CVEs from 2017
Total
11,665
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11463 | high | 8.8 | 8.8 | 9y ago | In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. … | |||
| CVE-2017-17509 | high | 8.8 | 8.8 | 9y ago | In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact… | |||
| CVE-2017-17503 | high | 8.8 | 8.8 | 9y ago | ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | |||
| CVE-2017-17502 | high | 8.8 | 8.8 | 9y ago | ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | |||
| CVE-2017-17501 | high | 8.8 | 8.8 | 9y ago | WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | |||
| CVE-2017-17500 | high | 8.8 | 8.8 | 9y ago | ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. | |||
| CVE-2017-17498 | high | 8.8 | 8.8 | 9y ago | WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or … | |||
| CVE-2017-16420 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16418 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16417 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16416 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16415 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16414 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16413 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16412 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16411 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16410 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16409 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16408 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16407 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16406 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16405 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16404 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16403 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16402 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16401 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16400 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16399 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16397 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16396 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16395 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16394 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16393 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16392 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16391 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16390 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16389 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16388 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16387 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16386 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16385 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16384 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16383 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16382 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16381 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16380 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16379 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16378 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16377 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16376 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16375 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16374 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16373 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16372 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16371 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16370 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16368 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16367 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16365 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16364 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16363 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16362 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-16360 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. T… | |||
| CVE-2017-17459 | high | 8.8 | 8.8 | 9y ago | http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hos… | |||
| CVE-2017-1356 | high | 8.8 | 8.8 | 9y ago | IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or del… | |||
| CVE-2017-17384 | high | 8.8 | 8.8 | 9y ago | ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job. | |||
| CVE-2017-17436 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials adv… | |||
| CVE-2017-17435 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phon… | |||
| CVE-2017-13156 | high | 7.8 | 8.8 | 9y ago | An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. | |||
| CVE-2017-13151 | high | 8.8 | 8.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456. | |||
| CVE-2017-0878 | high | 8.8 | 8.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291. | |||
| CVE-2017-0877 | high | 8.8 | 8.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937. | |||
| CVE-2017-0876 | high | 8.8 | 8.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675. | |||
| CVE-2017-0872 | high | 8.8 | 8.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323. | |||
| CVE-2017-14355 | high | 7.8 | 8.8 | 9y ago | A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege. | |||
| CVE-2017-8824 | high | 7.8 | 8.8 | 9y ago | The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system… | |||
| CVE-2017-17056 | high | 8.8 | 8.8 | 9y ago | The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the… | |||
| CVE-2017-17130 | high | 8.8 | 8.8 | 9y ago | The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have … | |||
| CVE-2017-17129 | high | 8.8 | 8.8 | 9y ago | The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified ot… | |||
| CVE-2017-17103 | high | 8.8 | 8.8 | 9y ago | Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges. | |||
| CVE-2017-17091 | high | 8.8 | 8.8 | 9y ago | wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restriction… | |||
| CVE-2017-16895 | high | 7.8 | 8.8 | 9y ago | The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5) arqs3glacierrestorer helper apps in Arq 5.x before 5.10 for Mac allow local users to gain root privileges … | |||
| CVE-2017-12631 | high | 8.8 | 8.8 | 9y ago | Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3 | |||
| CVE-2017-12343 | high | 8.8 | 8.8 | 9y ago | Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicio… | |||
| CVE-2017-14198 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously cra… | |||
| CVE-2017-17045 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by lever… | |||
| CVE-2017-0910 | high | 8.8 | 8.8 | 9y ago | In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm. | |||
| CVE-2017-1000207 | high | 8.8 | 8.8 | 9y ago | Deserialization of Untrusted Data in swagger-codegen | |||
| CVE-2017-1001004 | high | 8.8 | 8.8 | 9y ago | Arbitrary JavaScript Execution in typed-function | |||
| CVE-2017-8038 | high | 8.8 | 8.8 | 9y ago | In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, th… | |||
| CVE-2017-16960 | high | 8.8 | 8.8 | 9y ago | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/… | |||
| CVE-2017-16958 | high | 8.8 | 8.8 | 9y ago | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luc… | |||
| CVE-2017-16957 | high | 8.8 | 8.8 | 9y ago | TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/lu… | |||
| CVE-2017-16955 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?p… | |||
| CVE-2017-14176 | high | 8.8 | 8.8 | 9y ago | Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-… | |||
| CVE-2017-16941 | high | 8.8 | 8.8 | 9y ago | October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/the… | |||
| CVE-2017-16939 | high | 7.8 | 8.8 | 9y ago | The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCV… | |||
| CVE-2017-8195 | high | 8.8 | 8.8 | 9y ago | The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerabi… | |||
| CVE-2017-8194 | high | 8.8 | 8.8 | 9y ago | The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerabi… | |||
| CVE-2017-8138 | high | 8.8 | 8.8 | 9y ago | HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper wi… |