| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
101 |
CVE-2017-15946 |
89 |
|
Sql |
2017-10-28 |
2017-11-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. |
|
102 |
CVE-2017-15945 |
732 |
|
+Priv |
2017-10-27 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. |
|
103 |
CVE-2017-15939 |
476 |
|
DoS |
2017-10-27 |
2018-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. |
|
104 |
CVE-2017-15938 |
119 |
|
DoS Overflow |
2017-10-27 |
2018-01-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). |
|
105 |
CVE-2017-15937 |
200 |
|
+Info |
2017-10-27 |
2017-11-14 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX). |
|
106 |
CVE-2017-15936 |
79 |
|
XSS |
2017-10-27 |
2017-11-14 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In Artica Pandora FMS version 7.0, an Attacker with write Permission can create an agent with an XSS Payload; when a user enters the agent definitions page, the script will get executed. |
|
107 |
CVE-2017-15935 |
94 |
|
Exec Code |
2017-10-27 |
2017-11-14 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function. This is only exploitable by administrators who upload a PHP file. |
|
108 |
CVE-2017-15934 |
79 |
|
XSS |
2017-10-27 |
2017-11-14 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter. |
|
109 |
CVE-2017-15933 |
89 |
|
Exec Code Sql |
2017-10-27 |
2021-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. |
|
110 |
CVE-2017-15932 |
125 |
|
|
2017-10-27 |
2017-11-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. |
|
111 |
CVE-2017-15931 |
125 |
|
|
2017-10-27 |
2017-11-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems. |
|
112 |
CVE-2017-15930 |
476 |
|
|
2017-10-27 |
2019-06-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer. |
|
113 |
CVE-2017-15928 |
20 |
|
|
2017-10-27 |
2017-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication. |
|
114 |
CVE-2017-15924 |
78 |
|
|
2017-10-27 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. |
|
115 |
CVE-2017-15922 |
125 |
|
|
2017-10-26 |
2018-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. |
|
116 |
CVE-2017-15921 |
476 |
|
|
2017-10-30 |
2017-11-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. |
|
117 |
CVE-2017-15920 |
476 |
|
|
2017-10-30 |
2017-11-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. |
|
118 |
CVE-2017-15919 |
89 |
|
Sql |
2017-10-26 |
2017-11-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. |
|
119 |
CVE-2017-15917 |
269 |
|
|
2017-10-26 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. |
|
120 |
CVE-2017-15911 |
79 |
|
Exec Code XSS Bypass CSRF |
2017-10-26 |
2017-11-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allows arbitrary client-side JavaScript code execution on victims who click a crafted setup/setup-host-settings.jsp?domain= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. |
|
121 |
CVE-2017-15909 |
798 |
|
|
2017-10-26 |
2017-11-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. |
|
122 |
CVE-2017-15908 |
835 |
|
|
2017-10-26 |
2022-02-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. |
|
123 |
CVE-2017-15907 |
89 |
|
Exec Code Sql |
2017-10-26 |
2017-11-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php. |
|
124 |
CVE-2017-15906 |
732 |
|
|
2017-10-26 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. |
|
125 |
CVE-2017-15888 |
79 |
|
XSS |
2017-10-30 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Custom Internet Radio List in Synology Audio Station before 6.3.0-3260 allows remote authenticated attackers to inject arbitrary web script or HTML via the NAME parameter. |
|
126 |
CVE-2017-15885 |
79 |
|
XSS |
2017-10-25 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214. |
|
127 |
CVE-2017-15884 |
362 |
|
|
2017-10-31 |
2019-10-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. |
|
128 |
CVE-2017-15882 |
400 |
|
DoS |
2017-10-26 |
2017-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file. |
|
129 |
CVE-2017-15881 |
79 |
|
XSS |
2017-10-24 |
2019-12-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878. |
|
130 |
CVE-2017-15880 |
89 |
|
Exec Code Sql |
2017-10-24 |
2021-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group). |
|
131 |
CVE-2017-15879 |
20 |
|
|
2017-10-24 |
2017-11-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export. |
|
132 |
CVE-2017-15878 |
79 |
|
XSS |
2017-10-24 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature. |
|
133 |
CVE-2017-15874 |
191 |
|
|
2017-10-24 |
2017-10-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. |
|
134 |
CVE-2017-15873 |
190 |
|
Overflow |
2017-10-24 |
2021-02-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. |
|
135 |
CVE-2017-15872 |
79 |
|
XSS |
2017-10-24 |
2017-10-31 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and include/inc_tmpl/admin.newuser.tmpl.php via the username (aka new_login) field. |
|
136 |
CVE-2017-15871 |
835 |
|
DoS |
2017-10-24 |
2019-11-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" call or a simple infinite loop. NOTE: the vendor agrees that denial of service can occur but notes that deserialize is explicitly listed as "harmful" within the README.md file. |
|
137 |
CVE-2017-15867 |
79 |
|
XSS |
2017-10-24 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, (3) user_id, (4) username, (5) country_name, (6) browser, (7) operating_system, or (8) ip_address parameter to admin/partials/listing/listing.php. |
|
138 |
CVE-2017-15863 |
79 |
|
XSS |
2017-10-24 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin before 3.5.19 for WordPress via the date1 or date2 parameter to wp-admin/options-general.php. |
|
139 |
CVE-2017-15812 |
79 |
|
XSS |
2017-10-23 |
2017-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel. |
|
140 |
CVE-2017-15811 |
79 |
|
XSS |
2017-10-23 |
2017-11-14 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The Pootle Button plugin before 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php. |
|
141 |
CVE-2017-15810 |
79 |
|
XSS |
2017-10-23 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress has XSS via the tab parameter to wp-admin/admin.php. |
|
142 |
CVE-2017-15809 |
79 |
|
XSS |
2017-10-23 |
2017-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag. |
|
143 |
CVE-2017-15808 |
352 |
|
CSRF |
2017-10-23 |
2017-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. |
|
144 |
CVE-2017-15805 |
22 |
|
Dir. Trav. |
2017-10-23 |
2017-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files. |
|
145 |
CVE-2017-15804 |
119 |
|
Overflow |
2017-10-22 |
2018-06-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. |
|
146 |
CVE-2017-15803 |
119 |
|
DoS Overflow |
2017-10-22 |
2017-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150." |
|
147 |
CVE-2017-15802 |
119 |
|
DoS Overflow |
2017-10-22 |
2017-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087." |
|
148 |
CVE-2017-15801 |
119 |
|
DoS Overflow |
2017-10-22 |
2017-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." |
|
149 |
CVE-2017-15800 |
119 |
|
DoS Exec Code Overflow |
2017-10-22 |
2017-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IrfanView version 4.50 (64bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls subsequent Write Address starting at ntdll!memcpy+0x00000000000000a0." |
|
150 |
CVE-2017-15799 |
119 |
|
DoS Overflow |
2017-10-22 |
2017-10-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
IrfanView version 4.50 (64bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceNamesInternal+0x000000000000074a." |
