CWE:
 

Topic
Date
Author
Med.
Scala 2.x Privilege Escalation
15.11.2017
Jason Zaugg
Med.
IKARUS AntiVirus 2.16.7 Privilege Escalation
14.11.2017
Parvez Anwar
Med.
Linux Kernel 4.13 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
08.11.2017
Chris Salls
Med.
Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
08.11.2017
Chris Salls
Med.
Splunk 6.6.x Local Privilege Escalation
04.11.2017
Hank Leininger
Med.
Vir.IT eXplorer Anti-Virus Privilege Escalation
03.11.2017
Parvez Anwa
Med.
MitraStar DSL-100HN-T1/GPT-2541GNAC Privilege Escalation
01.11.2017
j0lama
Med.
Bomgar Remote Support Local Privilege Escalation
27.10.2017
Robert Wessen
High
osTicket 1.10.1 Shell Upload
25.10.2017
Rajwinder Singh*
Med.
Sophos UTM 9 loginuser Privilege Escalation Via Insecure Directory Permissions
25.10.2017
Matt Bergin
Med.
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
25.10.2017
Matt Bergin
High
Hashicorp vagrant-vmware-fusion 4.0.24 Local Root Privilege Escalation
22.10.2017
Anonymous
Med.
Tomcat Remote Code Execution via JSP Upload Bypass
19.10.2017
peewpw
High
Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection
18.10.2017
SEC Consult
Med.
Opentext Documentum Content Server File Hijack / Privilege Escalation
15.10.2017
Andrey B. Panfilov
High
Opentext Documentum Content Server Privilege Escalation
15.10.2017
Andrey B. Panfilov
High
Tomcat JSP Upload Bypass Remote Code Execution
12.10.2017
peewpw
High
Apache Tomcat Upload Bypass / Remote Code Execution
11.10.2017
intx0x80
Med.
Unitrends UEB 9.1 Privilege Escalation
06.10.2017
Multiple
High
Apache Tomcat JSP Upload Bypass / Remote Code Execution
05.10.2017
xxlegend
High
phpCollab 2.5.1 Arbitrary File Upload
03.10.2017
Sysdream
High
Ingenious School Management System 2.3.0 Arbitrary File Upload
01.10.2017
Ihsan Sencan
High
iStock Management System 1.0 Arbitrary File Upload
01.10.2017
Ihsan Sencan
High
PhpCollab 2.5.1 Shell Upload
30.09.2017
SYSDREAM
Med.
UCOPIA Wireless Appliance Privilege Escalation
30.09.2017
SYSDREAM
High
AMC Master Arbitrary File Upload
28.09.2017
Ihsan Sencan
High
Claydip Airbnb Clone 1.0 Arbitrary File Upload
25.09.2017
Ihsan Sencan
High
DlxSpot Shell Upload
21.09.2017
Simon Brannstrom
Med.
Netdecision 5.8.2 Local Privilege Escalation
18.09.2017
Peter Baris
Med.
D-Link DIR8xx Router Firmware Upload
15.09.2017
embedi
High
Aerohive Networks HiveManager Remote Shell Upload
10.09.2017
Sandro Zaccarini
High
Jungo DriverWizard WinDriver Kernel Out-of-Bounds Write Privilege Escalation
06.09.2017
Steven Seeley
Med.
Lotus Notes Diagnostic Tool 8.5 / 9.0 Privilege Escalation
05.09.2017
ParagonSec
Med.
TeraCopyService 3.1 Unquoted Service Path Privilege Escalation
05.09.2017
Rithwik Jayasimha
Med.
NethServer 7.3.1611 Upload.json CSRF Script Insertion
29.08.2017
Gjoko 'LiquidWorm' Krs...
Low
Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation
23.08.2017
Gjoko 'LiquidWorm' Krs...
High
Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution
23.08.2017
Gjoko 'LiquidWorm' Krs...
Med.
QNAPQsyncClientWindows 4.2.1.0602 Privilege Escalation
23.08.2017
Stefan Kanthak
High
DeWorkshop 1.0 - Arbitrary File Upload
20.08.2017
Ihsan Sencan
Med.
Xamarin Studio For Mac 6.2.1 (Build 3) / 6.3 (Build 863) Privilege Escalation
16.08.2017
Yorick Koster
Med.
Microsoft Windows 7 SP1 x86 GDI Palette Objects Local Privilege Escalation (MS17-017)
08.08.2017
Saif
Med.
VirtualBox 5.1.22 Windows Process DLL UNC Path Signature Bypass Privilege Escalation
04.08.2017
Google Security Resear...
Med.
VirtualBox 5.1.22 Windows Process DLL Signature Bypass Privilege Escalation
04.08.2017
Google Security Resear...
Med.
Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation
03.08.2017
Mark Wadham
High
Advantech SUSIAccess 3.0 File Upload
02.08.2017
james fitts
High
WordPress Logosware Suite Uploader 1.1.6 File Upload
01.08.2017
Anonymous
Med.
Hashicorp vagrant-vmware-fusion 4.0.20 Privilege Escalation
19.07.2017
Mark Wadham
High
DotCMS 4.1.1 Shell Upload
19.07.2017
M3@pandas
Med.
Microsoft Windows COM Session Moniker Privilege Escalation
14.07.2017
forshaw
Med.
Dasan Networks GPON ONT WiFi Router H64X Series - Privilege Escalation
14.07.2017
Gjoko 'LiquidWorm' Krs...
Med.
Schneider Electric Pelco VideoXpert Privilege Escalation
11.07.2017
Gjoko 'LiquidWorm' Krs...
Med.
Microsoft .NET Privilege Escalation
08.07.2017
Stefan Kanthak
High
ActiveMQ < 5.14.0 web shell upload
30.06.2017
Ian
High
KBVault MySQL 0.16a Arbitrary File Upload
16.06.2017
Fatih Emiral
Med.
Sudo get_process_ttyname() Privilege Escalation
16.06.2017
Qualys
High
Avast aswSnx.sys Kernel Driver 11.1.2253 - Memory Corruption Privilege Escalation
16.06.2017
bee13oy
Med.
Invision Power Board 4.1.19.2 XSS / CSRF / File Upload / Disclosure
15.06.2017
insecurity
Med.
Net Monitor For Employees Pro Privilege Escalation
09.06.2017
Saeid Atabaki
High
Craft CMS 2.6 Cross Site Scripting / File Upload
08.06.2017
Ahsan Tahir
Med.
DC/OS Marathon UI Docker Privilege Escalation
07.06.2017
Erik
High
Perch CMS 3.0.3 Cross Site Scripting / File Upload
07.06.2017
Vulnerability Lab
Med.
BIND 9.10.5 Unquoted Service Path Privilege Escalation
06.06.2017
hyp3rlinx
Low
Joomla 3.x Proof Of Concept Shell Upload
01.06.2017
c
Med.
Acunetix Web Vulnerability Scanner 11 Privilege Escalation
31.05.2017
Florian Bogner
Low
Concrete5 Proof Of Concept Shell Upload
31.05.2017
c
Low
DokuWiki Proof Of Concept Shell Upload
31.05.2017
c
Med.
KDE 4/5 KAuth Privilege Escalation
24.05.2017
Sebastian Krahmer
High
InvoicePlane 1.4.10 File Upload / Cross Site Scripting
24.05.2017
Jasveer Singh
Med.
VMWare Workstation On Linux Privilege Escalation
23.05.2017
jannh
Med.
HP SimplePass 8.x Local Privilege Escalation
23.05.2017
Rehan Ahmed
High
BuilderEngine Arbitrary File Upload / Execution
17.05.2017
Marco Rivoli
High
Linux Kernel 3.x usb-midi Local Privilege Escalation
14.05.2017
Andrey Konovalov
Med.
Hola VPN 1.34 Privilege Escalation
04.05.2017
Vulnerability Lab
Med.
Serviio PRO 1.8 DLNA Media Streaming Server Local Privilege Escalation
04.05.2017
Gjoko 'LiquidWorm' Krs...
High
Super File Explorer 1.0.1 Arbitrary File Upload
04.05.2017
Vulnerability Lab
Med.
Icecream 4.53 / Pro Privilege Escalation
04.05.2017
Vulnerability Lab
High
Easy File Uploader Remote Shell Upload
28.04.2017
Daniel Godoy
High
Simple File Uploader Arbitrary File Download
28.04.2017
Daniel Godoy
Med.
Portrait Display SDK Service Privilege Escalation
27.04.2017
W. Schober
Med.
Dell Customer Connect 1.3.28.0 Privilege Escalation
25.04.2017
Kacper Szurek
Med.
Microsoft Windows Dolby Audio X2 Service Privilege Escalation
25.04.2017
forshaw
Med.
Solarwinds LEM 6.3.1 Sudo Privilege Escalation
25.04.2017
Hank Leininger and Mat...
Med.
Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation
25.04.2017
Hank Leininger and Mat...
High
October CMS 1.0.412 Code Execution / Shell Upload
21.04.2017
Anti RA$?is
High
Trend Micro TDA 2.6.1062r1 dlp_policy_upload.cgi Remote Code Execution
20.04.2017
Steven Seeley
High
Trend Micro TDA 2.6.1062r1 hotfix_upload.cgi Remote Code Execution
20.04.2017
Steven Seeley
Med.
VirtualBox Unprivilege Host User To Host Kernel Privilege Escalation
19.04.2017
jannh
Med.
Microsoft Windows taskschd.msc Privilege Escalation
19.04.2017
Todor Donev
Med.
TOVA 8 Unquoted Service Path Privilege Escalation
18.04.2017
Rithwik Jayasimha
Med.
Linux Kernel 4.8.0 udev 232 Privilege Escalation
15.04.2017
Nassim Asrir
Med.
GNS3 Mac OS-X 1.5.2 ubridge Privilege Escalation
14.04.2017
Hacker Fantastic
Med.
PonyOS 4.0 fluttershy LD_LIBRARY_PATH Privilege Escalation
14.04.2017
Hacker Fantastic
Med.
Solaris x86 / SPARC EXTREMEPARR dtappgather Privilege Escalation
13.04.2017
Hacker Fantastic
High
Proxifier 2.18 Privilege Escalation / Code Execution
12.04.2017
Mark Wadham
High
Nuxeo Platform 6.x / 7.x Shell Upload
24.03.2017
SYSDREAM Labs
High
Solar-Log CSRF / Information Disclosure / DoS / File Upload
22.03.2017
T. Weber
Med.
DIGISOL DG-HR1400 1.00.02 Privilege Escalation
21.03.2017
Indrajith.A.N
Med.
WordPress Multiple Plugin File Upload
21.03.2017
Munir Njirun
High
b2evolution 6.8.8 Shell Upload
15.03.2017
@rungga_reksya, @dvnrc...
High
Global In Shell Upload
13.03.2017
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2017-10-26
High
CVE-2017-15366

Vendor: Ndocsoftware
Software: NDOC
 

 
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required.

 
2017-10-23
Medium
CVE-2017-15379

Vendor: Softwarepublico
Software: E-sic
 

 
An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for the username and password.

 
2017-10-18
Medium
CVE-2017-15590

Vendor: XEN
Software: XEN
 

 
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.

 
2017-10-16
Medium
CVE-2014-7851

Vendor: Ovirt
Software: Ovirt
 

 
oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user.

 
High
CVE-2017-15295

Vendor: SAP
Software: Point of sal...
 

 
Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064.

 
2017-10-13
Medium
CVE-2017-15013

Vendor: Opentext
Software: Documentum c...
 

 
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.

 
Low
CVE-2017-15014

Vendor: Opentext
Software: Documentum c...
 

 
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authenticated user uploads content to the repository, he performs the following steps: (1) calls the START_PUSH RPC-command; (2) uploads the file to the content server; (3) calls the END_PUSH_V2 RPC-command (here, Content Server returns a DATA_TICKET integer, intended to identify the location of the uploaded file on the Content Server filesystem); (4) creates a dmr_content object in the repository, which has a value of data_ticket equal to the value of DATA_TICKET returned at the end of END_PUSH_V2 call. As the result of this design, any authenticated user may create his own dmr_content object, pointing to already existing content in the Content Server filesystem.

 
2017-10-10
Medium
CVE-2017-15235

Vendor: Horde
Software: Groupware
 

 
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.

 
Medium
CVE-2017-5701

Vendor: Intel
Software: Nuc7i3bnh fi...
 

 
Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.

 
Medium
CVE-2017-5722

Vendor: Intel
Software: Nuc7i3bnh fi...
 

 
Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top