CVEs from 2017
Total
11,721
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15295 | critical | 9.8 | 9.8 | 9y ago | Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064. | |||
| CVE-2017-15293 | critical | 9.8 | 9.8 | 9y ago | Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 25… | |||
| CVE-2017-14952 | critical | 9.8 | 9.8 | 9y ago | Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector … | |||
| CVE-2017-15376 | critical | 9.8 | 9.8 | 9y ago | The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23. | |||
| CVE-2017-15373 | critical | 9.8 | 9.8 | 9y ago | E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area). | |||
| CVE-2017-15304 | critical | 9.8 | 9.8 | 9y ago | /bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header. This can be used to achieve persist… | |||
| CVE-2017-12629 | critical | 9.8 | 9.8 | 9y ago | Remote code execution occurs in Apache Solr | |||
| CVE-2017-10622 | critical | 9.8 | 9.8 | 9y ago | An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issu… | |||
| CVE-2017-10615 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons su… | |||
| CVE-2017-11771 | critical | 9.8 | 9.8 | 9y ago | The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1… | |||
| CVE-2017-5791 | critical | 9.8 | 9.8 | 9y ago | The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | |||
| CVE-2017-5789 | critical | 9.8 | 9.8 | 9y ago | HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdru… | |||
| CVE-2017-14003 | critical | 9.8 | 9.8 | 9y ago | An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has… | |||
| CVE-2017-15220 | critical | 9.8 | 9.8 | 9y ago | Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary cod… | |||
| CVE-2017-15226 | critical | 9.8 | 9.8 | 9y ago | Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call. | |||
| CVE-2017-8994 | critical | 9.8 | 9.8 | 9y ago | A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | |||
| CVE-2017-12861 | critical | 9.8 | 9.8 | 9y ago | The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only t… | |||
| CVE-2017-12860 | critical | 9.8 | 9.8 | 9y ago | The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only t… | |||
| CVE-2017-0903 | critical | 9.8 | 9.8 | 9y ago | RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted… | |||
| CVE-2017-13069 | critical | 9.8 | 9.8 | 9y ago | QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow … | |||
| CVE-2017-15047 | critical | 9.8 | 9.8 | 9y ago | The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by… | |||
| CVE-2017-14089 | critical | 9.8 | 9.8 | 9y ago | An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and ca… | |||
| CVE-2017-15041 | critical | 9.8 | 9.8 | 9y ago | Remote command execution via "go get" in cmd/go | |||
| CVE-2017-15032 | critical | 9.8 | 9.8 | 9y ago | ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | |||
| CVE-2017-1000117 | high | 8.8 | 9.8 | 9y ago | A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Suc… | |||
| CVE-2017-14491 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | |||
| CVE-2017-12821 | critical | 9.8 | 9.8 | 9y ago | Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution. | |||
| CVE-2017-12819 | critical | 9.8 | 9.8 | 9y ago | Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. | |||
| CVE-2017-12166 | critical | 9.8 | 9.8 | 9y ago | OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. | |||
| CVE-2017-0829 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044. | |||
| CVE-2017-0828 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855. | |||
| CVE-2017-0824 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001. | |||
| CVE-2017-0822 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722. | |||
| CVE-2017-0807 | critical | 9.8 | 9.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974. | |||
| CVE-2017-8021 | critical | 9.8 | 9.8 | 9y ago | EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. | |||
| CVE-2017-6090 | high | 8.8 | 9.8 | 9y ago | Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable exte… | |||
| CVE-2017-6089 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parame… | |||
| CVE-2017-14759 | critical | 9.8 | 9.8 | 9y ago | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramewo… | |||
| CVE-2017-14493 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | |||
| CVE-2017-14492 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. | |||
| CVE-2017-13997 | critical | 9.8 | 9.8 | 9y ago | A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. InduSoft Web Studio pro… | |||
| CVE-2017-12639 | critical | 9.8 | 9.8 | 9y ago | Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED. | |||
| CVE-2017-12638 | critical | 9.8 | 9.8 | 9y ago | Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE. | |||
| CVE-2017-12620 | critical | 9.8 | 9.8 | 9y ago | Improper Restriction of XML External Entity Reference in Apache OpenNLP | |||
| CVE-2017-11497 | critical | 9.8 | 9.8 | 9y ago | Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language pa… | |||
| CVE-2017-11496 | critical | 9.8 | 9.8 | 9y ago | Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed A… | |||
| CVE-2017-14942 | critical | 9.8 | 9.8 | 9y ago | Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin… | |||
| CVE-2017-14738 | critical | 9.8 | 9.8 | 9y ago | FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search f… | |||
| CVE-2017-14702 | critical | 9.8 | 9.8 | 9y ago | ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization. | |||
| CVE-2017-14351 | critical | 9.8 | 9.8 | 9y ago | A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow … | |||
| CVE-2017-14350 | critical | 9.8 | 9.8 | 9y ago | A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code … | |||
| CVE-2017-14349 | critical | 9.8 | 9.8 | 9y ago | An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data. | |||
| CVE-2017-13983 | critical | 9.8 | 9.8 | 9y ago | An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication. | |||
| CVE-2017-7552 | critical | 9.8 | 9.8 | 9y ago | A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to … | |||
| CVE-2017-14507 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_c… | |||
| CVE-2017-12236 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass … | |||
| CVE-2017-12229 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of t… | |||
| CVE-2017-12814 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long en… | |||
| CVE-2017-12621 | critical | 9.8 | 9.8 | 9y ago | Improper Restriction of XML External Entity Reference in Jelly | |||
| CVE-2017-11121 | critical | 9.8 | 9.8 | 9y ago | On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack o… | |||
| CVE-2017-11120 | critical | 9.8 | 9.8 | 9y ago | On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2… | |||
| CVE-2017-10932 | critical | 9.8 | 9.8 | 9y ago | All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI… | |||
| CVE-2017-14760 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in /includes/event-management/index.php in the event-espresso-free (aka Event Espresso Lite) plugin v3.1.37.12.L for WordPress via the recurrence_id parameter to /wp-admin/admin.… | |||
| CVE-2017-14703 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/. | |||
| CVE-2017-9957 | critical | 9.8 | 9.8 | 9y ago | A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can … | |||
| CVE-2017-7974 | critical | 9.8 | 9.8 | 9y ago | A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and… | |||
| CVE-2017-7973 | critical | 9.8 | 9.8 | 9y ago | A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of… | |||
| CVE-2017-14125 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an add_edit_theme tas… | |||
| CVE-2017-14723 | critical | 9.8 | 9.8 | 9y ago | Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injec… | |||
| CVE-2017-14080 | critical | 9.8 | 9.8 | 9y ago | Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. | |||
| CVE-2017-14078 | critical | 9.8 | 9.8 | 9y ago | SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | |||
| CVE-2017-9393 | critical | 9.8 | 9.8 | 9y ago | CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. | |||
| CVE-2017-14637 | critical | 9.8 | 9.8 | 9y ago | In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp. However, this can also cause a write to an illegal address. | |||
| CVE-2017-14636 | critical | 9.8 | 9.8 | 9y ago | Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes… | |||
| CVE-2017-9283 | critical | 9.8 | 9.8 | 9y ago | An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. | |||
| CVE-2017-9282 | critical | 9.8 | 9.8 | 9y ago | An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerabil… | |||
| CVE-2017-12170 | critical | 9.8 | 9.8 | 9y ago | Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with defau… | |||
| CVE-2017-14652 | critical | 9.8 | 9.8 | 9y ago | SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC enco… | |||
| CVE-2017-14648 | critical | 9.8 | 9.8 | 9y ago | A global buffer overflow was discovered in the iteration_loop function in loop.c in BladeEnc version 0.94.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service o… | |||
| CVE-2017-12930 | critical | 9.8 | 9.8 | 9y ago | SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password. | |||
| CVE-2017-12928 | critical | 9.8 | 9.8 | 9y ago | A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root access with… | |||
| CVE-2017-14632 | critical | 9.8 | 9.8 | 9y ago | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 5501… | |||
| CVE-2017-14631 | critical | 9.8 | 9.8 | 9y ago | In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integer signedness error leading to a heap-based buffer overflow. | |||
| CVE-2017-14630 | critical | 9.8 | 9.8 | 9y ago | In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation. | |||
| CVE-2017-14628 | critical | 9.8 | 9.8 | 9y ago | In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp. | |||
| CVE-2017-14626 | critical | 9.8 | 9.8 | 9y ago | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. | |||
| CVE-2017-14625 | critical | 9.8 | 9.8 | 9y ago | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | |||
| CVE-2017-14624 | critical | 9.8 | 9.8 | 9y ago | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | |||
| CVE-2017-14596 | critical | 9.8 | 9.8 | 9y ago | In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | |||
| CVE-2017-12611 | critical | 9.8 | 9.8 | 9y ago | Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal | |||
| CVE-2017-8772 | critical | 9.8 | 9.8 | 9y ago | On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file syst… | |||
| CVE-2017-8771 | critical | 9.8 | 9.8 | 9y ago | On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is… | |||
| CVE-2017-6315 | critical | 9.8 | 9.8 | 9y ago | Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx. | |||
| CVE-2017-10700 | critical | 9.8 | 9.8 | 9y ago | In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can execute arbitrary system commands as the root user of the NAS application. | |||
| CVE-2017-10930 | critical | 9.8 | 9.8 | 9y ago | The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information li… | |||
| CVE-2017-14532 | critical | 9.8 | 9.8 | 9y ago | ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. | |||
| CVE-2017-14512 | critical | 9.8 | 9.8 | 9y ago | NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an editforum action, a different vulnerability than CVE-2017-12981. | |||
| CVE-2017-14244 | critical | 9.8 | 9.8 | 9y ago | An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs wi… | |||
| CVE-2017-14243 | critical | 9.8 | 9.8 | 9y ago | An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials fr… | |||
| CVE-2017-9328 | critical | 9.8 | 9.8 | 9y ago | Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root. |