| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1351 |
CVE-2017-16023 |
20 |
|
DoS |
2018-06-04 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack. |
|
1352 |
CVE-2017-16022 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Morris.js creates an svg graph, with labels that appear when hovering over a point. The hovering label names are not escaped in versions 0.5.0 and earlier. If control over the labels is obtained, script can be injected. The script will run on the client side whenever that specific graph is loaded. |
|
1353 |
CVE-2017-16021 |
400 |
|
|
2018-06-04 |
2019-10-09 |
6.8 |
None |
Remote |
Low |
??? |
None |
None |
Complete |
|
uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require("uri-js").parse()` where a user is able to send their own input. This affects uri-js 2.1.1 and earlier. |
|
1354 |
CVE-2017-16020 |
94 |
|
Exec Code |
2018-06-04 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name. |
|
1355 |
CVE-2017-16019 |
79 |
|
Exec Code XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader. |
|
1356 |
CVE-2017-16018 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Restify is a framework for building REST APIs. Restify >=2.0.0 <=4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers. |
|
1357 |
CVE-2017-16017 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability. |
|
1358 |
CVE-2017-16016 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability. |
|
1359 |
CVE-2017-16015 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting |
|
1360 |
CVE-2017-16014 |
388 |
|
DoS |
2018-06-04 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service. |
|
1361 |
CVE-2017-16013 |
20 |
|
|
2018-06-04 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached. |
|
1362 |
CVE-2017-16012 |
|
|
Exec Code |
2018-06-04 |
2018-06-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Jquery is a javascript library for DOM traversal and manipulation, event handling, animation, and Ajax. When text/javascript responses are received from cross-origin ajax requests not containing the option `dataType`, the result is executed in `jQuery.globalEval` potentially allowing an attacker to execute arbitrary code on the origin. This affects Jquery >=1.4.0 <=1.11.3 || >=1.12.4 <=2.2.4. |
|
1363 |
CVE-2017-16011 |
|
|
|
2018-06-04 |
2018-06-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
jQuery is a javascript library for DOM manipulation. jQuery's main method in affected versions (>=1.7.1 <=1.8.3) contains an unreliable way of detecting whether the input to the `jQuery(strInput)` function is intended to be a selector or HTML. |
|
1364 |
CVE-2017-16009 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid. |
|
1365 |
CVE-2017-16008 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into the browser. This affects i18next <=1.10.2. |
|
1366 |
CVE-2017-16007 |
|
|
|
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used. |
|
1367 |
CVE-2017-16006 |
79 |
|
XSS |
2018-06-04 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript. |
|
1368 |
CVE-2017-16005 |
347 |
|
|
2018-06-04 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature. |
|
1369 |
CVE-2017-15857 |
129 |
|
|
2018-06-12 |
2018-08-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. |
|
1370 |
CVE-2017-15854 |
119 |
|
Overflow |
2018-06-12 |
2018-08-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. |
|
1371 |
CVE-2017-15843 |
362 |
|
|
2018-06-12 |
2018-08-01 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Due to a race condition in a bus driver, a double free in msm_bus_floor_vote_context() can potentially occur in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. |
|
1372 |
CVE-2017-15842 |
416 |
|
|
2018-06-12 |
2018-08-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. |
|
1373 |
CVE-2017-15695 |
863 |
|
Exec Code |
2018-06-13 |
2020-08-24 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should be restricted to users with DATA:MANAGE privilege. |
|
1374 |
CVE-2017-13072 |
79 |
|
XSS |
2018-06-21 |
2018-08-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code. |
|
1375 |
CVE-2017-12092 |
200 |
|
+Info |
2018-06-04 |
2022-04-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability. |
|
1376 |
CVE-2017-12078 |
77 |
|
Exec Code |
2018-06-08 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter. |
|
1377 |
CVE-2017-12075 |
77 |
|
Exec Code |
2018-06-08 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter. |
|
1378 |
CVE-2017-12070 |
20 |
|
|
2018-06-14 |
2018-08-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. |
|
1379 |
CVE-2017-11672 |
428 |
|
+Priv |
2018-06-13 |
2018-08-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges. |
|
1380 |
CVE-2017-9312 |
20 |
|
DoS |
2018-06-25 |
2018-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately. |
|
1381 |
CVE-2017-7933 |
522 |
|
|
2018-06-06 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access. |
|
1382 |
CVE-2017-7931 |
287 |
|
|
2018-06-06 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication. |
|
1383 |
CVE-2017-7906 |
352 |
|
|
2018-06-06 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user. |
|
1384 |
CVE-2017-7848 |
74 |
|
|
2018-06-11 |
2018-08-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2. |
|
1385 |
CVE-2017-7847 |
200 |
|
+Info |
2018-06-11 |
2018-08-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2. |
|
1386 |
CVE-2017-7846 |
74 |
|
|
2018-06-11 |
2018-08-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2. |
|
1387 |
CVE-2017-7845 |
119 |
|
Overflow |
2018-06-11 |
2018-08-09 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2. |
|
1388 |
CVE-2017-7844 |
200 |
|
+Info |
2018-06-11 |
2018-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1. |
|
1389 |
CVE-2017-7843 |
200 |
|
+Info |
2018-06-11 |
2018-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1. |
|
1390 |
CVE-2017-7842 |
200 |
|
+Info |
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This vulnerability affects Firefox < 57. |
|
1391 |
CVE-2017-7840 |
79 |
|
Exec Code XSS |
2018-06-11 |
2018-06-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks if users were convinced to add malicious tags to bookmarks, export them, and then open the resulting file. This vulnerability affects Firefox < 57. |
|
1392 |
CVE-2017-7839 |
79 |
|
XSS |
2018-06-11 |
2018-06-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57. |
|
1393 |
CVE-2017-7838 |
20 |
|
|
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefox < 57. |
|
1394 |
CVE-2017-7837 |
20 |
|
|
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57. |
|
1395 |
CVE-2017-7836 |
427 |
|
|
2018-06-11 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. Windows systems are not affected. This vulnerability affects Firefox < 57. |
|
1396 |
CVE-2017-7835 |
|
|
|
2018-06-11 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57. |
|
1397 |
CVE-2017-7834 |
79 |
|
XSS Bypass |
2018-06-11 |
2018-06-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57. |
|
1398 |
CVE-2017-7833 |
20 |
|
|
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57. |
|
1399 |
CVE-2017-7832 |
20 |
|
|
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57. |
|
1400 |
CVE-2017-7831 |
200 |
|
+Info |
2018-06-11 |
2018-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox < 57. |
