| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
251 |
CVE-2017-11495 |
20 |
|
Exec Code |
2017-07-20 |
2017-08-15 |
9.0 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Complete |
|
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action. |
|
252 |
CVE-2017-11478 |
835 |
|
DoS |
2017-07-20 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. |
|
253 |
CVE-2017-11475 |
89 |
|
Sql |
2017-07-20 |
2017-08-29 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php. |
|
254 |
CVE-2017-11474 |
89 |
|
Sql |
2017-07-20 |
2017-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php. |
|
255 |
CVE-2017-11473 |
120 |
|
Overflow +Priv |
2017-07-20 |
2021-01-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. |
|
256 |
CVE-2017-11472 |
755 |
|
Bypass +Info |
2017-07-20 |
2019-10-03 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. |
|
257 |
CVE-2017-11471 |
89 |
|
Sql |
2017-07-20 |
2017-07-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. |
|
258 |
CVE-2017-11470 |
89 |
|
Sql |
2017-07-20 |
2017-07-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. |
|
259 |
CVE-2017-11469 |
22 |
|
Dir. Trav. |
2017-07-20 |
2017-07-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter. |
|
260 |
CVE-2017-11468 |
770 |
|
DoS |
2017-07-20 |
2020-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint. |
|
261 |
CVE-2017-11467 |
269 |
|
Exec Code |
2017-07-20 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request. |
|
262 |
CVE-2017-11466 |
434 |
|
Exec Code Dir. Trav. |
2017-07-20 |
2017-07-25 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajax_file_upload. This results in arbitrary code execution by requesting the .jsp file at a /assets URI. |
|
263 |
CVE-2017-11465 |
125 |
|
DoS Bypass |
2017-07-19 |
2017-07-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism. |
|
264 |
CVE-2017-11464 |
369 |
|
|
2017-07-19 |
2020-07-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero. |
|
265 |
CVE-2017-11460 |
79 |
|
XSS |
2017-07-25 |
2018-12-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535. |
|
266 |
CVE-2017-11459 |
94 |
|
Exec Code |
2017-07-25 |
2018-12-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592. |
|
267 |
CVE-2017-11458 |
79 |
|
XSS |
2017-07-25 |
2021-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783. |
|
268 |
CVE-2017-11457 |
611 |
|
|
2017-07-25 |
2021-04-20 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249. |
|
269 |
CVE-2017-11456 |
22 |
|
Dir. Trav. |
2017-07-19 |
2017-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file. |
|
270 |
CVE-2017-11450 |
|
|
DoS |
2017-07-19 |
2021-04-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. |
|
271 |
CVE-2017-11449 |
|
|
DoS |
2017-07-19 |
2021-04-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. |
|
272 |
CVE-2017-11448 |
200 |
|
+Info |
2017-07-19 |
2021-04-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. |
|
273 |
CVE-2017-11447 |
772 |
|
DoS |
2017-07-19 |
2020-10-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. |
|
274 |
CVE-2017-11446 |
835 |
|
|
2017-07-19 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file. |
|
275 |
CVE-2017-11445 |
89 |
|
Sql |
2017-07-19 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array. |
|
276 |
CVE-2017-11444 |
89 |
|
Sql |
2017-07-19 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array. |
|
277 |
CVE-2017-11441 |
79 |
|
XSS |
2017-07-19 |
2017-08-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297. |
|
278 |
CVE-2017-11440 |
22 |
|
Dir. Trav. |
2017-07-19 |
2017-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi parameter and the admin/LinqScratchPad.aspx Reference parameter. |
|
279 |
CVE-2017-11439 |
79 |
|
XSS |
2017-07-19 |
2017-07-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter. |
|
280 |
CVE-2017-11436 |
798 |
|
|
2017-07-19 |
2021-04-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. |
|
281 |
CVE-2017-11435 |
200 |
|
Bypass +Info |
2017-07-19 |
2021-06-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords. |
|
282 |
CVE-2017-11434 |
125 |
|
DoS |
2017-07-25 |
2020-11-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. |
|
283 |
CVE-2017-11423 |
125 |
|
DoS |
2017-07-18 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. |
|
284 |
CVE-2017-11422 |
732 |
|
|
2017-07-24 |
2020-12-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc. |
|
285 |
CVE-2017-11421 |
94 |
|
|
2017-07-18 |
2017-07-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename. |
|
286 |
CVE-2017-11420 |
119 |
|
Exec Code Overflow |
2017-07-18 |
2017-12-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. |
|
287 |
CVE-2017-11419 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. |
|
288 |
CVE-2017-11418 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i]. |
|
289 |
CVE-2017-11417 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id']. |
|
290 |
CVE-2017-11416 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. |
|
291 |
CVE-2017-11415 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level']. |
|
292 |
CVE-2017-11414 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id']. |
|
293 |
CVE-2017-11413 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET['id']. |
|
294 |
CVE-2017-11412 |
89 |
|
Sql |
2017-07-18 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET['id']. |
|
295 |
CVE-2017-11411 |
20 |
|
|
2017-07-18 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350. |
|
296 |
CVE-2017-11410 |
20 |
|
|
2017-07-18 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702. |
|
297 |
CVE-2017-11409 |
834 |
|
|
2017-07-18 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type. |
|
298 |
CVE-2017-11408 |
20 |
|
|
2017-07-18 |
2018-02-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. |
|
299 |
CVE-2017-11407 |
20 |
|
|
2017-07-18 |
2019-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt. |
|
300 |
CVE-2017-11406 |
835 |
|
|
2017-07-18 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values. |
