Security Vulnerabilities - CVEs Published In 2017
The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.
CVSS Score
9.8
EPSS Score
0.016
Published
2017-12-29
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.
CVSS Score
9.8
EPSS Score
0.007
Published
2017-12-29
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-12-29
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
CVSS Score
7.5
EPSS Score
0.024
Published
2017-12-29
Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-29
The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a "broken authentication mechanism."
CVSS Score
7.5
EPSS Score
0.571
Published
2017-12-29
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-12-29
ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (CPU consumption) via a flood of IP packets with a TTL of 1.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-12-29
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
CVSS Score
8.8
EPSS Score
0.006
Published
2017-12-29
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative access by subsequently using the credential information for the Supervisor/Administrator account.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-12-29