Search Results (2065 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-7703 5 Debian, Netapp, Ntp and 2 more 14 Debian Linux, Clustered Data Ontap, Data Ontap and 11 more 2025-04-20 7.5 High
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
CVE-2017-11422 1 Statamic 1 Statamic 2025-04-20 8.8 High
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc.
CVE-2017-11437 1 Gitlab 1 Gitlab 2025-04-20 N/A
GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.
CVE-2017-11652 1 Razer 1 Synapse 2025-04-20 8.4 High
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.
CVE-2017-11653 1 Razer 1 Synapse 2025-04-20 7.8 High
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file.
CVE-2017-12155 2 Ceph, Redhat 2 Ceph, Openstack 2025-04-20 N/A
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
CVE-2017-1266 1 Ibm 1 Security Guardium 2025-04-20 N/A
IBM Security Guardium 10.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 124741.
CVE-2017-13168 2 Canonical, Google 2 Ubuntu Linux, Android 2025-04-20 N/A
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
CVE-2017-13779 1 Gstn 1 India Goods And Services Tax Network Offline Utility Tool 2025-04-20 7.8 High
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript code. For example, a local user could create VBScript code for a TCP reverse shell, and use that later for Remote Command Execution.
CVE-2017-14312 1 Nagios 1 Nagios Core 2025-04-20 N/A
Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.
CVE-2017-2290 2 Microsoft, Puppet 2 Windows, Mcollective-puppet-agent 2025-04-20 8.8 High
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1.
CVE-2017-3006 2 Adobe, Microsoft 2 Creative Cloud, Windows 2025-04-20 N/A
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
CVE-2017-9479 1 Cisco 2 Dpc3939, Dpc3939 Firmware 2025-04-20 N/A
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem.
CVE-2017-9079 2 Debian, Dropbear Ssh Project 2 Debian Linux, Dropbear Ssh 2025-04-20 N/A
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
CVE-2017-9136 1 Mimosa 2 Backhaul Radios, Client Radios 2025-04-20 N/A
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface, there is a page that allows an attacker to use an unsanitized GET parameter to download files from the device as the root user. The attacker can download any file from the device's filesystem. This can be used to view unsalted, MD5-hashed administrator passwords, which can then be cracked, giving the attacker full admin access to the device's web interface. This vulnerability can also be used to view the plaintext pre-shared key (PSK) for encrypted wireless connections, or to view the device's serial number (which allows an attacker to factory reset the device).
CVE-2017-9615 1 Cognito 1 Moneyworks 2025-04-20 N/A
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.
CVE-2017-9606 1 Infotecs 2 Vipnet Client, Vipnet Coordinator 2025-04-20 N/A
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks.
CVE-2017-9602 1 Kbvault Mysql Project 1 Kbvault Mysql 2025-04-20 9.8 Critical
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and deletion functionality. Through this functionality, a user can upload an ASPX script to Uploads/Documents/ to run any arbitrary code.
CVE-2017-9514 1 Atlassian 1 Bamboo 2025-04-20 N/A
Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java code of their choice on systems that have vulnerable versions of Bamboo.
CVE-2017-9494 1 Motorola 2 Mx011anm, Mx011anm Firmware 2025-04-20 N/A
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet.