Security Vulnerabilities - CVEs Published In 2017
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
CVSS Score
5.5
EPSS Score
0.048
Published
2017-11-27
Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device to receive only specific data (one direction, no transmit) and therefore it was not involved in any instance of collecting user privacy data or allowing remote code execution.
CVSS Score
6.5
EPSS Score
0.023
Published
2017-11-27
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-11-27
A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was introduced in version 2.2.0 of Hipchat Server and version 3.0.0 of Hipchat Data Center. Versions of Hipchat Server starting with 2.2.0 and before 2.2.6 are affected by this vulnerability. Versions of Hipchat Data Center starting with 3.0.0 and before 3.1.0 are affected.
CVSS Score
7.2
EPSS Score
0.018
Published
2017-11-27
The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at or above version 4.0 and before version 4.30 are affected by this vulnerability.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-11-27
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
CVSS Score
8.1
EPSS Score
0.007
Published
2017-11-27
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-11-27
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-11-27
GitPHP by xiphux is vulnerable to OS Command Injections
CVSS Score
9.8
EPSS Score
0.072
Published
2017-11-27
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
CVSS Score
9.8
EPSS Score
0.01
Published
2017-11-27