CVEs from 2017
Total
11,683
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17968 | critical | 9.8 | 10.0 | 9y ago | A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP respons… | |||
| CVE-2017-17932 | critical | 9.8 | 10.0 | 9y ago | A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on th… | |||
| CVE-2017-17411 | critical | 9.8 | 10.0 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exis… | |||
| CVE-2017-17105 | critical | 9.8 | 10.0 | 9y ago | Zivif PR115-204-P-RS V2.3.4.2103 and V4.7.4.2121 (and possibly in-between versions) web cameras are vulnerable to unauthenticated, blind remote command injection via CGI scripts used as part of the w… | |||
| CVE-2017-17560 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is… | |||
| CVE-2017-12635 | critical | 9.8 | 10.0 | 9y ago | multiple issues in couchdb | |||
| CVE-2017-15222 | critical | 9.8 | 10.0 | 9y ago | Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | |||
| CVE-2017-14980 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. | |||
| CVE-2017-14706 | critical | 9.8 | 10.0 | 9y ago | DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken … | |||
| CVE-2017-14143 | critical | 9.8 | 10.0 | 9y ago | The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and cons… | |||
| CVE-2017-13067 | critical | 9.8 | 10.0 | 9y ago | QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerabili… | |||
| CVE-2017-13708 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. | |||
| CVE-2017-12478 | critical | 9.8 | 10.0 | 9y ago | It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw … | |||
| CVE-2017-12477 | critical | 9.8 | 10.0 | 9y ago | It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacke… | |||
| CVE-2017-11394 | critical | 9.8 | 10.0 | 9y ago | Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by par… | |||
| CVE-2017-9769 | critical | 9.8 | 10.0 | 9y ago | A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. | |||
| CVE-2017-11517 | critical | 9.8 | 10.0 | 9y ago | Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. | |||
| CVE-2017-11467 | critical | 9.8 | 10.0 | 9y ago | OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection | |||
| CVE-2017-1000002 | critical | 9.8 | 10.0 | 9y ago | ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vu… | |||
| CVE-2017-6326 | critical | 10.0 | 10.0 | 9y ago | The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machi… | |||
| CVE-2017-9544 | critical | 9.8 | 10.0 | 9y ago | There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering… | |||
| CVE-2017-8835 | critical | 9.8 | 10.0 | 9y ago | SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth coo… | |||
| CVE-2017-9232 | critical | 9.8 | 10.0 | 9y ago | Juju uses a UNIX domain socket without setting appropriate permissions in github.com/juju/juju | |||
| CVE-2017-1092 | critical | 9.8 | 10.0 | 9y ago | IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390. | |||
| CVE-2017-9101 | critical | 9.8 | 10.0 | 9y ago | import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file. | |||
| CVE-2017-8917 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2017-8895 | critical | 9.8 | 10.0 | 9y ago | In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of ser… | |||
| CVE-2017-6553 | critical | 9.8 | 10.0 | 9y ago | Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory … | |||
| CVE-2017-7722 | critical | 10.0 | 10.0 | 9y ago | In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiti… | |||
| CVE-2017-7581 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand f… | |||
| CVE-2017-7230 | critical | 9.8 | 10.0 | 9y ago | A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request. | |||
| CVE-2017-6465 | critical | 9.8 | 10.0 | 9y ago | Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leadin… | |||
| CVE-2017-6526 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi PO… | |||
| CVE-2017-6416 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a … | |||
| CVE-2017-6187 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. | |||
| CVE-2017-5162 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration. | |||
| CVE-2017-3248 | critical | 9.8 | 10.0 | 10y ago | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. … | |||
| CVE-2017-9417 | critical | 9.8 | 9.8 | 9y ago | Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | |||
| CVE-2017-7918 | medium | 6.8 | 7.8 | 9y ago | An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups u… | |||
| CVE-2017-6516 | medium | 6.7 | 7.7 | 9y ago | A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-… | |||
| CVE-2017-1130 | medium | 6.5 | 7.5 | 9y ago | IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and h… | |||
| CVE-2017-1129 | medium | 6.5 | 7.5 | 9y ago | IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 1213… | |||
| CVE-2017-14016 | medium | 6.3 | 7.3 | 9y ago | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying… | |||
| CVE-2017-7896 | medium | 6.1 | 7.1 | 9y ago | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS. | |||
| CVE-2017-12373 | medium | 5.9 | 6.9 | 9y ago | A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive i… | |||
| CVE-2017-17427 | medium | 5.9 | 6.9 | 9y ago | Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed … | |||
| CVE-2017-17382 | medium | 5.9 | 6.9 | 9y ago | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote … | |||
| CVE-2017-13099 | medium | 5.9 | 6.9 | 9y ago | wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL… | |||
| CVE-2017-13098 | medium | 5.9 | 6.9 | 9y ago | Observable Discrepancy in BouncyCastle | |||
| CVE-2017-1000385 | medium | 5.9 | 6.9 | 9y ago | The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priv… | |||
| CVE-2017-14117 | medium | 5.9 | 6.9 | 9y ago | The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows rem… | |||
| CVE-2017-0372 | medium | — | 6.5 | — | Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities. | |||
| CVE-2017-0785 | medium | 6.5 | 6.5 | 9y ago | A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698. | |||
| CVE-2017-2671 | medium | 5.5 | 6.5 | 9y ago | The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which al… | |||
| CVE-2017-9554 | medium | 5.3 | 6.3 | 9y ago | An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. | |||
| CVE-2017-3631 | medium | 5.3 | 6.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privilege… | |||
| CVE-2017-3630 | medium | 5.3 | 6.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low pri… | |||
| CVE-2017-14937 | medium | 4.7 | 5.7 | 9y ago | The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector). This affects the airbag control unit… | |||
| CVE-2017-5930 | low | 2.7 | 3.7 | 9y ago | The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission ch… | |||
| CVE-2017-7921 | unknown | — | 2.5 | 3mo ago | Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information. | |||
| CVE-2017-18368 | unknown | — | 2.5 | 3y ago | Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host param… | |||
| CVE-2017-5521 | unknown | — | 2.5 | 4y ago | Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server. | |||
| CVE-2017-15944 | unknown | — | 2.5 | 4y ago | Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained. | |||
| CVE-2017-0147 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet. | |||
| CVE-2017-12617 | unknown | — | 2.5 | 4y ago | When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the serv… | |||
| CVE-2017-9791 | unknown | — | 2.5 | 4y ago | The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. | |||
| CVE-2017-1000353 | unknown | — | 2.5 | 4y ago | Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would… | |||
| CVE-2017-11317 | unknown | — | 2.5 | 4y ago | Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | |||
| CVE-2017-0148 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets. | |||
| CVE-2017-6334 | unknown | — | 2.5 | 4y ago | dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands | |||
| CVE-2017-3881 | unknown | — | 2.5 | 4y ago | A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected … | |||
| CVE-2017-0146 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution. | |||
| CVE-2017-0144 | unknown | — | 2.5 | 4y ago | The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets. | |||
| CVE-2017-10271 | unknown | — | 2.5 | 4y ago | Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution. | |||
| CVE-2017-0145 | unknown | — | 2.5 | 4y ago | The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets. | |||
| CVE-2017-8464 | unknown | — | 2.5 | 4y ago | Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file | |||
| CVE-2017-5689 | unknown | — | 2.5 | 4y ago | Intel products contain a vulnerability which can allow attackers to perform privilege escalation. | |||
| CVE-2017-12149 | unknown | — | 2.5 | 5y ago | The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data. | |||
| CVE-2017-17562 | unknown | — | 2.5 | 5y ago | Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. | |||
| CVE-2017-11882 | unknown | — | 2.5 | 5y ago | Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user. | |||
| CVE-2017-0143 | unknown | — | 2.5 | 5y ago | Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution. | |||
| CVE-2017-7269 | unknown | — | 2.5 | 5y ago | Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with "If… | |||
| CVE-2017-0199 | unknown | — | 2.5 | 5y ago | Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code execution. | |||
| CVE-2017-1000486 | unknown | — | 2.5 | 5y ago | Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution | |||
| CVE-2017-5638 | unknown | — | 2.5 | 8y ago | Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution. | |||
| CVE-2017-9805 | unknown | — | 2.5 | 8y ago | Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. | |||
| CVE-2017-9822 | unknown | — | 2.5 | 8y ago | DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization. | |||
| CVE-2017-13216 | unknown | — | 1.0 | — | In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged… |