CVEs from 2017
Total
11,713
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17951 | critical | 9.8 | 9.8 | 9y ago | PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter. | |||
| CVE-2017-5641 | critical | 9.8 | 9.8 | 9y ago | Apache Flex BlazeDS unsafe deserialization | |||
| CVE-2017-9944 | critical | 9.8 | 9.8 | 9y ago | A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticat… | |||
| CVE-2017-17931 | critical | 9.8 | 9.8 | 9y ago | PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. | |||
| CVE-2017-17928 | critical | 9.8 | 9.8 | 9y ago | PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. | |||
| CVE-2017-17906 | critical | 9.8 | 9.8 | 9y ago | PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. | |||
| CVE-2017-17900 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL injection vulnerability in fourn/index.php | |||
| CVE-2017-17899 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL injection vulnerability in adherents/subscription/info.php | |||
| CVE-2017-17897 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL injection vulnerability in comm/multiprix.php | |||
| CVE-2017-17895 | critical | 9.8 | 9.8 | 9y ago | Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. | |||
| CVE-2017-17892 | critical | 9.8 | 9.8 | 9y ago | Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter. | |||
| CVE-2017-17878 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" settin… | |||
| CVE-2017-17877 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless ad… | |||
| CVE-2017-17875 | critical | 9.8 | 9.8 | 9y ago | The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action. | |||
| CVE-2017-17873 | critical | 9.8 | 9.8 | 9y ago | Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. | |||
| CVE-2017-17872 | critical | 9.8 | 9.8 | 9y ago | The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action. | |||
| CVE-2017-17871 | critical | 9.8 | 9.8 | 9y ago | The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter. | |||
| CVE-2017-17870 | critical | 9.8 | 9.8 | 9y ago | The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action. | |||
| CVE-2017-17849 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response. | |||
| CVE-2017-17033 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers t… | |||
| CVE-2017-17032 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers t… | |||
| CVE-2017-17031 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers t… | |||
| CVE-2017-17030 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to e… | |||
| CVE-2017-17029 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to e… | |||
| CVE-2017-17028 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in external device function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote atta… | |||
| CVE-2017-17027 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to exec… | |||
| CVE-2017-17821 | critical | 9.8 | 9.8 | 9y ago | WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other im… | |||
| CVE-2017-5261 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to … | |||
| CVE-2017-5260 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' acco… | |||
| CVE-2017-5259 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/sysc… | |||
| CVE-2017-5255 | high | 8.8 | 9.8 | 9y ago | In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-… | |||
| CVE-2017-5254 | high | 8.8 | 9.8 | 9y ago | In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after di… | |||
| CVE-2017-6094 | critical | 9.8 | 9.8 | 9y ago | CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a cert… | |||
| CVE-2017-16725 | critical | 9.8 | 9.8 | 9y ago | A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identifie… | |||
| CVE-2017-17794 | critical | 9.8 | 9.8 | 9y ago | validate_form_preferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to bypass intended access restrictions via vectors related to an e-mail address field. | |||
| CVE-2017-17790 | critical | 9.8 | 9.8 | 9y ago | The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|… | |||
| CVE-2017-17779 | critical | 9.8 | 9.8 | 9y ago | Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter. | |||
| CVE-2017-17777 | critical | 9.8 | 9.8 | 9y ago | Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter. | |||
| CVE-2017-17761 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Ichano AtHome IP Camera devices. The device runs the "noodles" binary - a service on port 1300 that allows a remote (LAN) unauthenticated user to run arbitrary commands. Th… | |||
| CVE-2017-17759 | critical | 9.8 | 9.8 | 9y ago | Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service (by deleting the configuration) via a wc.dll?wwMaint~EditConfig request… | |||
| CVE-2017-17107 | critical | 9.8 | 9.8 | 9y ago | Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root user. The SONIX operating system's setup renders this password unchangeable and it can be used to acces… | |||
| CVE-2017-17106 | critical | 9.8 | 9.8 | 9y ago | Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerabil… | |||
| CVE-2017-16949 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file … | |||
| CVE-2017-15877 | critical | 9.8 | 9.8 | 9y ago | Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database. | |||
| CVE-2017-15875 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter. | |||
| CVE-2017-17721 | critical | 9.8 | 9.8 | 9y ago | CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorde… | |||
| CVE-2017-17651 | critical | 9.8 | 9.8 | 9y ago | Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter. | |||
| CVE-2017-17645 | critical | 9.8 | 9.8 | 9y ago | Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php. | |||
| CVE-2017-17643 | critical | 9.8 | 9.8 | 9y ago | FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/. | |||
| CVE-2017-17739 | critical | 9.8 | 9.8 | 9y ago | The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files. | |||
| CVE-2017-17735 | critical | 9.8 | 9.8 | 9y ago | CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. | |||
| CVE-2017-17734 | critical | 9.8 | 9.8 | 9y ago | CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. | |||
| CVE-2017-17733 | critical | 9.8 | 9.8 | 9y ago | Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request. | |||
| CVE-2017-17731 | critical | 9.8 | 9.8 | 9y ago | DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. | |||
| CVE-2017-17730 | critical | 9.8 | 9.8 | 9y ago | DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php. | |||
| CVE-2017-17717 | critical | 9.8 | 9.8 | 9y ago | Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature. | |||
| CVE-2017-17713 | critical | 9.8 | 9.8 | 9y ago | Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter,… | |||
| CVE-2017-3195 | critical | 9.8 | 9.8 | 9y ago | Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code executio… | |||
| CVE-2017-3192 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 e… | |||
| CVE-2017-3191 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login … | |||
| CVE-2017-3186 | critical | 9.8 | 9.8 | 9y ago | ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a dev… | |||
| CVE-2017-3185 | critical | 9.8 | 9.8 | 9y ago | ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such… | |||
| CVE-2017-3184 | critical | 9.8 | 9.8 | 9y ago | ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail to properly restrict access to the factory reset page. An unauthenticated, remote attacker can exploit… | |||
| CVE-2017-10904 | critical | 9.8 | 9.8 | 9y ago | Qt for Android prior to 5.9.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-17701 | critical | 9.8 | 9.8 | 9y ago | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request. | |||
| CVE-2017-17700 | critical | 9.8 | 9.8 | 9y ago | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. | |||
| CVE-2017-17699 | critical | 9.8 | 9.8 | 9y ago | K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. | |||
| CVE-2017-14101 | critical | 9.8 | 9.8 | 9y ago | A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change H… | |||
| CVE-2017-17672 | critical | 9.8 | 9.8 | 9y ago | In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage o… | |||
| CVE-2017-17671 | critical | 9.8 | 9.8 | 9y ago | vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify … | |||
| CVE-2017-17648 | critical | 9.8 | 9.8 | 9y ago | Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter. | |||
| CVE-2017-17642 | critical | 9.8 | 9.8 | 9y ago | Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. | |||
| CVE-2017-17641 | critical | 9.8 | 9.8 | 9y ago | Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. | |||
| CVE-2017-17640 | critical | 9.8 | 9.8 | 9y ago | Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. | |||
| CVE-2017-17639 | critical | 9.8 | 9.8 | 9y ago | Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter. | |||
| CVE-2017-17638 | critical | 9.8 | 9.8 | 9y ago | Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. | |||
| CVE-2017-17637 | critical | 9.8 | 9.8 | 9y ago | Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. | |||
| CVE-2017-17636 | critical | 9.8 | 9.8 | 9y ago | MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter. | |||
| CVE-2017-17635 | critical | 9.8 | 9.8 | 9y ago | MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter. | |||
| CVE-2017-17634 | critical | 9.8 | 9.8 | 9y ago | Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. | |||
| CVE-2017-17633 | critical | 9.8 | 9.8 | 9y ago | Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter. | |||
| CVE-2017-17632 | critical | 9.8 | 9.8 | 9y ago | Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. | |||
| CVE-2017-17631 | critical | 9.8 | 9.8 | 9y ago | Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter. | |||
| CVE-2017-17630 | critical | 9.8 | 9.8 | 9y ago | Yoga Class Script 1.0 has SQL Injection via the /list city parameter. | |||
| CVE-2017-17629 | critical | 9.8 | 9.8 | 9y ago | Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter. | |||
| CVE-2017-17628 | critical | 9.8 | 9.8 | 9y ago | Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter. | |||
| CVE-2017-17627 | critical | 9.8 | 9.8 | 9y ago | Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter. | |||
| CVE-2017-17626 | critical | 9.8 | 9.8 | 9y ago | Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter. | |||
| CVE-2017-17625 | critical | 9.8 | 9.8 | 9y ago | Professional Service Script 1.0 has SQL Injection via the service-list city parameter. | |||
| CVE-2017-17624 | critical | 9.8 | 9.8 | 9y ago | PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter. | |||
| CVE-2017-17623 | critical | 9.8 | 9.8 | 9y ago | Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter. | |||
| CVE-2017-17622 | critical | 9.8 | 9.8 | 9y ago | Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter. | |||
| CVE-2017-17621 | critical | 9.8 | 9.8 | 9y ago | Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI. | |||
| CVE-2017-17620 | critical | 9.8 | 9.8 | 9y ago | Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter. | |||
| CVE-2017-17619 | critical | 9.8 | 9.8 | 9y ago | Laundry Booking Script 1.0 has SQL Injection via the /list city parameter. | |||
| CVE-2017-17618 | critical | 9.8 | 9.8 | 9y ago | Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter. | |||
| CVE-2017-17617 | critical | 9.8 | 9.8 | 9y ago | Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter. | |||
| CVE-2017-17616 | critical | 9.8 | 9.8 | 9y ago | Event Search Script 1.0 has SQL Injection via the /event-list city parameter. | |||
| CVE-2017-17614 | critical | 9.8 | 9.8 | 9y ago | Food Order Script 1.0 has SQL Injection via the /list city parameter. | |||
| CVE-2017-17613 | critical | 9.8 | 9.8 | 9y ago | Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter. |