CVEs from 2017
Total
11,657
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8284 | high | 7.0 | 7.0 | 9y ago | The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain pri… | |||
| CVE-2017-7477 | high | 7.0 | 7.0 | 9y ago | Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by … | |||
| CVE-2017-3617 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3616 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3615 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3614 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3613 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3612 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3611 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3610 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3609 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3608 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3607 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3606 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3605 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3604 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-0156 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when… | |||
| CVE-2017-0155 | high | 7.0 | 7.0 | 9y ago | The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Window… | |||
| CVE-2017-0583 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as … | |||
| CVE-2017-0582 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC OEM fastboot command could enable a local malicious application to execute arbitrary code within the context of the sensor hub. This issue is rated … | |||
| CVE-2017-0581 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-0580 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics Touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-0579 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0578 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High beca… | |||
| CVE-2017-0577 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0576 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated… | |||
| CVE-2017-0575 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0574 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0573 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0572 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0571 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0570 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0568 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0567 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0566 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0565 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi… | |||
| CVE-2017-0553 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because … | |||
| CVE-2017-0462 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0454 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0339 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High … | |||
| CVE-2017-0332 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High … | |||
| CVE-2017-0329 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot an… | |||
| CVE-2017-0327 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High … | |||
| CVE-2017-0325 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-4977 | high | 7.0 | 7.0 | 9y ago | EMC RSA Archer Security Operations Management with RSA Unified Collector Framework versions prior to 1.3.1.52 contain a sensitive information disclosure vulnerability that could potentially be exploi… | |||
| CVE-2017-6455 | high | 7.0 | 7.0 | 9y ago | NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable. | |||
| CVE-2017-6874 | high | 7.0 | 7.0 | 9y ago | Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via cr… | |||
| CVE-2017-0527 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0526 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0525 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b… | |||
| CVE-2017-0524 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-0523 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0521 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0520 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated… | |||
| CVE-2017-0519 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is … | |||
| CVE-2017-0518 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is … | |||
| CVE-2017-0517 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rat… | |||
| CVE-2017-0516 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rate… | |||
| CVE-2017-0464 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0463 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as… | |||
| CVE-2017-0460 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as… | |||
| CVE-2017-0458 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0457 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi… | |||
| CVE-2017-0456 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b… | |||
| CVE-2017-0453 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-2636 | high | 7.0 | 7.0 | 9y ago | privilege escalation in linux-lts | |||
| CVE-2017-6408 | high | 7.0 | 7.0 | 9y ago | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects … | |||
| CVE-2017-6346 | high | 7.0 | 7.0 | 9y ago | Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithread… | |||
| CVE-2017-6001 | high | 7.0 | 7.0 | 9y ago | Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a… | |||
| CVE-2017-0449 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2017-0447 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0446 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0445 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0444 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High … | |||
| CVE-2017-0443 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0442 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0441 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0440 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0439 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0438 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0437 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0436 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0435 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0434 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is… | |||
| CVE-2017-0433 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is… | |||
| CVE-2017-0432 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2017-0404 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0403 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2017-12373 | medium | 5.9 | 6.9 | 9y ago | A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive i… | |||
| CVE-2017-17427 | medium | 5.9 | 6.9 | 9y ago | Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed … | |||
| CVE-2017-17382 | medium | 5.9 | 6.9 | 9y ago | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote … | |||
| CVE-2017-13099 | medium | 5.9 | 6.9 | 9y ago | wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL… | |||
| CVE-2017-13098 | medium | 5.9 | 6.9 | 9y ago | Observable Discrepancy in BouncyCastle | |||
| CVE-2017-1000385 | medium | 5.9 | 6.9 | 9y ago | The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priv… | |||
| CVE-2017-15271 | medium | 5.9 | 6.9 | 9y ago | A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically res… | |||
| CVE-2017-10370 | medium | 6.9 | 6.9 | 9y ago | Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vu… | |||
| CVE-2017-14494 | medium | 5.9 | 6.9 | 9y ago | dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | |||
| CVE-2017-14955 | medium | 5.9 | 6.9 | 9y ago | Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GU… | |||
| CVE-2017-14117 | medium | 5.9 | 6.9 | 9y ago | The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows rem… | |||
| CVE-2017-3898 | medium | 5.9 | 6.9 | 9y ago | A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registr… |