Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-74
Total 803 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5799 1 Hp 1 Opencall Media Platform 2018-03-15 6.5 MEDIUM 8.8 HIGH
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
CVE-2018-6289 1 Kaspersky 1 Secure Mail Gateway 2018-02-23 10.0 HIGH 9.8 CRITICAL
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
CVE-2017-18049 1 Silverstripe 1 Silverstripe 2018-02-13 4.3 MEDIUM 5.5 MEDIUM
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.
CVE-2017-15714 1 Apache 1 Ofbiz 2018-01-24 7.5 HIGH 9.8 CRITICAL
The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute.
CVE-2013-4578 1 Oracle 2 Jdk, Jre 2018-01-17 5.0 MEDIUM 5.3 MEDIUM
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.
CVE-2017-1000454 1 Cmsmadesimple 1 Cms Made Simple 2018-01-16 4.6 MEDIUM 7.8 HIGH
CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1
CVE-2017-1000453 1 Cmsmadesimple 1 Cms Made Simple 2018-01-16 7.5 HIGH 9.8 CRITICAL
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
CVE-2016-3695 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2018-01-10 2.1 LOW 5.5 MEDIUM
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
CVE-2017-15313 1 Huawei 1 Smartcare 2018-01-05 6.5 MEDIUM 8.8 HIGH
Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An remote authenticated attacker could inject malicious CSV expression to the affected device.
CVE-2016-7125 1 Php 1 Php 2018-01-04 5.0 MEDIUM 7.5 HIGH
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2017-16680 1 Sap 1 Hana Extend Application Services 2018-01-04 5.0 MEDIUM 7.5 HIGH
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1) Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files could be hindered or misdirected. 2) User Account and Authentication writes audit logs into syslog and additionally writes the same audit entries into a log file. Entries in the log file miss escaping. Hence the interpretation of audit log files could be hindered or misdirected, while the entries in syslog are correct.
CVE-2017-17533 1 Tkabber Project 1 Tkabber 2018-01-03 6.8 MEDIUM 8.8 HIGH
** DISPUTED ** default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot occur because of the argument-parsing behavior of the Tcl exec function.
CVE-2017-17527 2 Debian, Pasdoc Project 2 Debian Linux, Pasdoc 2018-01-03 6.8 MEDIUM 8.8 HIGH
** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code referencing the BROWSER environment variable is never used.
CVE-2017-17515 2 Debian, Ecmwf 2 Debian Linux, Metview 2018-01-03 6.8 MEDIUM 8.8 HIGH
** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this environment variable is not enabled in the shipped product.
CVE-2017-17514 2 Debian, Nip2 Project 2 Debian Linux, Nip2 2018-01-02 6.8 MEDIUM 8.8 HIGH
** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER environment variable.
CVE-2017-17513 1 Tug 1 Tex Live 2018-01-02 6.8 MEDIUM 8.8 HIGH
TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.
CVE-2017-17535 1 Gjots2 Project 1 Gjots2 2017-12-29 6.8 MEDIUM 8.8 HIGH
lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-17519 1 Ocaml Batteries Project 1 Ocaml Batteries 2017-12-29 6.8 MEDIUM 8.8 HIGH
batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-17517 1 Sylpheed Project 1 Sylpheed 2017-12-29 6.8 MEDIUM 8.8 HIGH
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-17516 1 Reddit Terminal Viewer Project 1 Reddit Terminal Viewer 2017-12-29 6.8 MEDIUM 8.8 HIGH
scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.