Total
1004 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1000072 | 1 Iredmail | 1 Iredmail | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in Beta: 0.9.8-BETA1, Stable: 0.9.7. | |||||
CVE-2018-1000071 | 1 Roundcube | 1 Webmail | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. | |||||
CVE-2018-1000025 | 1 Firebase Admin Sdk For Php Project | 1 Firebase Admin Sdk For Php | 2019-10-02 | 6.8 MEDIUM | 8.1 HIGH |
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. This attack appear to be exploitable via Attacker would only need to know email address of the victim on most cases.. This vulnerability appears to have been fixed in 3.8.1. | |||||
CVE-2018-0982 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2019-10-02 | 6.9 MEDIUM | 7.0 HIGH |
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | |||||
CVE-2018-0752 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Server 2012 and 1 more | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0751. | |||||
CVE-2018-0422 | 2 Cisco, Microsoft | 6 Webex Business Suite 31, Webex Business Suite 32, Webex Business Suite 33 and 3 more | 2019-10-02 | 6.9 MEDIUM | 7.3 HIGH |
A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user's own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur. | |||||
CVE-2017-9958 | 1 Schneider-electric | 1 U.motion Builder | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attacker to execute arbitrary code under the context of root. | |||||
CVE-2017-9792 | 1 Apache | 1 Impala | 2019-10-02 | 4.0 MEDIUM | 6.5 MEDIUM |
In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables. This violates and works around the authorization requirement that creating a Kudu external table via Impala requires an "ALL" privilege at the server scope. This privilege requirement for "CREATE" commands is enforced to precisely avoid this scenario where a malicious user can change the underlying Kudu table mapping. The fix is to enforce the same privilege requirement for "ALTER" commands that would make existing non-external Kudu tables external. | |||||
CVE-2017-9780 | 2 Debian, Flatpak | 2 Debian Linux, Flatpak | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root. | |||||
CVE-2017-9615 | 1 Cognito | 1 Moneyworks | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file. | |||||
CVE-2017-9606 | 1 Infotecs | 2 Vipnet Client, Vipnet Coordinator | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks. | |||||
CVE-2017-9514 | 1 Atlassian | 1 Bamboo | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java code of their choice on systems that have vulnerable versions of Bamboo. | |||||
CVE-2017-9494 | 1 Motorola | 2 Mx011anm, Mx011anm Firmware | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | |||||
CVE-2017-9479 | 1 Cisco | 2 Dpc3939, Dpc3939 Firmware | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem. | |||||
CVE-2017-9482 | 1 Cisco | 2 Dpc3939, Dpc3939 Firmware | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain root access to the Network Processor (NP) Linux system by enabling a TELNET daemon (through CVE-2017-9479 exploitation) and then establishing a TELNET session. | |||||
CVE-2017-9136 | 1 Mimosa | 2 Backhaul Radios, Client Radios | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface, there is a page that allows an attacker to use an unsanitized GET parameter to download files from the device as the root user. The attacker can download any file from the device's filesystem. This can be used to view unsalted, MD5-hashed administrator passwords, which can then be cracked, giving the attacker full admin access to the device's web interface. This vulnerability can also be used to view the plaintext pre-shared key (PSK) for encrypted wireless connections, or to view the device's serial number (which allows an attacker to factory reset the device). | |||||
CVE-2017-8858 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | |||||
CVE-2017-8857 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | |||||
CVE-2017-8856 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | |||||
CVE-2017-8391 | 3 Ca, Linux, Microsoft | 3 Client Automation, Linux Kernel, Windows | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation. |