| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
201 |
CVE-2017-17739 |
22 |
|
Dir. Trav. |
2017-12-18 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files. |
|
202 |
CVE-2017-17738 |
|
|
|
2017-12-18 |
2019-10-03 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html. |
|
203 |
CVE-2017-17737 |
79 |
|
XSS |
2017-12-18 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. |
|
204 |
CVE-2017-17735 |
200 |
|
+Info |
2017-12-18 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. |
|
205 |
CVE-2017-17734 |
200 |
|
+Info |
2017-12-18 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. |
|
206 |
CVE-2017-17733 |
|
|
Exec Code |
2017-12-18 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request. |
|
207 |
CVE-2017-17731 |
89 |
|
Sql |
2017-12-18 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. |
|
208 |
CVE-2017-17730 |
89 |
|
Sql |
2017-12-18 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php. |
|
209 |
CVE-2017-17727 |
434 |
|
Exec Code |
2017-12-18 |
2018-01-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php. |
|
210 |
CVE-2017-17721 |
89 |
|
Sql |
2017-12-18 |
2019-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter. |
|
211 |
CVE-2017-17719 |
79 |
|
XSS |
2017-12-19 |
2018-01-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the result_message parameter to includes/concours_page.php. |
|
212 |
CVE-2017-17718 |
295 |
|
|
2017-12-17 |
2018-01-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation. |
|
213 |
CVE-2017-17717 |
327 |
|
|
2017-12-17 |
2018-01-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature. |
|
214 |
CVE-2017-17716 |
295 |
|
|
2017-12-17 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verification, but a verify_certificates LDAP option was mentioned in the 9.4 release announcement. This issue occurred because code was not merged. This is related to use of the omniauth-ldap library and the gitlab_omniauth-ldap gem. |
|
215 |
CVE-2017-17715 |
22 |
|
Dir. Trav. |
2017-12-16 |
2018-01-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak. |
|
216 |
CVE-2017-17714 |
79 |
|
XSS |
2017-12-16 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, the /register lat parameter, the /register lon parameter, the /register org parameter, the /register query parameter, the /register region parameter, the /register regionName parameter, the /register timezone parameter, the /register vId parameter, the /register zip parameter, or the /tping id parameter. |
|
217 |
CVE-2017-17713 |
89 |
|
Sql |
2017-12-16 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, the /register lat parameter, the /register lon parameter, the /register org parameter, the /register query parameter, the /register region parameter, the /register regionName parameter, the /register timezone parameter, the /register vId parameter, the /register zip parameter, or the /tping id parameter. |
|
218 |
CVE-2017-17712 |
362 |
|
Exec Code +Priv |
2017-12-16 |
2018-04-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges. |
|
219 |
CVE-2017-17704 |
330 |
|
|
2017-12-31 |
2019-10-03 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode and restarts with the fixed IV, leading to replay attacks of entire messages. There is no authentication of messages beyond the use of the fixed AES key, so message forgery is also possible. |
|
220 |
CVE-2017-17701 |
476 |
|
|
2017-12-15 |
2017-12-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request. |
|
221 |
CVE-2017-17700 |
476 |
|
|
2017-12-15 |
2017-12-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. |
|
222 |
CVE-2017-17699 |
476 |
|
|
2017-12-15 |
2017-12-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. |
|
223 |
CVE-2017-17698 |
79 |
|
XSS |
2017-12-15 |
2017-12-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec. |
|
224 |
CVE-2017-17697 |
918 |
|
|
2017-12-15 |
2020-04-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping. |
|
225 |
CVE-2017-17696 |
200 |
|
+Info |
2017-12-15 |
2017-12-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. |
|
226 |
CVE-2017-17695 |
89 |
|
Sql |
2017-12-15 |
2017-12-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. |
|
227 |
CVE-2017-17694 |
79 |
|
XSS |
2017-12-15 |
2017-12-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. |
|
228 |
CVE-2017-17693 |
862 |
|
|
2017-12-15 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. |
|
229 |
CVE-2017-17692 |
200 |
|
Bypass +Info |
2017-12-21 |
2018-01-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property. |
|
230 |
CVE-2017-17684 |
119 |
|
Overflow |
2017-12-14 |
2017-12-21 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request. |
|
231 |
CVE-2017-17683 |
119 |
|
Overflow |
2017-12-14 |
2017-12-21 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request. |
|
232 |
CVE-2017-17682 |
400 |
|
DoS |
2017-12-14 |
2020-09-08 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. |
|
233 |
CVE-2017-17681 |
835 |
|
DoS |
2017-12-14 |
2020-08-19 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. |
|
234 |
CVE-2017-17680 |
772 |
|
DoS |
2017-12-14 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file. |
|
235 |
CVE-2017-17672 |
502 |
|
Exec Code |
2017-12-14 |
2018-01-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates. |
|
236 |
CVE-2017-17671 |
22 |
|
Exec Code Dir. Trav. |
2017-12-14 |
2020-08-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ traversal is not blocked. For example, an attacker can make an invalid HTTP request containing PHP code, and then make an index.php?routestring= request with enough instances of ".." to reach an Apache HTTP Server log file. |
|
237 |
CVE-2017-17670 |
416 |
|
|
2017-12-15 |
2019-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation. |
|
238 |
CVE-2017-17669 |
125 |
|
DoS |
2017-12-13 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack. |
|
239 |
CVE-2017-17665 |
862 |
|
Bypass |
2017-12-13 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Octopus Deploy before 4.1.3, the machine update process doesn't check that the user has access to all environments. This allows an access-control bypass because the set of environments to which a machine is scoped may include environments in which the user lacks access. |
|
240 |
CVE-2017-17664 |
119 |
|
Overflow |
2017-12-13 |
2018-01-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack. |
|
241 |
CVE-2017-17651 |
89 |
|
Sql |
2017-12-18 |
2018-01-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter. |
|
242 |
CVE-2017-17649 |
94 |
|
|
2017-12-18 |
2018-01-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter. |
|
243 |
CVE-2017-17648 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter. |
|
244 |
CVE-2017-17645 |
89 |
|
Sql |
2017-12-18 |
2018-01-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php. |
|
245 |
CVE-2017-17643 |
89 |
|
Sql |
2017-12-18 |
2020-09-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/. |
|
246 |
CVE-2017-17642 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. |
|
247 |
CVE-2017-17641 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. |
|
248 |
CVE-2017-17640 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. |
|
249 |
CVE-2017-17639 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter. |
|
250 |
CVE-2017-17638 |
89 |
|
Sql |
2017-12-13 |
2017-12-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. |
