CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2017

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2017-7581 89 Exec Code Sql 2017-04-07 2017-04-13
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
252 CVE-2017-7579 79 XSS 2017-04-07 2017-04-12
4.3
None Remote Medium Not required None Partial None
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
253 CVE-2017-7578 119 DoS Overflow 2017-04-07 2017-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831.
254 CVE-2017-7577 22 Dir. Trav. 2017-04-07 2018-09-10
5.0
None Remote Low Not required Partial None None
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.
255 CVE-2017-7576 798 2017-04-06 2021-09-13
7.5
None Remote Low Not required Partial Partial Partial
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credentials can be used in the web interface or by connecting to the device via TELNET. This is fixed in recent versions including 1.4.8.
256 CVE-2017-7575 200 +Info 2017-04-06 2017-04-15
5.0
None Remote Low Not required Partial None None
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded.
257 CVE-2017-7574 798 2017-04-06 2022-02-10
7.5
None Remote Low Not required Partial Partial Partial
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product.
258 CVE-2017-7572 362 2017-04-06 2017-04-12
9.3
None Remote Medium Not required Complete Complete Complete
The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the owner of a process requesting a polkit operation is checked by polkitd via /proc/<pid>/status, by which time the requesting process may have been replaced by a different process with the same PID that has different privileges then the original requester.
259 CVE-2017-7571 352 CSRF 2017-04-06 2021-04-01
6.0
None Remote Medium ??? Partial Partial Partial
public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.
260 CVE-2017-7570 94 Exec Code 2017-04-07 2017-04-13
6.5
None Remote Low ??? Partial Partial Partial
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
261 CVE-2017-7569 918 Bypass 2017-04-06 2017-04-12
5.0
None Remote Low Not required None Partial None
In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.
262 CVE-2017-7566 918 Bypass 2017-04-06 2017-04-13
4.0
None Remote Low ??? Partial None None
MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.
263 CVE-2017-7565 22 Exec Code Dir. Trav. 2017-04-06 2017-04-12
6.5
None Remote Low ??? Partial Partial Partial
Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.
264 CVE-2017-7477 119 DoS Overflow 2017-04-25 2018-01-05
6.9
None Local Medium Not required Complete Complete Complete
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
265 CVE-2017-7462 22 Dir. Trav. 2017-04-11 2017-04-18
7.5
None Remote Low Not required Partial Partial Partial
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.
266 CVE-2017-7461 22 Dir. Trav. 2017-04-11 2017-04-18
6.8
None Remote Low ??? Complete None None
Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization.
267 CVE-2017-7457 611 2017-04-14 2017-08-16
1.9
None Local Medium Not required Partial None None
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
268 CVE-2017-7456 20 DoS 2017-04-14 2017-08-16
5.0
None Remote Low Not required None None Partial
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
269 CVE-2017-7455 200 +Info 2017-04-14 2017-08-16
5.0
None Remote Low Not required Partial None None
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
270 CVE-2017-7454 125 DoS 2017-04-06 2019-10-03
4.3
None Remote Medium Not required None None Partial
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
271 CVE-2017-7453 476 DoS 2017-04-06 2019-09-16
4.3
None Remote Medium Not required None None Partial
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
272 CVE-2017-7452 476 DoS 2017-04-06 2019-09-16
4.3
None Remote Medium Not required None None Partial
The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
273 CVE-2017-7450 287 2017-04-05 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. It is possible to extract all information including the Wi-Fi password, reboot, or force a software update at an arbitrary time.
274 CVE-2017-7448 369 DoS 2017-04-05 2017-04-12
4.3
None Remote Medium Not required None None Partial
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
275 CVE-2017-7447 352 Exec Code CSRF 2017-04-05 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
276 CVE-2017-7446 352 CSRF 2017-04-05 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
277 CVE-2017-7444 2017-04-05 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
278 CVE-2017-7443 113 Http R.Spl. 2017-04-05 2017-04-12
4.3
None Remote Medium Not required None Partial None
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression.
279 CVE-2017-7418 59 Bypass 2017-04-04 2019-08-08
2.1
None Local Low Not required None Partial None
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.
280 CVE-2017-7415 200 Bypass +Info 2017-04-27 2021-12-13
5.0
None Remote Low Not required Partial None None
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.
281 CVE-2017-7414 78 2017-04-04 2019-10-03
5.1
None Remote High Not required Partial Partial Partial
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it.
282 CVE-2017-7413 78 2017-04-04 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.
283 CVE-2017-7412 +Priv 2017-04-04 2020-05-07
7.2
None Local Low Not required Complete Complete Complete
NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands.
284 CVE-2017-7410 89 Exec Code Sql 2017-04-03 2020-07-07
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter.
285 CVE-2017-7409 79 XSS 2017-04-21 2017-07-11
4.3
None Remote Medium Not required None Partial None
Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.
286 CVE-2017-7408 20 DoS 2017-04-14 2021-09-13
5.0
None Remote Low Not required None None Partial
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.
287 CVE-2017-7407 119 Overflow +Info 2017-04-03 2019-10-03
2.1
None Local Low Not required Partial None None
The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.
288 CVE-2017-7402 94 Exec Code 2017-04-03 2021-03-29
7.5
None Remote Low Not required Partial Partial Partial
Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, such as a .jpg.php file with Content-Type of image/jpeg.
289 CVE-2017-7401 835 DoS 2017-04-03 2019-10-03
5.0
None Remote Low Not required None None Partial
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
290 CVE-2017-7400 79 XSS 2017-04-03 2018-01-05
3.5
None Remote Medium ??? None Partial None
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.
291 CVE-2017-7398 352 CSRF 2017-04-04 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password.
292 CVE-2017-7397 400 DoS 2017-04-03 2019-10-03
5.0
None Remote Low Not required None None Partial
** DISPUTED ** BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions."
293 CVE-2017-7396 772 2017-04-01 2019-10-03
5.0
None Remote Low Not required None None Partial
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
294 CVE-2017-7395 190 Overflow 2017-04-01 2018-01-13
4.0
None Remote Low ??? None None Partial
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
295 CVE-2017-7394 20 2017-04-01 2018-01-13
5.0
None Remote Low Not required None None Partial
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
296 CVE-2017-7393 415 DoS Exec Code 2017-04-01 2018-01-13
6.5
None Remote Low ??? Partial Partial Partial
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
297 CVE-2017-7392 772 2017-04-01 2019-10-03
5.0
None Remote Low Not required None None Partial
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
298 CVE-2017-7391 79 Exec Code XSS 2017-04-01 2017-04-05
4.3
None Remote Medium Not required None Partial None
A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
299 CVE-2017-7390 79 Exec Code XSS 2017-04-01 2017-04-05
4.3
None Remote Medium Not required None Partial None
A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/template/pw_forgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
300 CVE-2017-7389 79 Exec Code XSS 2017-04-01 2020-02-26
4.3
None Remote Medium Not required None Partial None
Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Total number of vulnerabilities : 1574   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.