CWE-417
6 CVEs classified under CWE-417. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1000197 | Critical | 9.8 | 2017-11-17 | October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server. |
CVE-2017-7480 | Critical | 9.8 | 2017-07-21 | rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution. |
CVE-2017-6520 | Critical | 9.1 | 2017-05-01 | The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, whi… |
CVE-2016-9879 | High | 7.5 | 2017-01-06 | An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parame… |
CVE-2017-2712 | Medium | 5.3 | 2017-11-22 | S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may… |
CVE-2017-8822 | Low | 3.7 | 2017-12-03 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incomple… |