| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
251 |
CVE-2017-7581 |
89 |
|
Exec Code Sql |
2017-04-07 |
2017-04-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed. |
|
252 |
CVE-2017-7579 |
79 |
|
XSS |
2017-04-07 |
2017-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. |
|
253 |
CVE-2017-7578 |
119 |
|
DoS Overflow |
2017-04-07 |
2017-04-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831. |
|
254 |
CVE-2017-7577 |
22 |
|
Dir. Trav. |
2017-04-07 |
2018-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. |
|
255 |
CVE-2017-7576 |
798 |
|
|
2017-04-06 |
2021-09-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credentials can be used in the web interface or by connecting to the device via TELNET. This is fixed in recent versions including 1.4.8. |
|
256 |
CVE-2017-7575 |
200 |
|
+Info |
2017-04-06 |
2017-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded. |
|
257 |
CVE-2017-7574 |
798 |
|
|
2017-04-06 |
2022-02-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product. |
|
258 |
CVE-2017-7572 |
362 |
|
|
2017-04-06 |
2017-04-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the owner of a process requesting a polkit operation is checked by polkitd via /proc/<pid>/status, by which time the requesting process may have been replaced by a different process with the same PID that has different privileges then the original requester. |
|
259 |
CVE-2017-7571 |
352 |
|
CSRF |
2017-04-06 |
2021-04-01 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges. |
|
260 |
CVE-2017-7570 |
94 |
|
Exec Code |
2017-04-07 |
2017-04-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension. |
|
261 |
CVE-2017-7569 |
918 |
|
Bypass |
2017-04-06 |
2017-04-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. |
|
262 |
CVE-2017-7566 |
918 |
|
Bypass |
2017-04-06 |
2017-04-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. |
|
263 |
CVE-2017-7565 |
22 |
|
Exec Code Dir. Trav. |
2017-04-06 |
2017-04-12 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041. |
|
264 |
CVE-2017-7477 |
119 |
|
DoS Overflow |
2017-04-25 |
2018-01-05 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function. |
|
265 |
CVE-2017-7462 |
22 |
|
Dir. Trav. |
2017-04-11 |
2017-04-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. |
|
266 |
CVE-2017-7461 |
22 |
|
Dir. Trav. |
2017-04-11 |
2017-04-18 |
6.8 |
None |
Remote |
Low |
??? |
Complete |
None |
None |
|
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization. |
|
267 |
CVE-2017-7457 |
611 |
|
|
2017-04-14 |
2017-08-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure. |
|
268 |
CVE-2017-7456 |
20 |
|
DoS |
2017-04-14 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. |
|
269 |
CVE-2017-7455 |
200 |
|
+Info |
2017-04-14 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. |
|
270 |
CVE-2017-7454 |
125 |
|
DoS |
2017-04-06 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. |
|
271 |
CVE-2017-7453 |
476 |
|
DoS |
2017-04-06 |
2019-09-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. |
|
272 |
CVE-2017-7452 |
476 |
|
DoS |
2017-04-06 |
2019-09-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. |
|
273 |
CVE-2017-7450 |
287 |
|
|
2017-04-05 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. It is possible to extract all information including the Wi-Fi password, reboot, or force a software update at an arbitrary time. |
|
274 |
CVE-2017-7448 |
369 |
|
DoS |
2017-04-05 |
2017-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image. |
|
275 |
CVE-2017-7447 |
352 |
|
Exec Code CSRF |
2017-04-05 |
2017-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code. |
|
276 |
CVE-2017-7446 |
352 |
|
CSRF |
2017-04-05 |
2017-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges. |
|
277 |
CVE-2017-7444 |
|
|
|
2017-04-05 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. |
|
278 |
CVE-2017-7443 |
113 |
|
Http R.Spl. |
2017-04-05 |
2017-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression. |
|
279 |
CVE-2017-7418 |
59 |
|
Bypass |
2017-04-04 |
2019-08-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user. |
|
280 |
CVE-2017-7415 |
200 |
|
Bypass +Info |
2017-04-27 |
2021-12-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource. |
|
281 |
CVE-2017-7414 |
78 |
|
|
2017-04-04 |
2019-10-03 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it. |
|
282 |
CVE-2017-7413 |
78 |
|
|
2017-04-04 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address. |
|
283 |
CVE-2017-7412 |
|
|
+Priv |
2017-04-04 |
2020-05-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands. |
|
284 |
CVE-2017-7410 |
89 |
|
Exec Code Sql |
2017-04-03 |
2020-07-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter. |
|
285 |
CVE-2017-7409 |
79 |
|
XSS |
2017-04-21 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674. |
|
286 |
CVE-2017-7408 |
20 |
|
DoS |
2017-04-14 |
2021-09-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. |
|
287 |
CVE-2017-7407 |
119 |
|
Overflow +Info |
2017-04-03 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read. |
|
288 |
CVE-2017-7402 |
94 |
|
Exec Code |
2017-04-03 |
2021-03-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, such as a .jpg.php file with Content-Type of image/jpeg. |
|
289 |
CVE-2017-7401 |
835 |
|
DoS |
2017-04-03 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet. |
|
290 |
CVE-2017-7400 |
79 |
|
XSS |
2017-04-03 |
2018-01-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. |
|
291 |
CVE-2017-7398 |
352 |
|
CSRF |
2017-04-04 |
2017-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password. |
|
292 |
CVE-2017-7397 |
400 |
|
DoS |
2017-04-03 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions." |
|
293 |
CVE-2017-7396 |
772 |
|
|
2017-04-01 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. |
|
294 |
CVE-2017-7395 |
190 |
|
Overflow |
2017-04-01 |
2018-01-13 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. |
|
295 |
CVE-2017-7394 |
20 |
|
|
2017-04-01 |
2018-01-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames. |
|
296 |
CVE-2017-7393 |
415 |
|
DoS Exec Code |
2017-04-01 |
2018-01-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. |
|
297 |
CVE-2017-7392 |
772 |
|
|
2017-04-01 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. |
|
298 |
CVE-2017-7391 |
79 |
|
Exec Code XSS |
2017-04-01 |
2017-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. |
|
299 |
CVE-2017-7390 |
79 |
|
Exec Code XSS |
2017-04-01 |
2017-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/template/pw_forgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. |
|
300 |
CVE-2017-7389 |
79 |
|
Exec Code XSS |
2017-04-01 |
2020-02-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. |
