Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11594 | 1 Loomio | 1 Loomio | 2017-08-08 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment. | |||||
| CVE-2017-6746 | 1 Cisco | 1 Web Security Appliance | 2017-08-08 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. Affected Products: Cisco AsyncOS Software 10.0 and later for WSA on both virtual and hardware appliances. More Information: CSCvd88862. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-235. | |||||
| CVE-2014-9830 | 1 Imagemagick | 1 Imagemagick | 2017-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file. | |||||
| CVE-2014-9831 | 1 Imagemagick | 1 Imagemagick | 2017-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file. | |||||
| CVE-2014-9827 | 1 Imagemagick | 1 Imagemagick | 2017-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | |||||
| CVE-2014-9828 | 1 Imagemagick | 1 Imagemagick | 2017-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. | |||||
| CVE-2017-6257 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Kernel, Windows and 2 more | 2017-08-08 | 7.2 HIGH | 8.8 HIGH |
| NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges | |||||
| CVE-2017-6259 | 4 Freebsd, Linux, Nvidia and 1 more | 4 Freebsd, Kernel, Gpu Driver and 1 more | 2017-08-08 | 7.1 HIGH | 6.1 MEDIUM |
| NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service. | |||||
| CVE-2017-12200 | 1 Etoilewebdesign | 1 Ultimate Product Catalog | 2017-08-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component. | |||||
| CVE-2016-0907 | 1 Emc | 2 Isilon Onefs, Isilonsd Edge Onefs | 2017-08-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115. | |||||
| CVE-2017-6260 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2017-08-08 | 4.9 MEDIUM | 6.5 MEDIUM |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service. | |||||
| CVE-2017-7947 | 1 Netapp | 1 Clustered Data Ontap | 2017-08-08 | 5.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line. | |||||
| CVE-2015-5191 | 2 Linux, Vmware | 2 Linux Kernel, Tools | 2017-08-08 | 3.7 LOW | 6.7 MEDIUM |
| VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | |||||
| CVE-2017-9475 | 1 Comcast | 1 Xfinity Wifi Hotspot | 2017-08-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to spoof the identities of Comcast customers via a forged MAC address. | |||||
| CVE-2017-9490 | 2 Arris, Cisco | 4 Tg1682g, Tg1682g Firmware, Dpc3939b and 1 more | 2017-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF. | |||||
| CVE-2008-4935 | 1 Amiga | 1 Aview | 2017-08-07 | 6.9 MEDIUM | N/A |
| asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file. | |||||
| CVE-2008-4936 | 1 Gert Doering | 1 Mgetty | 2017-08-07 | 6.9 MEDIUM | N/A |
| faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file. | |||||
| CVE-2008-4937 | 1 Openoffice | 1 Openoffice.org | 2017-08-07 | 2.6 LOW | N/A |
| senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file. | |||||
| CVE-2008-4938 | 1 Aegis | 2 Aegis, Aegis-web | 2017-08-07 | 6.9 MEDIUM | N/A |
| aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts. | |||||
| CVE-2008-4939 | 1 Apertium | 1 Apertium | 2017-08-07 | 6.9 MEDIUM | N/A |
| apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | |||||