Filtered by CWE-668
Filtered by vendor Subscriptions
Total 648 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-16597 1 Netgain-systems 1 Enterprise Manager 2024-11-21 N/A
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5137.
CVE-2017-16593 1 Netgain-systems 1 Enterprise Manager 2024-11-21 N/A
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.restore.del_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filenames parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete any files accessible to the Administrator user. Was ZDI-CAN-5104.
CVE-2017-15592 1 Xen 1 Xen 2024-11-21 N/A
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
CVE-2017-15393 3 Debian, Google, Redhat 3 Debian Linux, Chrome, Rhel Extras 2024-11-21 N/A
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
CVE-2017-12576 1 Planex 2 Cs-qr20, Cs-qr20 Firmware 2024-11-21 N/A
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command.
CVE-2017-12363 1 Cisco 1 Webex Meetings Server 2024-11-21 N/A
A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings. An attacker could exploit this vulnerability by modifying the welcome message to a meeting. A successful exploit could allow the attacker to modify the welcome message of any known meeting. Cisco Bug IDs: CSCvf68695.
CVE-2017-12351 1 Cisco 1 Nx-os 2024-11-21 N/A
A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due to insufficient internal security measures in the guest shell feature. An attacker could exploit this vulnerability by sending or receiving packets on the device-internal network outside of the guest shell container, aka "Unauthorized Internal Interface Access." This vulnerability affects the following products running Cisco NX-OS System Software: Nexus 3000 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvf33038.
CVE-2017-12342 1 Cisco 1 Nx-os 2024-11-21 N/A
A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could exploit this vulnerability by crafting specific packets for communication on the device-internal network. A successful exploit could allow the attacker to run code on the underlying host operating system. OAC is not enabled by default. For a device to be vulnerable, an administrator would need to install and activate this feature. This vulnerability affects the following Cisco Nexus Series Switches: Nexus 2000 Series Fabric Extenders, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. Cisco Bug IDs: CSCve53542, CSCvf36621.
CVE-2017-12249 1 Cisco 1 Meeting Server 2024-11-21 N/A
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability is due to an incorrect default configuration of the TURN server, which could expose internal interfaces and ports on the external interface of an affected system. An attacker could exploit this vulnerability by using a TURN server to perform an unauthorized connection to a Call Bridge, a Web Bridge, or a database cluster in an affected system, depending on the deployment model and CMS services in use. A successful exploit could allow the attacker to gain unauthenticated access to a Call Bridge or database cluster in an affected system or gain unauthorized access to sensitive meeting information in an affected system. To exploit this vulnerability, the attacker must have valid credentials for the TURN server of the affected system. This vulnerability affects Cisco Meeting Server (CMS) deployments that are running a CMS Software release prior to Release 2.0.16, 2.1.11, or 2.2.6. Cisco Bug IDs: CSCvf51127.
CVE-2017-11382 1 Trendmicro 1 Deep Discovery Email Inspector 2024-11-21 N/A
Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. Formerly ZDI-CAN-4350.
CVE-2017-0367 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2024-11-21 N/A
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.
CVE-2017-0215 1 Microsoft 2 Windows 10, Windows Server 2016 2024-11-21 N/A
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219.
CVE-2016-5787 1 Ge 1 Cimplicity 2024-11-21 6.3 Medium
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
CVE-2016-5334 1 Vmware 2 Identity Manager, Vrealize Automation 2024-11-21 5.3 Medium
VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.
CVE-2016-11010 1 Usabilitydynamics 1 Wp-invoice 2024-11-21 5.3 Medium
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.
CVE-2016-11009 1 Usabilitydynamics 1 Wp-invoice 2024-11-21 5.3 Medium
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.
CVE-2016-11008 1 Usabilitydynamics 1 Wp-invoice 2024-11-21 5.3 Medium
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
CVE-2016-11007 1 Usabilitydynamics 1 Wp-invoice 2024-11-21 5.3 Medium
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
CVE-2016-11006 1 Usabilitydynamics 1 Wp-invoice 2024-11-21 5.3 Medium
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
CVE-2016-10840 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).