CVEs from 2017
Total
11,713
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8817 | critical | 9.8 | 9.8 | 9y ago | The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact v… | |||
| CVE-2017-8816 | critical | 9.8 | 9.8 | 9y ago | The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application cr… | |||
| CVE-2017-14377 | critical | 9.8 | 9.8 | 9y ago | EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could p… | |||
| CVE-2017-9315 | critical | 9.8 | 9.8 | 9y ago | Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm use… | |||
| CVE-2017-8020 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root pri… | |||
| CVE-2017-14746 | critical | 9.8 | 9.8 | 9y ago | Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. | |||
| CVE-2017-14586 | critical | 9.8 | 9.8 | 9y ago | The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at or above version 4.0 and before version 4.30 are … | |||
| CVE-2017-1001003 | critical | 9.8 | 9.8 | 9y ago | Arbitrary Code Execution in mathjs | |||
| CVE-2017-1001002 | critical | 9.8 | 9.8 | 9y ago | Arbitrary Code Execution in mathjs | |||
| CVE-2017-1000214 | critical | 9.8 | 9.8 | 9y ago | GitPHP by xiphux is vulnerable to OS Command Injections | |||
| CVE-2017-8045 | critical | 9.8 | 9.8 | 9y ago | Deserialization of Untrusted Data in Spring AMQP | |||
| CVE-2017-16943 | critical | 9.8 | 9.8 | 9y ago | The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BD… | |||
| CVE-2017-16935 | critical | 9.8 | 9.8 | 9y ago | Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/s… | |||
| CVE-2017-16934 | critical | 9.8 | 9.8 | 9y ago | The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this pas… | |||
| CVE-2017-16931 | critical | 9.8 | 9.8 | 9y ago | parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. | |||
| CVE-2017-13701 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are sto… | |||
| CVE-2017-15088 | critical | 9.8 | 9.8 | 9y ago | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause … | |||
| CVE-2017-8129 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe… | |||
| CVE-2017-8128 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe… | |||
| CVE-2017-8126 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit… | |||
| CVE-2017-8124 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit… | |||
| CVE-2017-8123 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit… | |||
| CVE-2017-8122 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit… | |||
| CVE-2017-8120 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe… | |||
| CVE-2017-8119 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe… | |||
| CVE-2017-8117 | critical | 9.8 | 9.8 | 9y ago | The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe… | |||
| CVE-2017-2738 | critical | 9.8 | 9.8 | 9y ago | VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauth… | |||
| CVE-2017-13071 | critical | 9.8 | 9.8 | 9y ago | QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earli… | |||
| CVE-2017-8864 | critical | 9.8 | 9.8 | 9y ago | Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as dem… | |||
| CVE-2017-8862 | critical | 9.8 | 9.8 | 9y ago | The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "ro… | |||
| CVE-2017-8861 | critical | 9.8 | 9.8 | 9y ago | Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially craft… | |||
| CVE-2017-16926 | critical | 9.8 | 9.8 | 9y ago | Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) t… | |||
| CVE-2017-5719 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. | |||
| CVE-2017-16920 | critical | 9.8 | 9.8 | 9y ago | v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via … | |||
| CVE-2017-16613 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieve… | |||
| CVE-2017-16840 | critical | 9.8 | 9.8 | 9y ago | The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related t… | |||
| CVE-2017-16903 | critical | 9.8 | 9.8 | 9y ago | LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, wit… | |||
| CVE-2017-16896 | critical | 9.8 | 9.8 | 9y ago | A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter. | |||
| CVE-2017-11402 | critical | 9.8 | 9.8 | 9y ago | An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activat… | |||
| CVE-2017-11401 | critical | 9.8 | 9.8 | 9y ago | An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an a… | |||
| CVE-2017-16566 | critical | 9.8 | 9.8 | 9y ago | On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authenticatio… | |||
| CVE-2017-1000215 | critical | 9.8 | 9.8 | 9y ago | ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution | |||
| CVE-2017-1000169 | critical | 9.8 | 9.8 | 9y ago | QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB. | |||
| CVE-2017-1000192 | critical | 9.8 | 9.8 | 9y ago | Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File Inclusion in the functionality of javascript files inclusion. The attacker can read the configuration files that contain the login… | |||
| CVE-2017-1000212 | critical | 9.8 | 9.8 | 9y ago | alchemist.vim vulnerable to remote code execution | |||
| CVE-2017-1000206 | critical | 9.8 | 9.8 | 9y ago | samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution | |||
| CVE-2017-16872 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overf… | |||
| CVE-2017-1000158 | critical | 9.8 | 9.8 | 9y ago | CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code ex… | |||
| CVE-2017-1000232 | critical | 9.8 | 9.8 | 9y ago | A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. | |||
| CVE-2017-1000231 | critical | 9.8 | 9.8 | 9y ago | A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. | |||
| CVE-2017-1000228 | critical | 9.8 | 9.8 | 9y ago | nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function | |||
| CVE-2017-1000173 | critical | 9.8 | 9.8 | 9y ago | Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join… | |||
| CVE-2017-1000172 | critical | 9.8 | 9.8 | 9y ago | Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being us… | |||
| CVE-2017-1000197 | critical | 9.8 | 9.8 | 9y ago | October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server. | |||
| CVE-2017-1000196 | critical | 9.8 | 9.8 | 9y ago | October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server. | |||
| CVE-2017-1000194 | critical | 9.8 | 9.8 | 9y ago | October CMS File Upload Vulnerability | |||
| CVE-2017-1000220 | critical | 9.8 | 9.8 | 9y ago | PIDUsage Enables OS Command Injection | |||
| CVE-2017-1000210 | critical | 9.8 | 9.8 | 9y ago | picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack | |||
| CVE-2017-1000219 | critical | 9.8 | 9.8 | 9y ago | Command Execution in windows-cpu | |||
| CVE-2017-1000218 | critical | 9.8 | 9.8 | 9y ago | LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution. | |||
| CVE-2017-0847 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999. | |||
| CVE-2017-16851 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter. | |||
| CVE-2017-16850 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action. | |||
| CVE-2017-16849 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter. | |||
| CVE-2017-16848 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter. | |||
| CVE-2017-16847 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action. | |||
| CVE-2017-16846 | critical | 9.8 | 9.8 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter. | |||
| CVE-2017-16844 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code… | |||
| CVE-2017-12337 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthoriz… | |||
| CVE-2017-1000248 | critical | 9.8 | 9.8 | 9y ago | Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis | |||
| CVE-2017-5533 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with… | |||
| CVE-2017-12634 | critical | 9.8 | 9.8 | 9y ago | Camel-castor component in Apache Camel is vulnerable to Java object de-serialisation | |||
| CVE-2017-12633 | critical | 9.8 | 9.8 | 9y ago | Apache Camel camel-hessian component vulnerable to Java object deserialization | |||
| CVE-2017-8809 | critical | 9.8 | 9.8 | 9y ago | api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability. | |||
| CVE-2017-12739 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected … | |||
| CVE-2017-16820 | critical | 9.8 | 9.8 | 9y ago | The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other imp… | |||
| CVE-2017-6274 | critical | 9.8 | 9.8 | 9y ago | An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated … | |||
| CVE-2017-1710 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-Force ID: 134531. | |||
| CVE-2017-1221 | critical | 9.8 | 9.8 | 9y ago | IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force … | |||
| CVE-2017-14024 | critical | 9.8 | 9.8 | 9y ago | A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. The … | |||
| CVE-2017-0907 | critical | 9.8 | 9.8 | 9y ago | Critical severity vulnerability that affects recurly-api-client | |||
| CVE-2017-10871 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and earlier allows an attacker to execute arbitrary code via unspecified vectors. | |||
| CVE-2017-13846 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial o… | |||
| CVE-2017-13832 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0… | |||
| CVE-2017-13815 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial o… | |||
| CVE-2017-16783 | critical | 9.8 | 9.8 | 9y ago | In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter. | |||
| CVE-2017-16780 | critical | 9.8 | 9.8 | 9y ago | The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file. | |||
| CVE-2017-16764 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML parser can execute arbitrary Python commands resulti… | |||
| CVE-2017-16763 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load fun… | |||
| CVE-2017-16521 | critical | 9.8 | 9.8 | 9y ago | In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. | |||
| CVE-2017-16634 | critical | 9.8 | 9.8 | 9y ago | In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. | |||
| CVE-2017-16562 | critical | 9.8 | 9.8 | 9y ago | The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value f… | |||
| CVE-2017-0909 | critical | 9.8 | 9.8 | 9y ago | private_address_check contains Incomplete List of Disallowed Inputs | |||
| CVE-2017-0905 | critical | 9.8 | 9.8 | 9y ago | Recurly gem Server-Side Request Forgery in Resource#find method | |||
| CVE-2017-16618 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file (aka load_yaml or load_yamlf) can execute arbitrary Python c… | |||
| CVE-2017-16616 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. A YAML parser can execute arbitrary Python commands resulting… | |||
| CVE-2017-16615 | critical | 9.8 | 9.8 | 9y ago | An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_query method in parser.py in MLAlchemy before 0.2.2. When processing YAML-Based queries for data, a YAML parser… | |||
| CVE-2017-16561 | critical | 9.8 | 9.8 | 9y ago | /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | |||
| CVE-2017-2922 | critical | 9.8 | 9.8 | 9y ago | An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while l… | |||
| CVE-2017-2921 | critical | 9.8 | 9.8 | 9y ago | An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to … |