| CVE-2017-9427 | SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is visible at admin/dashboard/vitals-statistics/integrity/check/?external=true. | high |
| CVE-2017-9424 | IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization. | critical |
| CVE-2017-9420 | Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter. | medium |
| CVE-2017-9419 | Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter. | medium |
| CVE-2017-9418 | SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php. | high |
| CVE-2017-9417 | Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | critical |
| CVE-2017-9416 | Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service. | medium |
| CVE-2017-9415 | Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view. | high |
| CVE-2017-9413 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via the urlRedirectCustomUrl parameter to networkSettings.view. NOTE: These vulnerabilities can be exploited to conduct server-side request forgery (SSRF) attacks. | high |
| CVE-2017-9412 | The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file. | medium |
| CVE-2017-9409 | In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file. | medium |
| CVE-2017-9408 | In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file. | medium |
| CVE-2017-9407 | In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | medium |
| CVE-2017-9406 | In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file. | medium |
| CVE-2017-9405 | In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. | medium |
| CVE-2017-9404 | In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file. | medium |
| CVE-2017-9403 | In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file. | medium |
| CVE-2017-9394 | A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute script in the context of another user. | medium |
| CVE-2017-9393 | CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. | critical |
| CVE-2017-9380 | OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application. | high |
| CVE-2017-9379 | Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to core\admin\modules\dashboard\vitals-statistics\404\create-301.php. | high |
| CVE-2017-9378 | BigTree CMS through 4.2.18 does not prevent a user from deleting their own account. This could have security relevance because deletion was supposed to be an admin-only action, and the admin may have other tasks (such as data backups) to complete before a user is deleted. | medium |
| CVE-2017-9377 | A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device. | high |
| CVE-2017-9375 | QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing. | medium |
| CVE-2017-9374 | Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device. | medium |
| CVE-2017-9373 | Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. | medium |
| CVE-2017-9372 | PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter. | high |
| CVE-2017-9371 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation. | medium |
| CVE-2017-9370 | An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server. | high |
| CVE-2017-9369 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader. | medium |
| CVE-2017-9368 | An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. | high |
| CVE-2017-9367 | A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request. | critical |
| CVE-2017-9366 | Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Base/Dashboard/Dashboard_0.php, which allows remote attackers to inject arbitrary web script or HTML via a crafted tab_name parameter. | medium |
| CVE-2017-9365 | CSRF exists in BigTree CMS through 4.2.18 with the force parameter to /admin/pages/revisions.php - for example: /admin/pages/revisions/1/?force=false. A page with id=1 can be unlocked. | high |
| CVE-2017-9364 | Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code. | critical |
| CVE-2017-9363 | Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request. | critical |
| CVE-2017-9361 | WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php. | medium |
| CVE-2017-9360 | WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php. | critical |
| CVE-2017-9359 | The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. | high |
| CVE-2017-9358 | A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop). | high |
| CVE-2017-9356 | Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI. | medium |
| CVE-2017-9355 | XML external entity (XXE) vulnerability in the import playlist feature in Subsonic 6.1.1 might allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted XSPF playlist file. | high |
| CVE-2017-9354 | In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address. | high |
| CVE-2017-9353 | In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address. | high |
| CVE-2017-9352 | In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur. | high |
| CVE-2017-9351 | In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully. | high |
| CVE-2017-9350 | In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length. | high |
| CVE-2017-9349 | In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. | high |
| CVE-2017-9348 | In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value. | high |
| CVE-2017-9347 | In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. | high |
