Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE vulnerabilities

CVE Vulnerabilities

CVE vulnerabilities is a database of publicly known information security vulnerabilities and exposures.
Page: 12...6 7 8 9 10 out of 2890

CVE-2017-5664 | June 06, 2017
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-5243 | June 06, 2017
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the installations vulnerable to a range of MITM, downgrade, and decryption attacks.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-9444 | June 05, 2017
BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the index.php/admin/developer/upgrade/set-ftp-directory/ URI.
Severity: Medium | Impact score: 6.40 | Exploit score: 8.60
Vendors affected: Bigtreecms

CVE-2017-9443 | June 05, 2017
** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. This issue exists in core\admin\modules\developer\extensions\install\process.php and core\admin\modules\developer\packages\install\process.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files."
Severity: Medium | Impact score: 6.40 | Exploit score: 8.00
Vendors affected: Bigtreecms

CVE-2017-9442 | June 05, 2017
** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php. This issue exists in core\admin\modules\developer\extensions\install\unpack.php and core\admin\modules\developer\packages\install\unpack.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files."
Severity: Medium | Impact score: 6.40 | Exploit score: 8.00
Vendors affected: Bigtreecms

CVE-2017-9441 | June 05, 2017
** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML by uploading a crafted package, triggering mishandling of the (1) title or (2) version or (3) author_name parameter in manifest.json. This issue exists in core\admin\modules\developer\extensions\install\unpack.php and core\admin\modules\developer\packages\install\unpack.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files."
Severity: Low | Impact score: 2.90 | Exploit score: 6.80
Vendors affected: Bigtreecms

CVE-2017-9440 | June 05, 2017
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
Severity: Medium | Impact score: 2.90 | Exploit score: 8.60
Vendors affected: Imagemagick

CVE-2017-9439 | June 05, 2017
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
Severity: Medium | Impact score: 2.90 | Exploit score: 8.60
Vendors affected: Imagemagick

CVE-2017-9438 | June 05, 2017
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
Severity: Medium | Impact score: 2.90 | Exploit score: 10.00
Vendors affected: Virustotal

CVE-2017-9437 | June 05, 2017
Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-9436 | June 05, 2017
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-9435 | June 05, 2017
Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).
Severity: High | Impact score: 6.40 | Exploit score: 10.00
Vendors affected: Dolibarr

CVE-2017-9434 | June 05, 2017
Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
Severity: Medium | Impact score: 2.90 | Exploit score: 10.00
Vendors affected: Cryptopp

CVE-2017-9430 | June 05, 2017
Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-9420 | June 05, 2017
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.
Severity: Medium | Impact score: 2.90 | Exploit score: 8.60
Vendors affected: Sunnythemes

CVE-2017-8841 | June 05, 2017
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.
Severity: High | Impact score: 7.80 | Exploit score: 8.00
Vendors affected: Peplink

CVE-2017-8840 | June 05, 2017
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, and Submitted syncid.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-8839 | June 05, 2017
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.
Severity: Medium | Impact score: 2.90 | Exploit score: 8.60
Vendors affected: Peplink

CVE-2017-8838 | June 05, 2017
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.
Severity: Medium | Impact score: 2.90 | Exploit score: 8.60
Vendors affected: Peplink

CVE-2017-8837 | June 05, 2017
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-8836 | June 05, 2017
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Severity: Medium | Impact score: 6.40 | Exploit score: 8.60
Vendors affected: Peplink

CVE-2017-8835 | June 05, 2017
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database.
Severity: High | Impact score: 6.40 | Exploit score: 10.00
Vendors affected: Peplink

CVE-2017-8441 | June 05, 2017
Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data they should not have access to when performing certain operations against an index alias.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-8440 | June 05, 2017
Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-8439 | June 05, 2017
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users.
Severity: | Impact score: 0.00 | Exploit score: 0.00

Page: 12...6 7 8 9 10 out of 2890

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »