| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2017-20001 | The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decry... | | |
| CVE-2017-20002 | The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical te... | E | |
| CVE-2017-20003 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2017-20004 | In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard ... | S | |
| CVE-2017-20005 | NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a fi... | E S | |
| CVE-2017-20006 | UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack... | E S | |
| CVE-2017-20007 | Information Exposure in INGEPAC DA AU | S | |
| CVE-2017-20008 | myCRED < 1.7.8 - Reflected Cross-Site Scripting | E | |
| CVE-2017-20011 | WEKA INTEREST Security Scanner HTTP denial of service | | |
| CVE-2017-20012 | WEKA INTEREST Security Scanner Stresstest Scheme denial of service | | |
| CVE-2017-20013 | WEKA INTEREST Security Scanner Stresstest Configuration denial of service | | |
| CVE-2017-20014 | WEKA INTEREST Security Scanner Webspider denial of service | | |
| CVE-2017-20015 | WEKA INTEREST Security Scanner LAN Viewer denial of service | | |
| CVE-2017-20016 | WEKA INTEREST Security Scanner Portscan memory allocation | | |
| CVE-2017-20017 | The Next Generation of Genealogy Sitebuilding timeline2.php sql injection | | |
| CVE-2017-20018 | XAMPP Installer uncontrolled search path | E M | |
| CVE-2017-20019 | Solare Solar-Log Config information disclosure | E | |
| CVE-2017-20020 | Solare Solar-Log cross-site request forgery | E | |
| CVE-2017-20021 | Solare Solar-Log File Upload privileges management | E | |
| CVE-2017-20022 | Solare Solar-Log information disclosure | E | |
| CVE-2017-20023 | Solare Solar-Log Network Config privileges management | E | |
| CVE-2017-20024 | Solare Solar-Log denial of service | E | |
| CVE-2017-20025 | Solare Solar-Log Flash Memory privileges management | E | |
| CVE-2017-20026 | HumHub Reflected cross site scriting | E S | |
| CVE-2017-20027 | HumHub DOM cross site scriting | | |
| CVE-2017-20028 | HumHub privileges management | | |
| CVE-2017-20029 | PHPList Edit Subscription index.php sql injection | E | |
| CVE-2017-20030 | PHPList Sending Campain sql injection | E | |
| CVE-2017-20031 | PHPList information disclosure | E | |
| CVE-2017-20032 | PHPList Subscription sql injection | E | |
| CVE-2017-20033 | PHPList Reflected cross site scriting | E | |
| CVE-2017-20034 | PHPList List Name Persistent cross site scriting | E | |
| CVE-2017-20035 | PHPList Subscribe Persistent cross site scriting | E | |
| CVE-2017-20036 | PHPList Bounce Rule Persistent cross site scriting | E | |
| CVE-2017-20037 | SICUNET Access Controller privileges management | | |
| CVE-2017-20038 | SICUNET Access Controller card_scan_decoder.php privileges management | | |
| CVE-2017-20039 | SICUNET Access Controller hard-coded password | | |
| CVE-2017-20040 | SICUNET Access Controller Password Storage cleartext storage | | |
| CVE-2017-20041 | Ucweb UC Browser HTML URL improper restriction of rendered ui layers | E | |
| CVE-2017-20042 | Navetti PricePoint Blind sql injection | | |
| CVE-2017-20043 | Navetti PricePoint Persistent cross site scriting | E | |
| CVE-2017-20044 | Navetti PricePoint Reflected cross site scriting | E | |
| CVE-2017-20045 | Navetti PricePoint cross-site request forgery | E | |
| CVE-2017-20046 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejec... | R | |
| CVE-2017-20047 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejec... | R | |
| CVE-2017-20048 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejec... | R | |
| CVE-2017-20049 | A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown p... | | |
| CVE-2017-20050 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejec... | R | |
| CVE-2017-20051 | InnoSetup Installer uncontrolled search path | E | |
| CVE-2017-20052 | Python pgAdmin4 uncontrolled search path | E | |
| CVE-2017-20053 | XYZScripts Contact Form Manager Plugin cross-site request forgery | E | |
| CVE-2017-20054 | XYZScripts Contact Form Manager Plugin cross site scriting | E | |
| CVE-2017-20055 | BestWebSoft Contact Form Plugin Stored cross site scriting | E | |
| CVE-2017-20056 | weblizar User Login Log Plugin Stored cross site scriting | E | |
| CVE-2017-20057 | Elefant CMS Persistent cross site scriting | | |
| CVE-2017-20058 | Elefant CMS Version Comparison Persistent cross site scriting | E | |
| CVE-2017-20059 | Elefant CMS Title Persistent cross site scriting | | |
| CVE-2017-20060 | Elefant CMS Blog Post Persistent cross site scriting | | |
| CVE-2017-20061 | Elefant CMS extended Reflected cross site scriting | | |
| CVE-2017-20062 | Elefant CMS cross-site request forgery | E | |
| CVE-2017-20063 | Elefant CMS File Upload drop privileges management | E | |
| CVE-2017-20064 | Elefant CMS layout code injection | E | |
| CVE-2017-20065 | Supsystic Popup Plugin cross-site request forgery | E | |
| CVE-2017-20066 | Adminer Login access control | E | |
| CVE-2017-20067 | Hindu Matrimonial Script sql injection | E | |
| CVE-2017-20068 | Hindu Matrimonial Script usermanagement.php privileges management | E | |
| CVE-2017-20069 | Hindu Matrimonial Script countrymanagement.php privileges management | E | |
| CVE-2017-20070 | Hindu Matrimonial Script communitymanagement.php privileges management | E | |
| CVE-2017-20071 | Hindu Matrimonial Script renewaldue.php privileges management | E | |
| CVE-2017-20072 | Hindu Matrimonial Script generalsettings.php privileges management | E | |
| CVE-2017-20073 | Hindu Matrimonial Script cms.php privileges management | E | |
| CVE-2017-20074 | Hindu Matrimonial Script newsletter1.php privileges management | E | |
| CVE-2017-20075 | Hindu Matrimonial Script payment.php privileges management | E | |
| CVE-2017-20076 | Hindu Matrimonial Script searchview.php privileges management | E | |
| CVE-2017-20077 | Hindu Matrimonial Script success_story.php privileges management | E | |
| CVE-2017-20078 | Hindu Matrimonial Script featured.php privileges management | E | |
| CVE-2017-20079 | Hindu Matrimonial Script photo.php privileges management | E | |
| CVE-2017-20080 | Hindu Matrimonial Script googleads.php privileges management | E | |
| CVE-2017-20081 | Hindu Matrimonial Script reports.php privileges management | E | |
| CVE-2017-20082 | JUNG Smart Visu Server backdoor | E | |
| CVE-2017-20083 | JUNG Smart Visu Server SSH Server backdoor | E | |
| CVE-2017-20084 | JUNG Smart Visu Server KNX Group Address backdoor | E | |
| CVE-2017-20085 | Atahualpa Theme cross site scriting | E | |
| CVE-2017-20086 | VaultPress Plugin code injection | E | |
| CVE-2017-20087 | Alpine PhotoTile for Instagram Plugin cross site scriting | E | |
| CVE-2017-20088 | Atahualpa Theme cross-site request forgery | E | |
| CVE-2017-20089 | Gwolle Guestbook Plugin cross site scriting | E | |
| CVE-2017-20090 | Global Content Blocks Plugin cross-site request forgery | E | |
| CVE-2017-20091 | File Manager Plugin cross-site request forgery | E | |
| CVE-2017-20092 | Google Analytics Dashboard Plugin cross site scriting | E | |
| CVE-2017-20093 | Download Manager Plugin cross-site request forgery | E | |
| CVE-2017-20094 | NewStatPress Plugin Persistent cross site scriting | E S | |
| CVE-2017-20095 | Simple Ads Manager Plugin code injection | E | |
| CVE-2017-20096 | WP-SpamFree Anti-Spam Plugin cross site scriting | E | |
| CVE-2017-20097 | WP-Filebase Download Manager Plugin cross site scriting | E | |
| CVE-2017-20098 | Admin Custom Login Plugin Persistent cross site scripting | E | |
| CVE-2017-20099 | Analytics Stats Counter Statistics Plugin code injection | E | |
| CVE-2017-20100 | Air Transfer cross site scripting | E | |
| CVE-2017-20101 | ProjectSend information disclosure | E | |
| CVE-2017-20102 | Album Lock getImage path traversal | | |
| CVE-2017-20103 | Kama Click Counter Plugin admin.php Blind sql injection | E | |
| CVE-2017-20104 | Simplessus Cookie Time sql injection | E | |
| CVE-2017-20105 | Simplessus path traversal | E | |
| CVE-2017-20106 | Lithium Forum Compose Message server-side request forgery | E M | |
| CVE-2017-20107 | ShadeYouVPN.com Client privileges management | E | |
| CVE-2017-20108 | Easy Table Plugin options-general.php cross site scripting | E | |
| CVE-2017-20109 | Teleopti WFM Administration GetOneTenant Credentials information disclosure | E | |
| CVE-2017-20110 | Teleopti WFM Administration Credentials information disclosure | E | |
| CVE-2017-20111 | Teleopti WFM Administration privileges management | E | |
| CVE-2017-20112 | IVPN Client privileges management | E | |
| CVE-2017-20113 | TrueConf Server Stored cross site scripting | E | |
| CVE-2017-20114 | TrueConf Server Reflected cross site scripting | E | |
| CVE-2017-20115 | TrueConf Server Reflected cross site scripting | E | |
| CVE-2017-20116 | TrueConf Server Reflected cross site scripting | E | |
| CVE-2017-20117 | TrueConf Server group DOM cross site scripting | E | |
| CVE-2017-20118 | TrueConf Server DOM cross site scripting | E | |
| CVE-2017-20119 | TrueConf Server change-lang redirect | E | |
| CVE-2017-20120 | TrueConf Server cross-site request forgery | | |
| CVE-2017-20121 | Teradici Management Console Database Management privileges management | E | |
| CVE-2017-20122 | Bitrix Site Manager Contact Form cross site scripting | E | |
| CVE-2017-20123 | Viscosity DLL untrusted search path | E | |
| CVE-2017-20124 | Online Hotel Booking System Pro Plugin roomtype-details.php sql injection | | |
| CVE-2017-20125 | Online Hotel Booking System Pro roomtype-details.php sql injection | E | |
| CVE-2017-20126 | KB Affiliate Referral Script index.php sql injection | | |
| CVE-2017-20127 | KB Login Authentication Script sql injection | E | |
| CVE-2017-20128 | KB Messages PHP Script sql injection | E | |
| CVE-2017-20129 | LogoStore search.php sql injection | | |
| CVE-2017-20130 | Itech Real Estate Script search_property.php sql injection | E | |
| CVE-2017-20131 | Itech News Portal information.php sql injection | E | |
| CVE-2017-20132 | Itech Multi Vendor Script product-list.php sql injection | E | |
| CVE-2017-20133 | Itech Job Portal Script admin improper authentication | | |
| CVE-2017-20134 | Itech Freelancer Script category.php sql injection | E | |
| CVE-2017-20135 | Itech Dating Script see_more_details.php sql injection | E | |
| CVE-2017-20136 | Itech Classifieds Script subpage.php sql injection | | |
| CVE-2017-20137 | Itech B2B Script catcompany.php sql injection | | |
| CVE-2017-20138 | Itech Auction Script mcategory.php Blind sql injection | | |
| CVE-2017-20139 | Itech Movie Portal Script show_news.php Error sql injection | E | |
| CVE-2017-20140 | Itech Movie Portal Script movie.php Reflected cross site scripting | E | |
| CVE-2017-20141 | Itech Movie Portal Script movie.php Union sql injection | E | |
| CVE-2017-20142 | Itech Movie Portal Script artist-display.php Union sql injection | E | |
| CVE-2017-20143 | Itech Movie Portal Script film-rating.php Error sql injection | E | |
| CVE-2017-20144 | Anvsoft PDFMate PDF Converter Pro memory corruption | E | |
| CVE-2017-20145 | Tecrail Responsive Filemanger path traversal | E | |
| CVE-2017-20146 | Improper access control in github.com/gorilla/handlers | S | |
| CVE-2017-20147 | In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID ... | E | |
| CVE-2017-20148 | In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achie... | E S | |
| CVE-2017-20149 | The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-... | E | |
| CVE-2017-20150 | challenge website sql injection | S | |
| CVE-2017-20151 | iText RUPS XfaFile.java xml external entity reference | S | |
| CVE-2017-20152 | aerouk imageserve File viewer.php path traversal | E S | |
| CVE-2017-20153 | aerouk imageserve cross site scripting | E S | |
| CVE-2017-20154 | ghostlander Phoenixcoin main.cpp accept denial of service | S | |
| CVE-2017-20155 | Sterc Google Analytics Dashboard for MODX Internal Search widget.analytics.tpl cross site scripting | E S | |
| CVE-2017-20156 | Exciting Printer Argument prepare_page.rb command injection | S | |
| CVE-2017-20157 | Ariadne Component Library Url.php server-side request forgery | S | |
| CVE-2017-20158 | vova07 Yii2 FileAPI Widget UploadAction.php run cross site scripting | S | |
| CVE-2017-20159 | rf Keynote rumble.rb cross site scripting | S | |
| CVE-2017-20160 | flitto express-param fetchParams.js parameter pollution | S | |
| CVE-2017-20161 | rofl0r MacGeiger ESSID macgeiger.c dump_wlan_at injection | S | |
| CVE-2017-20162 | vercel ms index.js parse redos | E S | |
| CVE-2017-20163 | Red Snapper NView Session.php mutate sql injection | S | |
| CVE-2017-20164 | Symbiote Seed Login SecurityLoginExtension.php onBeforeSecurityLogin redirect | S | |
| CVE-2017-20165 | debug-js debug node.js useColors redos | S | |
| CVE-2017-20166 | Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and r... | E S | |
| CVE-2017-20167 | Minichan reports.php cross site scripting | S | |
| CVE-2017-20168 | jfm-so piWallet api.php sql injection | S | |
| CVE-2017-20169 | GGGGGGGG ToN-MasterServer svr_request_pub.php sql injection | S | |
| CVE-2017-20170 | ollpu parontalli index.php sql injection | S | |
| CVE-2017-20171 | PrivateSky apersistence mysqlUtils.js sql injection | S | |
| CVE-2017-20172 | ridhoq soundslike songs.py get_song_relations sql injection | S | |
| CVE-2017-20173 | AlexRed contentmap contentmap.php Load sql injection | S | |
| CVE-2017-20174 | bastianallgeier Kirby Webmentions Plugin injection | S | |
| CVE-2017-20175 | DaSchTour matomo-mediawiki-extension Username Piwik.hooks.php cross site scripting | E S | |
| CVE-2017-20176 | ciubotaru share-on-diaspora new_window.php cross site scripting | S | |
| CVE-2017-20177 | WangGuard Plugin WGG User List wangguard-user-info.php wangguard_users_info cross site scripting | S | |
| CVE-2017-20178 | Codiad process.php saveJSON information disclosure | S | |
| CVE-2017-20179 | InSTEDD Pollit tour_controller.rb TourController Privilege Escalation | S | |
| CVE-2017-20180 | Zerocoin libzerocoin Proof CoinSpend.cpp CoinSpend data authenticity | S | |
| CVE-2017-20181 | hgzojer Vocable Trainer VocableTrainerProvider.java path traversal | S | |
| CVE-2017-20182 | Mobile Vikings Django AJAX Utilities Backslash pagination.js Pagination cross site scripting | S | |
| CVE-2017-20183 | External Media without Import Plugin external-media-without-import.php print_media_new_panel cross site scripting | S | |
| CVE-2017-20184 | Carlo Gavazzi Powersoft prone to Path Traversal | E | |
| CVE-2017-20185 | Fuzzy SWMP GET Parameter swmp.php cross site scripting | E S | |
| CVE-2017-20186 | nikooo777 ckSurf Spectator List Name misc.sp SpecListMenuDead denial of service | S | |
| CVE-2017-20187 | Magnesium-PHP Base.php formatEmailString injection | S | |
| CVE-2017-20188 | Zimbra zm-ajax XFormItem.js XFormItem.prototype.setError cross site scripting | S | |
| CVE-2017-20189 | In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrar... | E S | |
| CVE-2017-20190 | Some Microsoft technologies as used in Windows 8 through 11 allow a temporary client-side performanc... | | |
| CVE-2017-20191 | Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError cross site scripting | S | |
| CVE-2017-20192 | Formidable Form Builder < 2.05.03 - Unauthenticated Stored Cross-Site Scripting | | |
| CVE-2017-20193 | Product Vendors <= 2.0.35 - Reflected Cross Site Scripting | S | |
| CVE-2017-20194 | Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure | E | |
| CVE-2017-20195 | LUNAD3v AreaLoad request.php sql injection | S | |
| CVE-2017-20196 | Itechscripts School Management Software notice-edit.php sql injection | E | |
| CVE-2017-20197 | propanetank Roommate-Bill-Tracking login.php sql injection | S |