remote Medium Not required Complete Complete Complete
kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.
966 CVE-2015-9003 310 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
967 CVE-2015-9002 189 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
968 CVE-2015-9001 200 +Info 2017-05-16 2017-07-11
4.3
None Remote Medium Not required Partial None None
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
969 CVE-2015-9000 476 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
970 CVE-2015-8999 119 Overflow 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
971 CVE-2015-8998 190 Overflow 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
972 CVE-2015-8997 362 2017-05-16 2017-07-11
7.6
None Remote High Not required Complete Complete Complete
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
973 CVE-2015-8996 362 2017-05-16 2017-07-11
7.6
None Remote High Not required Complete Complete Complete
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
974 CVE-2015-8995 190 Overflow 2017-05-16 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
975 CVE-2015-8477 79 XSS 2017-05-23 2017-05-31
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.
976 CVE-2015-8257 77 Exec Code 2017-05-02 2017-05-16
9.0
None Remote Low ??? Complete Complete Complete
The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.
977 CVE-2015-8089 264 DoS +Priv 2017-05-23 2017-06-06
6.9
None Local Medium Not required Complete Complete Complete
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application.
978 CVE-2015-6817 287 2017-05-23 2020-11-03
6.8
None Remote Medium Not required Partial Partial Partial
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
979 CVE-2015-6586 200 +Info 2017-05-23 2017-06-07
5.0
None Remote Low Not required Partial None None
The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network.
980 CVE-2015-5682 264 2017-05-23 2017-06-08
5.0
None Remote Low Not required None Partial None
upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable.
981 CVE-2015-5609 22 Dir. Trav. 2017-05-23 2017-06-08
6.4
None Remote Low Not required Partial Partial None
Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote attackers to read and delete arbitrary files via a full pathname in the file parameter to download.php.
982 CVE-2015-5469 22 Dir. Trav. 2017-05-23 2017-05-31
5.0
None Remote Low Not required Partial None None
Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php.
983 CVE-2015-5468 22 Dir. Trav. 2017-05-23 2017-06-01
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to includes/download.php.
984 CVE-2015-5436 DoS 2017-05-11 2020-11-24
7.8
None Remote Low Not required None None Complete
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
985 CVE-2015-5401 20 DoS 2017-05-23 2017-06-06
5.0
None Remote Low Not required None None Partial
Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.
986 CVE-2015-5383 200 +Info 2017-05-23 2018-10-30
5.0
None Remote Low Not required Partial None None
Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.
987 CVE-2015-5382 200 +Info 2017-05-23 2018-10-30
4.0
None Remote Low ??? Partial None None
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard.
988 CVE-2015-5381 79 XSS 2017-05-23 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI.
989 CVE-2015-5241 601 2017-05-19 2017-05-31
5.8
None Remote Medium Not required Partial Partial None
After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-console'. User session data, credentials, and auth tokens are cleared before the redirect.
990 CVE-2015-5211 552 2017-05-25 2022-06-05
9.3
None Remote Medium Not required Complete Complete Complete
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.
991 CVE-2015-4704 22 Dir. Trav. 2017-05-23 2017-05-31
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php.
992 CVE-2015-4455 434 Exec Code 2017-05-23 2017-06-08
7.5
None Remote Low Not required Partial Partial Partial
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/gform_aviary.
993 CVE-2015-4070 601 2017-05-17 2017-05-24
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in the proxyimages function in wowproxy.php in the Wow Moodboard Lite plugin 1.1.1.1 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
994 CVE-2015-4054 476 DoS 2017-05-23 2020-11-03
5.0
None Remote Low Not required None None Partial
PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet.
995 CVE-2015-4046 77 Exec Code 2017-05-23 2017-05-30
6.5
None Remote Low ??? Partial Partial Partial
The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php.
996 CVE-2015-4045 264 +Priv 2017-05-23 2017-05-30
7.2
None Local Low Not required Complete Complete Complete
The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script.
997 CVE-2015-3998 79 XSS 2017-05-17 2017-05-24
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote attackers to inject arbitrary web script or HTML via the query parameter to whois.php.
998 CVE-2015-3191 352 CSRF 2017-05-25 2021-08-25
6.8
None Remote Medium Not required Partial Partial Partial
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an attacker to trigger an e-mail change for a user logged into a cloud foundry instance via a malicious link on a attacker controlled site. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected.
999 CVE-2015-3190 601 2017-05-25 2021-08-25
5.8
None Remote Medium Not required Partial Partial None
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter.
1000 CVE-2015-3189 640 2017-05-25 2021-08-25
4.3
None Remote Medium Not required Partial None None
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected.
Total number of vulnerabilities : 1015   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 (This Page)21
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.