Unknown · CVSS Not scored
Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
Published Nov 27, 2020 · Updated Jul 9, 2026
Unknown · CVSS Not scored
Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.
Published Nov 27, 2020 · Updated Jul 9, 2026
Unknown · CVSS Not scored
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
Published Nov 27, 2020 · Updated Jul 9, 2026
Unknown · CVSS Not scored
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
Published Nov 27, 2020 · Updated Jul 9, 2026
Unknown · CVSS Not scored
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.
Published Nov 27, 2020 · Updated Jul 9, 2026
Unknown · CVSS Not scored
In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data.
Published Nov 27, 2020 · Updated Jul 8, 2026
High · CVSS 8.6
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure.
Published Nov 16, 2017 · Updated Jun 2, 2026
Critical · CVSS 9.8
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
Published Nov 29, 2017 · Updated Apr 15, 2026
Critical · CVSS 9.8
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
Published Nov 29, 2017 · Updated Apr 15, 2026
Medium · CVSS 5.9
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.
Published Nov 4, 2017 · Updated Jan 27, 2026
High · CVSS 7.5
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
Published Nov 23, 2017 · Updated Jan 22, 2026
High · CVSS 8.6
UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may cause the control to dereference an attacker-controlled pointer, enabling remote code execution in the context of the hosting process. The vulnerability requires user interaction (instantiation of the ActiveX control via a web page or a file).
Published Nov 12, 2025 · Updated Nov 13, 2025
Critical · CVSS 9.8
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.
Published Nov 11, 2025 · Updated Nov 13, 2025
High · CVSS 7.8 · CISA KEV
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.
Published Nov 9, 2017 · Updated Oct 21, 2025
High · CVSS 7.8 · CISA KEV
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Published Nov 15, 2017 · Updated Oct 21, 2025
Low · CVSS 3.8
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader.
Published Nov 14, 2017 · Updated Aug 26, 2025
Low · CVSS 3.8
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs resources.
Published Nov 14, 2017 · Updated Aug 26, 2025
Low · CVSS 2.6
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.
Published Nov 14, 2017 · Updated Aug 22, 2025
Critical · CVSS 9.6
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take ownership of files on other QNX nodes regardless of permissions by executing commands targeting arbitrary nodes from a secondary QNX 6.6.0 QNet node.
Published Nov 14, 2017 · Updated Aug 22, 2025
Low · CVSS 1.9
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks.
Published Nov 14, 2017 · Updated Jul 22, 2025
High · CVSS 8.8
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
Published Nov 20, 2017 · Updated Jun 9, 2025
Unknown · CVSS Not scored
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, which become permanently stored on the server and execute when a user plays the compromised radio stream. Exploitation of this vulnerability can lead to Session hijacking and unauthorized access, Persistent manipulation of web content within the application, and Phishing or malicious redirects to external domains. This vulnerability can be exploited to manipulate media server behavior in enterprise and home network environments.
Published Nov 9, 2017 · Updated Feb 4, 2025
Unknown · CVSS Not scored
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malicious JavaScript payloads, which are executed when users access the affected functionality. Exploitation of this vulnerability can lead to Session Hijacking and Credential Theft, Execution of unauthorized actions on behalf of users, and Exfiltration of sensitive data. This vulnerability presents a potential risk for widespread exploitation in connected IoT environments.
Published Nov 9, 2017 · Updated Feb 4, 2025
High · CVSS 8.4
In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 27, 2024 · Updated Nov 29, 2024
High · CVSS 8.4
In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 27, 2024 · Updated Nov 29, 2024
High · CVSS 7.5
In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 27, 2024 · Updated Nov 29, 2024
Medium · CVSS 6.5
In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation.
Published Nov 27, 2024 · Updated Nov 29, 2024
Medium · CVSS 6.2
In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 27, 2024 · Updated Nov 29, 2024
High · CVSS 8.4
Information disclosure possible while audio playback.
Published Nov 26, 2024 · Updated Nov 26, 2024
High · CVSS 8.4
Information disclosure due to uninitialized variable.
Published Nov 26, 2024 · Updated Nov 26, 2024
High · CVSS 8.8
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
Published Nov 26, 2024 · Updated Nov 26, 2024
High · CVSS 7.8
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
Published Nov 26, 2024 · Updated Nov 26, 2024
High · CVSS 8.8
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
Published Nov 26, 2024 · Updated Nov 26, 2024
Medium · CVSS 6.8
A race condition exists in a driver potentially leading to a use-after-free condition.
Published Nov 26, 2024 · Updated Nov 26, 2024
Medium · CVSS 6.7
Certain unprivileged processes are able to perform IOCTL calls.
Published Nov 22, 2024 · Updated Nov 22, 2024
High · CVSS 7.8
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 19, 2024 · Updated Nov 20, 2024
Medium · CVSS 5.5
In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 14, 2024 · Updated Nov 20, 2024
High · CVSS 7.8
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 15, 2024 · Updated Nov 19, 2024
High · CVSS 7.8
In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 15, 2024 · Updated Nov 19, 2024
High · CVSS 7.8
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 15, 2024 · Updated Nov 19, 2024
High · CVSS 7.8
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 15, 2024 · Updated Nov 19, 2024
High · CVSS 7.5
In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Published Nov 15, 2024 · Updated Nov 19, 2024
Medium · CVSS 6.2
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Published Nov 15, 2024 · Updated Nov 15, 2024
Unknown · CVSS Not scored
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. The software uses undocumented hard-coded credentials that may allow an attacker to gain remote access.
Published Nov 1, 2017 · Updated Nov 14, 2024
Unknown · CVSS Not scored
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Published Nov 1, 2017 · Updated Nov 14, 2024
Unknown · CVSS Not scored
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.
Published Nov 29, 2017 · Updated Oct 25, 2024
Unknown · CVSS Not scored
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim's browser via sending a maliciously crafted URL to the victim.
Published Nov 13, 2017 · Updated Oct 25, 2024
Unknown · CVSS Not scored
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
Published Nov 22, 2017 · Updated Oct 25, 2024
Unknown · CVSS Not scored
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter.
Published Nov 29, 2017 · Updated Oct 25, 2024
Unknown · CVSS Not scored
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Tuxedo accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Published Nov 14, 2017 · Updated Oct 4, 2024