Exploit Intelligence Platform

CVE-2017-11232 6.5 MEDIUM EPSS 0.12

Adobe Acrobat < 11.0.20 - Information Disclosure

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.

CWE-200 Aug 11, 2017

CVE-2017-11230 6.5 MEDIUM EPSS 0.13

Adobe Acrobat < 11.0.20 - Memory Corruption

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution.

CWE-119 Aug 11, 2017

CVE-2017-11217 6.5 MEDIUM EPSS 0.12

Adobe Acrobat < 11.0.20 - Memory Corruption

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution.

CWE-119 Aug 11, 2017

CVE-2017-11210 6.5 MEDIUM EPSS 0.12

Adobe Acrobat < 11.0.20 - Memory Corruption

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.

CWE-119 Aug 11, 2017

CVE-2017-11209 6.5 MEDIUM EPSS 0.12

Adobe Acrobat < 11.0.20 - Memory Corruption

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.

CWE-119 Aug 11, 2017

CVE-2017-11148 6.5 MEDIUM EPSS 0.00

Synology Chat < 1.0.2-0159 - SSRF

Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.

CWE-918 Aug 11, 2017

CVE-2017-8269 5.5 MEDIUM EPSS 0.00

Google Android - Information Disclosure

Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory.

CWE-200 Aug 11, 2017

CVE-2017-8258 5.5 MEDIUM EPSS 0.00

Google Android - Information Disclosure

An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver.

CWE-125 Aug 11, 2017

CVE-2017-7674 4.3 MEDIUM EPSS 0.06

Apache Tomcat <9.0.0.M21,8.5.15,8.0.44,7.0.78 - Info Disclosure

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.

CWE-345 Aug 11, 2017

CVE-2017-7737 4.9 MEDIUM EPSS 0.00

Fortinet FortiWeb <5.8.2 - Info Disclosure

An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-in admin user to view SNMPv3 user password in cleartext in webui via the HTML source code.

CWE-552 Aug 10, 2017

CVE-2017-12798 6.1 MEDIUM EPSS 0.00

Nexusphp - XSS

Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the q parameter to searchsuggest.php.

CWE-79 Aug 10, 2017

CVE-2016-6812 6.1 MEDIUM 1 PoC Analysis EPSS 0.09

Apache Cxf < 3.0.11 - XSS

The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.

CWE-79 Aug 10, 2017

CVE-2016-6794 5.3 MEDIUM EPSS 0.00

Apache Tomcat <9.0.0.M10, <8.5.5, <8.0.37, <7.0.71, <6.0.46 - Info ...

When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.

Aug 10, 2017

CVE-2016-0762 5.9 MEDIUM EPSS 0.01

Apache Tomcat <9.0.0.M10, <8.5.5, <8.0.37, <7.0.71, <6.0.46 - Info ...

The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.

CWE-203 Aug 10, 2017

CVE-2017-1431 5.4 MEDIUM EPSS 0.00

IBM Infosphere Streams - XSS

IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632.

CWE-79 Aug 10, 2017

CVE-2017-1377 4.3 MEDIUM EPSS 0.00

IBM Runbook Automation - Info Disclosure

IBM Runbook Automation reveals sensitive information in error messages that could be used in further attacks against the system. IBM X-Force ID: 126874.

CWE-200 Aug 10, 2017

CVE-2017-1168 5.4 MEDIUM EPSS 0.00

IBM Rational Engineering Lifecycle Manager <6.0 - XSS

IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123187.

CWE-79 Aug 10, 2017

CVE-2014-0146 5.5 MEDIUM EPSS 0.00

QEMU <1.7.2, <2.0.0 - DoS

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

CWE-476 Aug 10, 2017

CVE-2014-0142 5.5 MEDIUM EPSS 0.00

QEMU <2.0.0 - DoS

QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.

CWE-369 Aug 10, 2017

CVE-2017-3753 6.8 MEDIUM EPSS 0.00

Lenovo UEFI - Privilege Escalation

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

CWE-94 Aug 10, 2017

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps