CVEs from 2017
Total
11,662
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15191 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | |||
| CVE-2017-15190 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. | |||
| CVE-2017-15189 | high | 7.5 | 7.5 | 9y ago | In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. | |||
| CVE-2017-9717 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur. | |||
| CVE-2017-9715 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur. | |||
| CVE-2017-11064 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PN… | |||
| CVE-2017-11062 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentia… | |||
| CVE-2017-11061 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer o… | |||
| CVE-2017-11060 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PN… | |||
| CVE-2017-11055 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION c… | |||
| CVE-2017-11054 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can oc… | |||
| CVE-2017-11052 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor comm… | |||
| CVE-2017-11051 | high | 7.5 | 7.5 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffe… | |||
| CVE-2017-14943 | high | 7.5 | 7.5 | 9y ago | Trapeze TransitMaster is vulnerable to information disclosure (emails / hashed passwords) via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is indep… | |||
| CVE-2017-14603 | high | 7.5 | 7.5 | 9y ago | In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allo… | |||
| CVE-2017-14972 | high | 7.5 | 7.5 | 9y ago | InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file. | |||
| CVE-2017-15079 | high | 7.5 | 7.5 | 9y ago | The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal. | |||
| CVE-2017-9272 | high | 7.5 | 7.5 | 9y ago | The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. | |||
| CVE-2017-1002153 | high | 7.5 | 7.5 | 9y ago | Koji blacklisted paths workaround | |||
| CVE-2017-1000254 | high | 7.5 | 7.5 | 9y ago | libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory wi… | |||
| CVE-2017-13998 | high | 7.5 | 7.5 | 9y ago | An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access. | |||
| CVE-2017-15033 | high | 7.5 | 7.5 | 9y ago | ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | |||
| CVE-2017-12270 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (… | |||
| CVE-2017-12263 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka… | |||
| CVE-2017-1000118 | high | 7.5 | 7.5 | 9y ago | Improper Restriction of Operations within the Bounds of a Memory Buffer in akka-http-core | |||
| CVE-2017-1000115 | high | 7.5 | 7.5 | 9y ago | Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | |||
| CVE-2017-1000108 | high | 7.5 | 7.5 | 9y ago | Jenkins Pipeline: Input Step Plugin | |||
| CVE-2017-1000098 | high | 7.5 | 7.5 | 9y ago | Denial of service when parsing large forms in mime/multipart | |||
| CVE-2017-1000097 | high | 7.5 | 7.5 | 9y ago | Mishandled trust preferences for root certificates on Darwin in crypto/x509 | |||
| CVE-2017-1000092 | high | 7.5 | 7.5 | 9y ago | Cross-Site Request Forgery in Jenkins Git Plugin | |||
| CVE-2017-15011 | high | 7.5 | 7.5 | 9y ago | The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and SugarSync, are configured for remote access and allow remote attackers to cause a denial of service (application crash) via an uns… | |||
| CVE-2017-15010 | high | 7.5 | 7.5 | 9y ago | A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie ma… | |||
| CVE-2017-12820 | high | 7.5 | 7.5 | 9y ago | Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |||
| CVE-2017-12818 | high | 7.5 | 7.5 | 9y ago | Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |||
| CVE-2017-11122 | high | 7.5 | 7.5 | 9y ago | On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. | |||
| CVE-2017-0825 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002. | |||
| CVE-2017-0823 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655. | |||
| CVE-2017-0820 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433. | |||
| CVE-2017-0819 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63045918. | |||
| CVE-2017-0818 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63581671. | |||
| CVE-2017-0817 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. | |||
| CVE-2017-0814 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140. | |||
| CVE-2017-0813 | high | 7.5 | 7.5 | 9y ago | A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046. | |||
| CVE-2017-0808 | high | 7.5 | 7.5 | 9y ago | An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183. | |||
| CVE-2017-8018 | high | 7.5 | 7.5 | 9y ago | EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affec… | |||
| CVE-2017-1569 | high | 7.5 | 7.5 | 9y ago | IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified vulnerability in Marketing ESpot's that could cause a denial of service. IBM X-Force ID: 131779. | |||
| CVE-2017-14979 | high | 7.5 | 7.5 | 9y ago | Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, re… | |||
| CVE-2017-13704 | high | 7.5 | 7.5 | 9y ago | In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0x… | |||
| CVE-2017-11498 | high | 7.5 | 7.5 | 9y ago | Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of se… | |||
| CVE-2017-14977 | high | 7.5 | 7.5 | 9y ago | The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to laun… | |||
| CVE-2017-14976 | high | 7.5 | 7.5 | 9y ago | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an at… | |||
| CVE-2017-14975 | high | 7.5 | 7.5 | 9y ago | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch… | |||
| CVE-2017-14797 | high | 7.5 | 7.5 | 9y ago | Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obta… | |||
| CVE-2017-14944 | high | 7.5 | 7.5 | 9y ago | Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060. | |||
| CVE-2017-14935 | high | 7.5 | 7.5 | 9y ago | Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly validate requests, which allows remote users to query and obtain sensitive information. | |||
| CVE-2017-14929 | high | 7.5 | 7.5 | 9y ago | In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilin… | |||
| CVE-2017-9790 | high | 7.5 | 7.5 | 9y ago | Use after free in Apache Mesos | |||
| CVE-2017-7687 | high | 7.5 | 7.5 | 9y ago | Denial of service in Apache Mesos | |||
| CVE-2017-2551 | high | 7.5 | 7.5 | 9y ago | Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download. | |||
| CVE-2017-1577 | high | 7.5 | 7.5 | 9y ago | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences … | |||
| CVE-2017-14849 | high | 7.5 | 7.5 | 9y ago | Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules. | |||
| CVE-2017-14766 | high | 7.5 | 7.5 | 9y ago | The Simple Student Result plugin before 1.6.4 for WordPress has an Authentication Bypass vulnerability because the fn_ssr_add_st_submit() function and fn_ssr_del_st_submit() function in functions.php… | |||
| CVE-2017-14739 | high | 7.5 | 7.5 | 9y ago | The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL P… | |||
| CVE-2017-9962 | high | 7.5 | 7.5 | 9y ago | Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications t… | |||
| CVE-2017-14727 | high | 7.5 | 7.5 | 9y ago | denial of service in weechat | |||
| CVE-2017-14722 | high | 7.5 | 7.5 | 9y ago | Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. | |||
| CVE-2017-14719 | high | 7.5 | 7.5 | 9y ago | Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. | |||
| CVE-2017-9281 | high | 7.5 | 7.5 | 9y ago | An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. | |||
| CVE-2017-14646 | high | 7.5 | 7.5 | 9y ago | The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in… | |||
| CVE-2017-14629 | high | 7.5 | 7.5 | 9y ago | In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. | |||
| CVE-2017-12219 | high | 7.5 | 7.5 | 9y ago | A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload … | |||
| CVE-2017-14616 | high | 7.5 | 7.5 | 9y ago | An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, l… | |||
| CVE-2017-9804 | high | 7.5 | 7.5 | 9y ago | Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used | |||
| CVE-2017-9793 | high | 7.5 | 7.5 | 9y ago | The REST Plugin in Apache Struts is using an outdated XStream library | |||
| CVE-2017-14339 | high | 7.5 | 7.5 | 9y ago | The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage an… | |||
| CVE-2017-12837 | high | 7.5 | 7.5 | 9y ago | Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) v… | |||
| CVE-2017-14581 | high | 7.5 | 7.5 | 9y ago | The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181. | |||
| CVE-2017-10931 | high | 7.5 | 7.5 | 9y ago | The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as syst… | |||
| CVE-2017-12616 | high | 7.5 | 7.5 | 9y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | |||
| CVE-2017-9050 | high | 7.5 | 7.5 | 9y ago | Out-of-bounds read in nokogiri | |||
| CVE-2017-9803 | high | 7.5 | 7.5 | 9y ago | Apache Solr Kerberos delegation token functionality flaws | |||
| CVE-2017-14519 | high | 7.5 | 7.5 | 9y ago | In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (… | |||
| CVE-2017-14515 | high | 7.5 | 7.5 | 9y ago | Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors. | |||
| CVE-2017-14514 | high | 7.5 | 7.5 | 9y ago | Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. | |||
| CVE-2017-14511 | high | 7.5 | 7.5 | 9y ago | An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to … | |||
| CVE-2017-14502 | high | 7.5 | 7.5 | 9y ago | RHEA-2021:1580: libarchive bug fix and enhancement update (Moderate) | |||
| CVE-2017-2299 | high | 7.5 | 7.5 | 9y ago | Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_di… | |||
| CVE-2017-10846 | high | 7.5 | 7.5 | 9y ago | Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access restrictions to obtain information on device settings via unspecified vectors. | |||
| CVE-2017-1002151 | high | 7.5 | 7.5 | 9y ago | Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization | |||
| CVE-2017-1002007 | high | 7.5 | 7.5 | 9y ago | Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | |||
| CVE-2017-1002006 | high | 7.5 | 7.5 | 9y ago | Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | |||
| CVE-2017-1002005 | high | 7.5 | 7.5 | 9y ago | Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query. | |||
| CVE-2017-1002004 | high | 7.5 | 7.5 | 9y ago | Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query. | |||
| CVE-2017-12989 | high | 7.5 | 7.5 | 9y ago | The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length(). | |||
| CVE-2017-7561 | high | 7.5 | 7.5 | 9y ago | Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP | |||
| CVE-2017-14430 | high | 7.5 | 7.5 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote attackers to cause a denial of service (daemon crash) via craft… | |||
| CVE-2017-14423 | high | 7.5 | 7.5 | 9y ago | htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for rem… | |||
| CVE-2017-14422 | high | 7.5 | 7.5 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices use the same hardcoded /etc/stunnel.key private key across different custome… | |||
| CVE-2017-14404 | high | 7.5 | 7.5 | 9y ago | The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_li… | |||
| CVE-2017-8757 | high | 7.5 | 7.5 | 9y ago | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge h… |