Total
803 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17534 | 1 Mensis Project | 1 Mensis | 2017-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521. | |||||
| CVE-2017-17523 | 1 Lilypond | 1 Lilypond | 2017-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument. | |||||
| CVE-2017-17528 | 1 Scummvm | 1 Scummvm | 2017-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-17529 | 1 Abisource | 1 Abiword | 2017-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-17532 | 1 Kiwi Project | 1 Kiwi | 2017-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-17525 | 1 Xtuple | 1 Postbooks | 2017-12-28 | 6.8 MEDIUM | 8.8 HIGH |
| guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-17524 | 1 Swi-prolog | 1 Swi-prolog | 2017-12-28 | 6.8 MEDIUM | 8.8 HIGH |
| library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-17522 | 1 Python | 1 Python | 2017-12-28 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting. | |||||
| CVE-2017-17520 | 1 Debian | 1 Tin | 2017-12-28 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs." | |||||
| CVE-2017-17526 | 1 Giac Project | 1 Giac | 2017-12-28 | 6.8 MEDIUM | 8.8 HIGH |
| Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2017-8809 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability. | |||||
| CVE-2015-5227 | 1 Inboundnow | 1 Wordpress Landing Pages | 2017-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter. | |||||
| CVE-2017-5636 | 1 Apache | 1 Nifi | 2017-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node. | |||||
| CVE-2014-8910 | 1 Ibm | 1 Db2 | 2017-09-21 | 4.0 MEDIUM | N/A |
| IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT function in a SELECT statement. | |||||
| CVE-2017-14397 | 2 Anydesk, Microsoft | 2 Anydesk, Windows | 2017-09-19 | 7.5 HIGH | 9.8 CRITICAL |
| AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. | |||||
| CVE-2014-7287 | 1 Symantec | 2 Encryption Management Server, Pgp Universal Server | 2017-09-07 | 5.0 MEDIUM | N/A |
| The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header. | |||||
| CVE-2016-4010 | 1 Magento | 1 Magento | 2017-09-06 | 7.5 HIGH | 9.8 CRITICAL |
| Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data. | |||||
| CVE-2016-2980 | 1 Ibm | 1 Sametime | 2017-09-02 | 6.8 MEDIUM | 6.3 MEDIUM |
| The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993. | |||||
| CVE-2017-9861 | 1 Sma | 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more | 2017-08-21 | 9.0 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, and man in the middle attacks. An attacker is able to successfully use SIP to communicate with the device from anywhere within the LAN. An attacker may use this to crash the device, stop it from communicating with the SMA servers, exploit known SIP vulnerabilities, or find sensitive information from the SIP communications. Furthermore, because the SIP communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. For example, passwords can be extracted. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected. | |||||
| CVE-2017-0154 | 1 Microsoft | 3 Internet Explorer, Windows 10, Windows Server 2016 | 2017-07-11 | 5.8 MEDIUM | 4.4 MEDIUM |
| Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of Privilege Vulnerability." | |||||