CVEs from 2017
Total
11,651
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1088 | low | 3.3 | 3.3 | 9y ago | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure befo… | |||
| CVE-2017-1086 | low | 3.3 | 3.3 | 9y ago | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any… | |||
| CVE-2017-13852 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the … | |||
| CVE-2017-13801 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is us… | |||
| CVE-2017-1000242 | low | 3.3 | 3.3 | 9y ago | Insecure temporary file usage in Jenkins Git Client Plugin | |||
| CVE-2017-5084 | low | 3.3 | 3.3 | 9y ago | Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. | |||
| CVE-2017-5081 | low | 3.3 | 3.3 | 9y ago | multiple issues in chromium | |||
| CVE-2017-15096 | low | 3.3 | 3.3 | 9y ago | A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service. | |||
| CVE-2017-7148 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Location Framework" component. It allows attackers to obtain sensitive location information via a… | |||
| CVE-2017-7138 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer… | |||
| CVE-2017-14772 | low | 3.3 | 3.3 | 9y ago | Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing… | |||
| CVE-2017-8676 | low | 3.3 | 3.3 | 9y ago | The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, … | |||
| CVE-2017-1422 | low | 3.3 | 3.3 | 9y ago | IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. IBM X-Force ID: 127412. | |||
| CVE-2017-10095 | low | 3.3 | 3.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticat… | |||
| CVE-2017-1381 | low | 3.3 | 3.3 | 9y ago | IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then… | |||
| CVE-2017-0709 | low | 3.3 | 3.3 | 9y ago | A information disclosure vulnerability in the HTC sensor hub driver. Product: Android. Versions: Android kernel. Android ID: A-35468048. | |||
| CVE-2017-1176 | low | 3.3 | 3.3 | 9y ago | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. IBM X-Force ID: 123299. | |||
| CVE-2017-1125 | low | 3.3 | 3.3 | 9y ago | IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340. | |||
| CVE-2017-3741 | low | 3.3 | 3.3 | 9y ago | In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbo… | |||
| CVE-2017-8933 | low | 3.3 | 3.3 | 9y ago | Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (menu unavailability). | |||
| CVE-2017-8418 | low | 3.3 | 3.3 | 9y ago | RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users. | |||
| CVE-2017-3589 | low | 3.3 | 3.3 | 9y ago | Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java | |||
| CVE-2017-3498 | low | 3.3 | 3.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privi… | |||
| CVE-2017-3474 | low | 3.3 | 3.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privile… | |||
| CVE-2017-2806 | low | 3.3 | 3.3 | 9y ago | An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory d… | |||
| CVE-2017-3033 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data. | |||
| CVE-2017-3032 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser. | |||
| CVE-2017-3031 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine. | |||
| CVE-2017-3029 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream. | |||
| CVE-2017-3022 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file. | |||
| CVE-2017-3021 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine. | |||
| CVE-2017-3020 | low | 3.3 | 3.3 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module. | |||
| CVE-2017-0188 | low | 3.3 | 3.3 | 9y ago | A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component imprope… | |||
| CVE-2017-2426 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local f… | |||
| CVE-2017-2404 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary numbe… | |||
| CVE-2017-2384 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users… | |||
| CVE-2017-5985 | low | 3.3 | 3.3 | 9y ago | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ow… | |||
| CVE-2017-2357 | low | 3.3 | 3.3 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "IOAudioFamily" component. It allows attackers to obtain sensitive kernel memory-layout inf… | |||
| CVE-2017-3301 | low | 3.3 | 3.3 | 10y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthentic… | |||
| CVE-2017-3240 | low | 3.3 | 3.3 | 10y ago | Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Loc… | |||
| CVE-2017-3239 | low | 3.3 | 3.3 | 10y ago | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnera… | |||
| CVE-2017-15897 | low | 3.1 | 3.1 | 9y ago | Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This… | |||
| CVE-2017-2739 | low | 3.1 | 3.1 | 9y ago | The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to i… | |||
| CVE-2017-11874 | low | 3.1 | 3.1 | 9y ago | Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to … | |||
| CVE-2017-11833 | low | 3.1 | 3.1 | 9y ago | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected br… | |||
| CVE-2017-11791 | low | 3.1 | 3.1 | 9y ago | ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer i… | |||
| CVE-2017-10399 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp). The supported version that is affected is 9.0.2.0. … | |||
| CVE-2017-10345 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE… | |||
| CVE-2017-1000114 | low | 3.1 | 3.1 | 9y ago | Exposure of Sensitive Information in Jenkins Datadog plugin | |||
| CVE-2017-12973 | low | 3.1 | 3.1 | 9y ago | Nimbus JOSE+JWT vulnerable to padding oracle attack | |||
| CVE-2017-3653 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Diffic… | |||
| CVE-2017-10193 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131.… | |||
| CVE-2017-3626 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerabili… | |||
| CVE-2017-3603 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2… | |||
| CVE-2017-3598 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2… | |||
| CVE-2017-3539 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121.… | |||
| CVE-2017-3490 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are… | |||
| CVE-2017-3487 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3… | |||
| CVE-2017-3468 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerabili… | |||
| CVE-2017-3307 | low | 3.1 | 3.1 | 9y ago | Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3… | |||
| CVE-2017-5190 | low | 3.1 | 3.1 | 9y ago | NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to … | |||
| CVE-2017-2383 | low | 3.1 | 3.1 | 9y ago | An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in… | |||
| CVE-2017-0042 | low | 3.1 | 3.1 | 9y ago | Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511, a… | |||
| CVE-2017-1150 | low | 3.1 | 3.1 | 9y ago | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to vie… | |||
| CVE-2017-3319 | low | 3.1 | 3.1 | 10y ago | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows lo… | |||
| CVE-2017-3264 | low | 3.1 | 3.1 | 10y ago | Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). The supported version that is affected is 16.1. Difficult to exploit vulnerability allows low privileg… | |||
| CVE-2017-1124 | low | 2.9 | 2.9 | 9y ago | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053. | |||
| CVE-2017-10426 | low | 2.7 | 2.7 | 9y ago | Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulner… | |||
| CVE-2017-10194 | low | 2.7 | 2.7 | 9y ago | Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3… | |||
| CVE-2017-10254 | low | 2.7 | 2.7 | 9y ago | Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulner… | |||
| CVE-2017-9843 | low | 2.7 | 2.7 | 9y ago | SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841. | |||
| CVE-2017-9441 | low | 2.7 | 2.7 | 9y ago | Multiple cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML by uploading a crafted package, triggering mi… | |||
| CVE-2017-9371 | low | 2.6 | 2.6 | 9y ago | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able… | |||
| CVE-2017-0096 | low | 2.6 | 2.6 | 9y ago | Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows gu… | |||
| CVE-2017-18189 | low | — | 2.5 | — | In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allo… | |||
| CVE-2017-15091 | low | — | 2.5 | — | An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the … | |||
| CVE-2017-2629 | low | — | 2.5 | — | curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or f… | |||
| CVE-2017-7921 | unknown | — | 2.5 | 3mo ago | Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information. | |||
| CVE-2017-3066 | unknown | — | 2.5 | 1y ago | Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution. | |||
| CVE-2017-1000253 | unknown | — | 2.5 | 2y ago | Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. | |||
| CVE-2017-6884 | unknown | — | 2.5 | 3y ago | Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute malicious… | |||
| CVE-2017-18368 | unknown | — | 2.5 | 3y ago | Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host param… | |||
| CVE-2017-11357 | unknown | — | 2.5 | 3y ago | Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution. | |||
| CVE-2017-5521 | unknown | — | 2.5 | 4y ago | Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server. | |||
| CVE-2017-15944 | unknown | — | 2.5 | 4y ago | Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained. | |||
| CVE-2017-0147 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet. | |||
| CVE-2017-12617 | unknown | — | 2.5 | 4y ago | When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the serv… | |||
| CVE-2017-9791 | unknown | — | 2.5 | 4y ago | The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. | |||
| CVE-2017-1000353 | unknown | — | 2.5 | 4y ago | Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would… | |||
| CVE-2017-11317 | unknown | — | 2.5 | 4y ago | Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | |||
| CVE-2017-0148 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets. | |||
| CVE-2017-0059 | unknown | — | 2.5 | 4y ago | Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site. | |||
| CVE-2017-0037 | unknown | — | 2.5 | 4y ago | Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution. | |||
| CVE-2017-0213 | unknown | — | 2.5 | 4y ago | Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application. | |||
| CVE-2017-6334 | unknown | — | 2.5 | 4y ago | dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands | |||
| CVE-2017-0146 | unknown | — | 2.5 | 4y ago | The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution. | |||
| CVE-2017-6316 | unknown | — | 2.5 | 4y ago | A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthent… | |||
| CVE-2017-3881 | unknown | — | 2.5 | 4y ago | A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected … | |||
| CVE-2017-0101 | unknown | — | 2.5 | 4y ago | A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. | |||
| CVE-2017-6077 | unknown | — | 2.5 | 4y ago | NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution. |