Search Results (1501 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17090 1 Digium 2 Asterisk, Certified Asterisk 2025-04-20 N/A
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
CVE-2017-1000028 1 Oracle 1 Glassfish Server 2025-04-20 N/A
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
CVE-2017-14493 5 Canonical, Debian, Opensuse and 2 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2025-04-20 N/A
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVE-2015-2857 1 Accellion 1 File Transfer Appliance 2025-04-20 9.8 Critical
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.
CVE-2017-1001000 1 Wordpress 1 Wordpress 2025-04-20 N/A
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI.
CVE-2017-0038 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2025-04-20 N/A
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220.
CVE-2017-17411 1 Linksys 2 Wvbr0, Wvbr0 Firmware 2025-04-20 N/A
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
CVE-2016-9299 2 Fedoraproject, Jenkins 2 Fedora, Jenkins 2025-04-20 N/A
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
CVE-2017-9769 1 Razer 1 Synapse 2025-04-20 9.8 Critical
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
CVE-2016-10372 1 Eir 2 D1000 Modem, D1000 Modem Firmware 2025-04-20 N/A
The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature.
CVE-2015-7871 3 Debian, Netapp, Ntp 7 Debian Linux, Clustered Data Ontap, Data Ontap and 4 more 2025-04-20 9.8 Critical
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2017-5645 4 Apache, Netapp, Oracle and 1 more 86 Log4j, Oncommand Api Services, Oncommand Insight and 83 more 2025-04-20 9.8 Critical
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2016-6603 1 Zohocorp 1 Webnms Framework 2025-04-20 N/A
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
CVE-2017-9100 1 Dlink 2 Dir-600m, Dir-600m Firmware 2025-04-20 8.8 High
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
CVE-2017-12611 1 Apache 1 Struts 2025-04-20 N/A
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
CVE-2017-9828 1 Vivotek 6 Network Camera Fd8164, Network Camera Fd8164 Firmware, Network Camera Fd816ba and 3 more 2025-04-20 N/A
'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera IB8369/FD8164/FD816BA; most others have similar firmware that may be affected. An attack uses shell metacharacters in the senderemail parameter.
CVE-2017-8917 1 Joomla 1 Joomla\! 2025-04-20 N/A
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-14495 5 Canonical, Debian, Novell and 2 more 8 Ubuntu Linux, Debian Linux, Leap and 5 more 2025-04-20 N/A
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
CVE-2017-6090 1 Phpcollab 1 Phpcollab 2025-04-20 N/A
Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/.
CVE-2017-7615 1 Mantisbt 1 Mantisbt 2025-04-20 8.8 High
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.