| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
401 |
CVE-2017-15190 |
|
|
|
2017-10-10 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. |
|
402 |
CVE-2017-15189 |
772 |
|
|
2017-10-10 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. |
|
403 |
CVE-2017-15188 |
79 |
|
XSS |
2017-10-11 |
2021-02-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php. |
|
404 |
CVE-2017-15186 |
415 |
|
DoS |
2017-10-24 |
2017-11-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file. |
|
405 |
CVE-2017-15185 |
20 |
|
DoS |
2017-10-09 |
2017-11-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file. |
|
406 |
CVE-2017-15096 |
476 |
|
DoS |
2017-10-26 |
2017-11-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. |
|
407 |
CVE-2017-15084 |
352 |
|
CSRF |
2017-10-06 |
2017-10-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22. |
|
408 |
CVE-2017-15081 |
89 |
|
Sql |
2017-10-24 |
2017-11-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. |
|
409 |
CVE-2017-15079 |
22 |
|
Dir. Trav. |
2017-10-06 |
2017-10-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal. |
|
410 |
CVE-2017-15078 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on Virgin Media branded Arris TG2492 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15064. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Virgin Media. |
|
411 |
CVE-2017-15077 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on UPC branded Compal CH7465-LG devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15067. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from UPC. |
|
412 |
CVE-2017-15076 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** DISPUTED ** The Intel Puma 5, 6, and 7 chips, as used on Telstra branded NETGEAR C6300BD devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Telstra. NOTE: NETGEAR states "This vulnerability does not affect the following products: C6300BD-Telstra." |
|
413 |
CVE-2017-15075 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Technicolor (formerly branded as Cisco) devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Technicolor. |
|
414 |
CVE-2017-15074 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on SMC D3G2408 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from SMC. |
|
415 |
CVE-2017-15073 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on Samsung Home Media Server devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Samsung. |
|
416 |
CVE-2017-15072 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Quantenna devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Quantenna. |
|
417 |
CVE-2017-15071 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on NETGEAR C6300, CM400, CM700, and CMD31T devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from NETGEAR. |
|
418 |
CVE-2017-15070 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Linksys devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Linksys. |
|
419 |
CVE-2017-15069 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Hitron devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Hitron. |
|
420 |
CVE-2017-15068 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Comcast branded devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Comcast. |
|
421 |
CVE-2017-15067 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Compal devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Compal. |
|
422 |
CVE-2017-15066 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various AVM FRITZ!Box devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from AVM. |
|
423 |
CVE-2017-15065 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on ASUS CM-32 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from ASUS. |
|
424 |
CVE-2017-15064 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Arris devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Arris. |
|
425 |
CVE-2017-15063 |
352 |
|
CSRF |
2017-10-06 |
2018-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter to panel/database. |
|
426 |
CVE-2017-15056 |
476 |
|
DoS |
2017-10-06 |
2017-11-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack(). |
|
427 |
CVE-2017-15047 |
119 |
|
DoS Overflow |
2017-10-06 |
2020-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine." |
|
428 |
CVE-2017-15046 |
119 |
|
Overflow |
2017-10-06 |
2021-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412. |
|
429 |
CVE-2017-15045 |
125 |
|
|
2017-10-06 |
2021-03-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410. |
|
430 |
CVE-2017-15042 |
319 |
|
|
2017-10-05 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password. |
|
431 |
CVE-2017-15041 |
|
|
Exec Code |
2017-10-05 |
2021-03-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git checkout in its pkg2 directory and some other work is done to ensure the proper ordering of operations, "go get" can be tricked into reusing this Git checkout for the fetch of code from pkg2. If the Subversion repository's Git checkout has malicious commands in .git/hooks/, they will execute on the system running "go get." |
|
432 |
CVE-2017-15038 |
362 |
|
+Info |
2017-10-10 |
2018-09-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. |
|
433 |
CVE-2017-15037 |
362 |
|
|
2017-10-05 |
2017-10-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. |
|
434 |
CVE-2017-15035 |
119 |
|
DoS Overflow |
2017-10-05 |
2017-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). |
|
435 |
CVE-2017-15033 |
772 |
|
|
2017-10-05 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. |
|
436 |
CVE-2017-15032 |
772 |
|
|
2017-10-05 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. |
|
437 |
CVE-2017-15025 |
369 |
|
DoS |
2017-10-05 |
2017-10-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file. |
|
438 |
CVE-2017-15024 |
835 |
|
DoS |
2017-10-05 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. |
|
439 |
CVE-2017-15023 |
476 |
|
DoS |
2017-10-05 |
2018-01-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. |
|
440 |
CVE-2017-15022 |
476 |
|
DoS |
2017-10-05 |
2017-10-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. |
|
441 |
CVE-2017-15021 |
125 |
|
DoS |
2017-10-05 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. |
|
442 |
CVE-2017-15020 |
125 |
|
DoS |
2017-10-05 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read. |
|
443 |
CVE-2017-15019 |
476 |
|
|
2017-10-05 |
2017-10-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call. |
|
444 |
CVE-2017-15018 |
125 |
|
|
2017-10-05 |
2021-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c. |
|
445 |
CVE-2017-15017 |
476 |
|
|
2017-10-05 |
2020-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. |
|
446 |
CVE-2017-15016 |
476 |
|
|
2017-10-05 |
2019-04-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. |
|
447 |
CVE-2017-15015 |
476 |
|
|
2017-10-05 |
2020-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. |
|
448 |
CVE-2017-15014 |
269 |
|
|
2017-10-13 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authenticated user uploads content to the repository, he performs the following steps: (1) calls the START_PUSH RPC-command; (2) uploads the file to the content server; (3) calls the END_PUSH_V2 RPC-command (here, Content Server returns a DATA_TICKET integer, intended to identify the location of the uploaded file on the Content Server filesystem); (4) creates a dmr_content object in the repository, which has a value of data_ticket equal to the value of DATA_TICKET returned at the end of END_PUSH_V2 call. As the result of this design, any authenticated user may create his own dmr_content object, pointing to already existing content in the Content Server filesystem. |
|
449 |
CVE-2017-15013 |
269 |
|
+Priv |
2017-10-13 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges. |
|
450 |
CVE-2017-15012 |
20 |
|
|
2017-10-13 |
2017-11-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation. |
