CVEs from 2017
Total
11,657
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0524 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-0523 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0521 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0520 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated… | |||
| CVE-2017-0519 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is … | |||
| CVE-2017-0518 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is … | |||
| CVE-2017-0517 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rat… | |||
| CVE-2017-0516 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rate… | |||
| CVE-2017-0464 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0463 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as… | |||
| CVE-2017-0460 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as… | |||
| CVE-2017-0458 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0457 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi… | |||
| CVE-2017-0456 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b… | |||
| CVE-2017-0453 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-2636 | high | 7.0 | 7.0 | 9y ago | privilege escalation in linux-lts | |||
| CVE-2017-6408 | high | 7.0 | 7.0 | 9y ago | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects … | |||
| CVE-2017-6346 | high | 7.0 | 7.0 | 9y ago | Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithread… | |||
| CVE-2017-6001 | high | 7.0 | 7.0 | 9y ago | Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a… | |||
| CVE-2017-0449 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2017-0447 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0446 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0445 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0444 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High … | |||
| CVE-2017-0443 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0442 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0441 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0440 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0439 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0438 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0437 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0436 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0435 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0434 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is… | |||
| CVE-2017-0433 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is… | |||
| CVE-2017-0432 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2017-0404 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0403 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-12373 | medium | 5.9 | 6.9 | 9y ago | A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive i… | |||
| CVE-2017-17427 | medium | 5.9 | 6.9 | 9y ago | Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed … | |||
| CVE-2017-17382 | medium | 5.9 | 6.9 | 9y ago | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote … | |||
| CVE-2017-13099 | medium | 5.9 | 6.9 | 9y ago | wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL… | |||
| CVE-2017-13098 | medium | 5.9 | 6.9 | 9y ago | Observable Discrepancy in BouncyCastle | |||
| CVE-2017-1000385 | medium | 5.9 | 6.9 | 9y ago | The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priv… | |||
| CVE-2017-15271 | medium | 5.9 | 6.9 | 9y ago | A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically res… | |||
| CVE-2017-10370 | medium | 6.9 | 6.9 | 9y ago | Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vu… | |||
| CVE-2017-14494 | medium | 5.9 | 6.9 | 9y ago | dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | |||
| CVE-2017-14955 | medium | 5.9 | 6.9 | 9y ago | Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GU… | |||
| CVE-2017-14117 | medium | 5.9 | 6.9 | 9y ago | The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows rem… | |||
| CVE-2017-3898 | medium | 5.9 | 6.9 | 9y ago | A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registr… | |||
| CVE-2017-10058 | medium | 6.9 | 6.9 | 9y ago | Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Administration). Supported versions that are affected are 11.1.… | |||
| CVE-2017-8295 | medium | 5.9 | 6.9 | 9y ago | WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?ac… | |||
| CVE-2017-17982 | medium | 6.8 | 6.8 | 9y ago | PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php. | |||
| CVE-2017-17830 | medium | 6.8 | 6.8 | 9y ago | Bus Booking Script has CSRF via admin/new_master.php. | |||
| CVE-2017-17746 | medium | 6.8 | 6.8 | 9y ago | Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authenticati… | |||
| CVE-2017-12342 | medium | 6.8 | 6.8 | 9y ago | A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vuln… | |||
| CVE-2017-8206 | medium | 6.8 | 6.8 | 9y ago | HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use ap… | |||
| CVE-2017-8166 | medium | 6.8 | 6.8 | 9y ago | Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use app… | |||
| CVE-2017-8156 | medium | 6.8 | 6.8 | 9y ago | The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit boar… | |||
| CVE-2017-8151 | medium | 6.8 | 6.8 | 9y ago | Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's … | |||
| CVE-2017-2703 | medium | 6.8 | 6.8 | 9y ago | Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier be… | |||
| CVE-2017-2702 | medium | 6.8 | 6.8 | 9y ago | Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone. | |||
| CVE-2017-2691 | medium | 6.8 | 6.8 | 9y ago | Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass … | |||
| CVE-2017-15527 | medium | 6.8 | 6.8 | 9y ago | Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / s… | |||
| CVE-2017-11400 | medium | 6.8 | 6.8 | 9y ago | An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file s… | |||
| CVE-2017-15526 | medium | 6.8 | 6.8 | 9y ago | Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scena… | |||
| CVE-2017-16534 | medium | 6.8 | 6.8 | 9y ago | The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly hav… | |||
| CVE-2017-1000147 | medium | 6.8 | 6.8 | 9y ago | Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. … | |||
| CVE-2017-10274 | medium | 6.8 | 6.8 | 9y ago | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability… | |||
| CVE-2017-13086 | medium | 6.8 | 6.8 | 9y ago | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decry… | |||
| CVE-2017-13084 | medium | 6.8 | 6.8 | 9y ago | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, … | |||
| CVE-2017-13077 | medium | 6.8 | 6.8 | 9y ago | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, dec… | |||
| CVE-2017-12732 | medium | 6.8 | 6.8 | 9y ago | A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allow… | |||
| CVE-2017-12239 | medium | 6.8 | 6.8 | 9y ago | A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical … | |||
| CVE-2017-10814 | medium | 6.8 | 6.8 | 9y ago | Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors. | |||
| CVE-2017-10813 | medium | 6.8 | 6.8 | 9y ago | CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-8628 | medium | 6.8 | 6.8 | 9y ago | Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation … | |||
| CVE-2017-10811 | medium | 6.8 | 6.8 | 9y ago | Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-6790 | medium | 6.8 | 6.8 | 9y ago | A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) … | |||
| CVE-2017-3753 | medium | 6.8 | 6.8 | 9y ago | A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with ad… | |||
| CVE-2017-8623 | medium | 6.8 | 6.8 | 9y ago | Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system,… | |||
| CVE-2017-10198 | medium | 6.8 | 6.8 | 9y ago | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedde… | |||
| CVE-2017-10181 | medium | 6.8 | 6.8 | 9y ago | Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Supported versions that are affected are 12.0.2 and 12.0.3. Ea… | |||
| CVE-2017-10039 | medium | 6.8 | 6.8 | 9y ago | Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Web Client). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab… | |||
| CVE-2017-2282 | medium | 6.8 | 6.8 | 9y ago | Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | |||
| CVE-2017-9497 | medium | 6.8 | 6.8 | 9y ago | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics… | |||
| CVE-2017-9496 | medium | 6.8 | 6.8 | 9y ago | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port… | |||
| CVE-2017-0706 | medium | 6.8 | 6.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532. | |||
| CVE-2017-0705 | medium | 6.8 | 6.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-34973477. References: B-RB#119898. | |||
| CVE-2017-10709 | medium | 6.8 | 6.8 | 9y ago | The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess. | |||
| CVE-2017-9832 | medium | 6.8 | 6.8 | 9y ago | An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe rem… | |||
| CVE-2017-9831 | medium | 6.8 | 6.8 | 9y ago | An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds … | |||
| CVE-2017-5646 | medium | 6.8 | 6.8 | 9y ago | Apache Knox allows impersonation of users | |||
| CVE-2017-8879 | medium | 6.8 | 6.8 | 9y ago | Dolibarr allows password changes without supplying the current password | |||
| CVE-2017-6628 | medium | 6.8 | 6.8 | 9y ago | A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of s… | |||
| CVE-2017-8371 | medium | 6.8 | 6.8 | 9y ago | Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors. | |||
| CVE-2017-2152 | medium | 6.8 | 6.8 | 9y ago | WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-3485 | medium | 6.8 | 6.8 | 9y ago | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.… | |||
| CVE-2017-6975 | medium | 6.8 | 6.8 | 9y ago | Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from… | |||
| CVE-2017-7307 | medium | 6.8 | 6.8 | 9y ago | Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by… |