| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2017-5000 | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information ex... | | |
| CVE-2017-5001 | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information ex... | | |
| CVE-2017-5002 | EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect ... | | |
| CVE-2017-5003 | EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycl... | | |
| CVE-2017-5004 | EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycl... | | |
| CVE-2017-5005 | Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 1... | E | |
| CVE-2017-5006 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5007 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5008 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5009 | WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Andro... | | |
| CVE-2017-5010 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5011 | Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowe... | | |
| CVE-2017-5012 | A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and ... | | |
| CVE-2017-5013 | Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-se... | | |
| CVE-2017-5014 | Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linu... | | |
| CVE-2017-5015 | Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorr... | | |
| CVE-2017-5016 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5017 | Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video... | | |
| CVE-2017-5018 | Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an... | | |
| CVE-2017-5019 | A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87... | | |
| CVE-2017-5020 | Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed... | | |
| CVE-2017-5021 | A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87... | | |
| CVE-2017-5022 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5023 | Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 5... | | |
| CVE-2017-5024 | FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper b... | | |
| CVE-2017-5025 | FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper b... | | |
| CVE-2017-5026 | Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being ... | | |
| CVE-2017-5027 | Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Androi... | | |
| CVE-2017-5028 | Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker ... | | |
| CVE-2017-5029 | The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome p... | | |
| CVE-2017-5030 | Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Window... | KEV E | |
| CVE-2017-5031 | A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attack... | | |
| CVE-2017-5032 | PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of ... | | |
| CVE-2017-5033 | Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Andro... | | |
| CVE-2017-5034 | A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a re... | | |
| CVE-2017-5035 | Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chro... | | |
| CVE-2017-5036 | A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57... | | |
| CVE-2017-5037 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5038 | Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free ... | | |
| CVE-2017-5039 | A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57... | | |
| CVE-2017-5040 | V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android ... | | |
| CVE-2017-5041 | Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a re... | | |
| CVE-2017-5042 | Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Androi... | | |
| CVE-2017-5043 | Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free ... | | |
| CVE-2017-5044 | Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Wi... | | |
| CVE-2017-5045 | XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for... | | |
| CVE-2017-5046 | V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android ... | | |
| CVE-2017-5047 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5048 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5049 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5050 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5051 | An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and... | | |
| CVE-2017-5052 | An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for M... | | |
| CVE-2017-5053 | An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and... | | |
| CVE-2017-5054 | An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and... | | |
| CVE-2017-5055 | A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a... | | |
| CVE-2017-5056 | A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 5... | | |
| CVE-2017-5057 | Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.... | | |
| CVE-2017-5058 | A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote... | | |
| CVE-2017-5059 | Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0... | | |
| CVE-2017-5060 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, ... | | |
| CVE-2017-5061 | A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac al... | | |
| CVE-2017-5062 | A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, ... | | |
| CVE-2017-5063 | A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 5... | | |
| CVE-2017-5064 | Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowe... | | |
| CVE-2017-5065 | Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for... | | |
| CVE-2017-5066 | Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior... | | |
| CVE-2017-5067 | An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windo... | | |
| CVE-2017-5068 | Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, ... | | |
| CVE-2017-5069 | Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Li... | | |
| CVE-2017-5070 | Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.30... | KEV E | |
| CVE-2017-5071 | Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, W... | | |
| CVE-2017-5072 | Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a... | | |
| CVE-2017-5073 | Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, ... | | |
| CVE-2017-5074 | A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote ... | | |
| CVE-2017-5075 | Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Li... | | |
| CVE-2017-5076 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, ... | | |
| CVE-2017-5077 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux,... | | |
| CVE-2017-5078 | Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.... | | |
| CVE-2017-5079 | Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and L... | | |
| CVE-2017-5080 | A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Window... | | |
| CVE-2017-5081 | Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac,... | | |
| CVE-2017-5082 | Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to... | | |
| CVE-2017-5083 | Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and L... | | |
| CVE-2017-5084 | Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a loc... | | |
| CVE-2017-5085 | Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote atta... | | |
| CVE-2017-5086 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Ma... | | |
| CVE-2017-5087 | A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 5... | | |
| CVE-2017-5088 | Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Wi... | | |
| CVE-2017-5089 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a... | | |
| CVE-2017-5090 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a... | | |
| CVE-2017-5091 | A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, an... | | |
| CVE-2017-5092 | Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 f... | | |
| CVE-2017-5093 | Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.7... | | |
| CVE-2017-5094 | Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Win... | | |
| CVE-2017-5095 | Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed ... | | |
| CVE-2017-5096 | Insufficient policy enforcement during navigation between different schemes in Google Chrome prior t... | | |
| CVE-2017-5097 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux ... | | |
| CVE-2017-5098 | A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android a... | | |
| CVE-2017-5099 | Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 f... | | |
| CVE-2017-5100 | A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacke... | | |
| CVE-2017-5101 | Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, a... | | |
| CVE-2017-5102 | Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux... | | |
| CVE-2017-5103 | Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and... | | |
| CVE-2017-5104 | Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed... | | |
| CVE-2017-5105 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, ... | | |
| CVE-2017-5106 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, ... | | |
| CVE-2017-5107 | A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac ... | | |
| CVE-2017-5108 | Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android... | | |
| CVE-2017-5109 | Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior... | | |
| CVE-2017-5110 | Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in G... | | |
| CVE-2017-5111 | A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowe... | | |
| CVE-2017-5112 | Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote at... | | |
| CVE-2017-5113 | Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3... | | |
| CVE-2017-5114 | Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Win... | | |
| CVE-2017-5115 | Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to... | | |
| CVE-2017-5116 | Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.31... | | |
| CVE-2017-5117 | Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows a... | | |
| CVE-2017-5118 | Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Andro... | | |
| CVE-2017-5119 | Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and L... | | |
| CVE-2017-5120 | Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.316... | | |
| CVE-2017-5121 | Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windo... | | |
| CVE-2017-5122 | Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows a... | | |
| CVE-2017-5123 | Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.... | S | |
| CVE-2017-5124 | Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote... | | |
| CVE-2017-5125 | Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to pot... | | |
| CVE-2017-5126 | A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to poten... | | |
| CVE-2017-5127 | Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potenti... | | |
| CVE-2017-5128 | Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to po... | | |
| CVE-2017-5129 | A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attack... | | |
| CVE-2017-5130 | An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3... | | |
| CVE-2017-5131 | An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to pote... | | |
| CVE-2017-5132 | Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker ... | | |
| CVE-2017-5133 | Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote a... | | |
| CVE-2017-5135 | Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customizat... | | |
| CVE-2017-5136 | An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed t... | | |
| CVE-2017-5137 | An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could reques... | | |
| CVE-2017-5139 | An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and... | | |
| CVE-2017-5140 | An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and... | | |
| CVE-2017-5141 | An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and... | | |
| CVE-2017-5142 | An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and... | | |
| CVE-2017-5143 | An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and... | | |
| CVE-2017-5144 | An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV pr... | | |
| CVE-2017-5145 | An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV pr... | | |
| CVE-2017-5146 | An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV pr... | | |
| CVE-2017-5147 | An Uncontrolled Search Path Element issue was discovered in AzeoTech DAQFactory versions prior to 17... | | |
| CVE-2017-5149 | An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models:... | M | |
| CVE-2017-5151 | An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Inj... | | |
| CVE-2017-5152 | An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource... | M | |
| CVE-2017-5153 | An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2... | | |
| CVE-2017-5154 | An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection ... | M | |
| CVE-2017-5155 | An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wond... | M | |
| CVE-2017-5156 | A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access An... | | |
| CVE-2017-5157 | An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to ... | | |
| CVE-2017-5158 | An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywher... | | |
| CVE-2017-5159 | An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. W... | M | |
| CVE-2017-5160 | An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Acce... | | |
| CVE-2017-5161 | An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02... | M | |
| CVE-2017-5162 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of au... | | |
| CVE-2017-5163 | An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior ver... | S | |
| CVE-2017-5164 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent... | | |
| CVE-2017-5165 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is n... | | |
| CVE-2017-5166 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMA... | | |
| CVE-2017-5167 | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do n... | | |
| CVE-2017-5168 | An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Pa... | S | |
| CVE-2017-5169 | An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cr... | S | |
| CVE-2017-5170 | An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.3... | M | |
| CVE-2017-5173 | An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck... | E | |
| CVE-2017-5174 | An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.... | E | |
| CVE-2017-5175 | Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attack... | | |
| CVE-2017-5176 | A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The f... | S | |
| CVE-2017-5177 | A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack... | E | |
| CVE-2017-5178 | An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonde... | | |
| CVE-2017-5179 | Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated ... | | |
| CVE-2017-5180 | Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case... | | |
| CVE-2017-5181 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7692. Reason: This candidat... | R | |
| CVE-2017-5182 | Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any a... | | |
| CVE-2017-5183 | NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS i... | | |
| CVE-2017-5184 | A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of i... | | |
| CVE-2017-5185 | A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denia... | | |
| CVE-2017-5186 | Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x b... | | |
| CVE-2017-5187 | A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Admi... | | |
| CVE-2017-5188 | OBS worker VM escape via relative symbolic links | | |
| CVE-2017-5189 | private SSL key embedded in JAR file in iManager | | |
| CVE-2017-5190 | NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identi... | | |
| CVE-2017-5191 | An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 and 4.3 exists because Access... | | |
| CVE-2017-5192 | When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before ... | | |
| CVE-2017-5193 | The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NU... | S | |
| CVE-2017-5194 | Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of ser... | S | |
| CVE-2017-5195 | Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read ... | S | |
| CVE-2017-5196 | Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read ... | S | |
| CVE-2017-5197 | There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page na... | | |
| CVE-2017-5198 | SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users... | | |
| CVE-2017-5199 | The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users ... | | |
| CVE-2017-5200 | Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.... | | |
| CVE-2017-5201 | NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obt... | | |
| CVE-2017-5202 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().... | | |
| CVE-2017-5203 | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().... | | |
| CVE-2017-5204 | The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().... | | |
| CVE-2017-5205 | The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().... | | |
| CVE-2017-5206 | Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attack... | S | |
| CVE-2017-5207 | Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileg... | S | |
| CVE-2017-5208 | Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause ... | | |
| CVE-2017-5209 | The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to ... | S | |
| CVE-2017-5210 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.... | | |
| CVE-2017-5211 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.... | | |
| CVE-2017-5212 | Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.... | | |
| CVE-2017-5213 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).... | | |
| CVE-2017-5214 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows prediction o... | E | |
| CVE-2017-5215 | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename att... | E | |
| CVE-2017-5216 | Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. T... | M | |
| CVE-2017-5217 | Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(... | | |
| CVE-2017-5218 | A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. The AP_DocumentUI.asp web resour... | | |
| CVE-2017-5219 | An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided... | | |
| CVE-2017-5223 | An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformatio... | E S | |
| CVE-2017-5225 | LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS o... | E S | |
| CVE-2017-5226 | When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent se... | E S | |
| CVE-2017-5227 | QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator pas... | E M | |
| CVE-2017-5228 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal v... | M | |
| CVE-2017-5229 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal v... | M | |
| CVE-2017-5230 | The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a... | M | |
| CVE-2017-5231 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal v... | M | |
| CVE-2017-5232 | All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerabi... | M | |
| CVE-2017-5233 | Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wh... | M | |
| CVE-2017-5234 | Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, ... | M | |
| CVE-2017-5235 | Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnera... | M | |
| CVE-2017-5236 | Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulne... | | |
| CVE-2017-5237 | Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's ph... | | |
| CVE-2017-5238 | Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracke... | | |
| CVE-2017-5239 | Due to a lack of standard encryption when transmitting sensitive information over the internet to a ... | | |
| CVE-2017-5240 | Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in t... | | |
| CVE-2017-5241 | Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication p... | E | |
| CVE-2017-5242 | Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key | M | |
| CVE-2017-5243 | The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does no... | | |
| CVE-2017-5244 | Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET reque... | E | |
| CVE-2017-5245 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2017-5246 | Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name fiel... | | |
| CVE-2017-5247 | Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authent... | | |
| CVE-2017-5249 | In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by ... | | |
| CVE-2017-5250 | In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app... | | |
| CVE-2017-5251 | In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication b... | | |
| CVE-2017-5254 | In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer'... | | |
| CVE-2017-5255 | In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain p... | E | |
| CVE-2017-5256 | In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability... | | |
| CVE-2017-5257 | In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the S... | | |
| CVE-2017-5258 | In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the R... | E | |
| CVE-2017-5259 | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege... | | |
| CVE-2017-5260 | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access t... | | |
| CVE-2017-5261 | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' fun... | | |
| CVE-2017-5262 | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) communi... | | |
| CVE-2017-5263 | Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigat... | | |
| CVE-2017-5264 | Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended... | E | |
| CVE-2017-5328 | Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users vi... | | |
| CVE-2017-5329 | Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via ve... | E | |
| CVE-2017-5330 | ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an ar... | E S | |
| CVE-2017-5331 | Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 all... | S | |
| CVE-2017-5332 | The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access un... | S | |
| CVE-2017-5333 | Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icout... | S | |
| CVE-2017-5334 | Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3... | S | |
| CVE-2017-5335 | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3... | S | |
| CVE-2017-5336 | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS befor... | S | |
| CVE-2017-5337 | Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.... | S | |
| CVE-2017-5338 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2017-5339 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2017-5340 | Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require l... | E S | |
| CVE-2017-5341 | The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().... | | |
| CVE-2017-5342 | In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN ... | | |
| CVE-2017-5344 | An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called... | E | |
| CVE-2017-5345 | SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows r... | E S | |
| CVE-2017-5346 | SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows re... | E S | |
| CVE-2017-5347 | SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authen... | E S | |
| CVE-2017-5350 | Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI ... | | |
| CVE-2017-5351 | Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the syst... | | |
| CVE-2017-5356 | Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and cra... | E S | |
| CVE-2017-5357 | regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malforme... | S | |
| CVE-2017-5358 | Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attac... | E | |
| CVE-2017-5359 | EasyCom SQL iPlug allows remote attackers to cause a denial of service via the D$EVAL parameter to t... | E | |
| CVE-2017-5361 | Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a c... | | |
| CVE-2017-5364 | Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Serv... | S | |
| CVE-2017-5367 | Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.... | E | |
| CVE-2017-5368 | ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross... | E | |
| CVE-2017-5371 | Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of... | | |
| CVE-2017-5372 | The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remo... | | |
| CVE-2017-5373 | Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evi... | | |
| CVE-2017-5374 | Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corru... | E | |
| CVE-2017-5375 | JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory c... | E | |
| CVE-2017-5376 | Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45... | | |
| CVE-2017-5377 | A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, re... | | |
| CVE-2017-5378 | Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because a... | E S | |
| CVE-2017-5379 | Use-after-free vulnerability in Web Animations when interacting with cycle collection found through ... | E | |
| CVE-2017-5380 | A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulner... | | |
| CVE-2017-5381 | The "export" function in the Certificate Viewer can force local filesystem navigation when the "comm... | | |
| CVE-2017-5382 | Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged cont... | S | |
| CVE-2017-5383 | URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger pu... | | |
| CVE-2017-5384 | Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the... | E S | |
| CVE-2017-5385 | Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore t... | E S | |
| CVE-2017-5386 | WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions usi... | E S | |
| CVE-2017-5387 | The existence of a specifically requested local file can be found due to the double firing of the "o... | E | |
| CVE-2017-5388 | A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to... | | |
| CVE-2017-5389 | WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the app... | E S | |
| CVE-2017-5390 | The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for c... | S | |
| CVE-2017-5391 | Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in... | S | |
| CVE-2017-5392 | Weak proxy objects have weak references on multiple threads when they should only have them on one, ... | | |
| CVE-2017-5393 | The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org,... | | |
| CVE-2017-5394 | A location bar spoofing attack where the location bar of loaded page will be shown over the content ... | E S | |
| CVE-2017-5395 | Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing l... | E | |
| CVE-2017-5396 | A use-after-free vulnerability in the Media Decoder when working with media files when some events a... | E S | |
| CVE-2017-5397 | The cache directory on the local file system is set to be world writable. Firefox defaults to extrac... | S | |
| CVE-2017-5398 | Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory c... | | |
| CVE-2017-5399 | Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corrupt... | | |
| CVE-2017-5400 | JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protection... | | |
| CVE-2017-5401 | A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a l... | E | |
| CVE-2017-5402 | A use-after-free can occur when events are fired for a "FontFace" object after the object has been a... | S | |
| CVE-2017-5403 | When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an... | | |
| CVE-2017-5404 | A use-after-free error can occur when manipulating ranges in selections with one node inside a nativ... | E S | |
| CVE-2017-5405 | Certain response codes in FTP connections can result in the use of uninitialized values for ports in... | E | |
| CVE-2017-5406 | A segmentation fault can occur in the Skia graphics library during some canvas operations due to iss... | E S | |
| CVE-2017-5407 | Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious... | E | |
| CVE-2017-5408 | Video files loaded video captions cross-origin without checking for the presence of CORS headers per... | E S | |
| CVE-2017-5409 | The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file... | E | |
| CVE-2017-5410 | Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScri... | E | |
| CVE-2017-5411 | A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used ... | E | |
| CVE-2017-5412 | A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vu... | | |
| CVE-2017-5413 | A segmentation fault can occur during some bidirectional layout operations. This vulnerability affec... | E S | |
| CVE-2017-5414 | The file picker dialog can choose and display the wrong local default directory when instantiated. O... | | |
| CVE-2017-5415 | An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as ... | E S | |
| CVE-2017-5416 | In certain circumstances a networking event listener can be prematurely released. This appears to re... | E | |
| CVE-2017-5417 | When dragging content from the primary browser pane to the addressbar on a malicious site, it is pos... | S | |
| CVE-2017-5418 | An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting ... | E S | |
| CVE-2017-5419 | If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI wil... | E S | |
| CVE-2017-5420 | A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displa... | E S | |
| CVE-2017-5421 | A malicious site could spoof the contents of the print preview window if popup windows are enabled, ... | E S | |
| CVE-2017-5422 | If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can t... | E S | |
| CVE-2017-5425 | The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions.... | | |
| CVE-2017-5426 | On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plug... | S | |
| CVE-2017-5427 | A non-existent chrome.manifest file will attempt to be loaded during startup from the primary instal... | S | |
| CVE-2017-5428 | An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for t... | E S | |
| CVE-2017-5429 | Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52... | | |
| CVE-2017-5430 | Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bu... | | |
| CVE-2017-5432 | A use-after-free vulnerability occurs during certain text input selection resulting in a potentially... | S | |
| CVE-2017-5433 | A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation element... | E S | |
| CVE-2017-5434 | A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially... | E | |
| CVE-2017-5435 | A use-after-free vulnerability occurs during transaction processing in the editor during design mode... | S | |
| CVE-2017-5436 | An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font.... | | |
| CVE-2017-5437 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-... | R | |
| CVE-2017-5438 | A use-after-free vulnerability during XSLT processing due to the result handler being held by a free... | E S | |
| CVE-2017-5439 | A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. T... | E | |
| CVE-2017-5440 | A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions... | E S | |
| CVE-2017-5441 | A use-after-free vulnerability when holding a selection during scroll events. This results in a pote... | E | |
| CVE-2017-5442 | A use-after-free vulnerability during changes in style when manipulating DOM elements. This results ... | S | |
| CVE-2017-5443 | An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This v... | E S | |
| CVE-2017-5444 | A buffer overflow vulnerability while parsing "application/http-index-format" format content when th... | | |
| CVE-2017-5445 | A vulnerability while parsing "application/http-index-format" format content where uninitialized val... | E | |
| CVE-2017-5446 | An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data... | E S | |
| CVE-2017-5447 | An out-of-bounds read during the processing of glyph widths during text layout. This results in a po... | E | |
| CVE-2017-5448 | An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content... | | |
| CVE-2017-5449 | A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text ... | | |
| CVE-2017-5450 | A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for An... | E | |
| CVE-2017-5451 | A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" ... | E S | |
| CVE-2017-5452 | Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new... | E S | |
| CVE-2017-5453 | A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape charac... | | |
| CVE-2017-5454 | A mechanism to bypass file system access protections in the sandbox to use the file picker to access... | S | |
| CVE-2017-5455 | The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and esca... | E S | |
| CVE-2017-5456 | A mechanism to bypass file system access protections in the sandbox using the file system request co... | E S | |
| CVE-2017-5458 | When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processe... | E | |
| CVE-2017-5459 | A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash.... | E S | |
| CVE-2017-5460 | A use-after-free vulnerability in frame selection triggered by a combination of malicious script con... | E S | |
| CVE-2017-5461 | Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x b... | S | |
| CVE-2017-5462 | A flaw in DRBG number generation within the Network Security Services (NSS) library where the intern... | | |
| CVE-2017-5463 | Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. ... | S | |
| CVE-2017-5464 | During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sy... | | |
| CVE-2017-5465 | An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and a... | E S | |
| CVE-2017-5466 | If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:tex... | E S | |
| CVE-2017-5467 | A potential memory corruption and crash when using Skia content when drawing content outside of the ... | S | |
| CVE-2017-5468 | An issue with incorrect ownership model of "privateBrowsing" information exposed through developer t... | S | |
| CVE-2017-5469 | Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This ... | S | |
| CVE-2017-5470 | Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evide... | | |
| CVE-2017-5471 | Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corrupt... | | |
| CVE-2017-5472 | A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CS... | S | |
| CVE-2017-5473 | Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hij... | E S | |
| CVE-2017-5474 | Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to r... | S | |
| CVE-2017-5475 | comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments.... | | |
| CVE-2017-5476 | Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin.... | | |
| CVE-2017-5480 | Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows re... | | |
| CVE-2017-5481 | Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated use... | S | |
| CVE-2017-5482 | The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a differe... | | |
| CVE-2017-5483 | The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().... | | |
| CVE-2017-5484 | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().... | | |
| CVE-2017-5485 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().... | | |
| CVE-2017-5486 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().... | | |
| CVE-2017-5487 | wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in ... | E S | |
| CVE-2017-5488 | Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before ... | S | |
| CVE-2017-5489 | Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to... | | |
| CVE-2017-5490 | Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/cla... | S | |
| CVE-2017-5491 | wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restri... | S | |
| CVE-2017-5492 | Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in ... | S | |
| CVE-2017-5493 | wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not prope... | S | |
| CVE-2017-5494 | Multiple cross-site scripting (XSS) vulnerabilities in the file types table in b2evolution through 6... | S | |
| CVE-2017-5495 | All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the ... | S | |
| CVE-2017-5496 | Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a p... | E | |
| CVE-2017-5498 | libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of ... | E | |
| CVE-2017-5499 | Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a de... | E | |
| CVE-2017-5500 | libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (cra... | E | |
| CVE-2017-5501 | Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a d... | E | |
| CVE-2017-5502 | libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (cra... | E | |
| CVE-2017-5503 | The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to ... | E | |
| CVE-2017-5504 | The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to c... | E | |
| CVE-2017-5505 | The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denia... | E | |
| CVE-2017-5506 | Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspeci... | S | |
| CVE-2017-5507 | Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attac... | S | |
| CVE-2017-5508 | Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x be... | S | |
| CVE-2017-5509 | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD fil... | S | |
| CVE-2017-5510 | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD fil... | S | |
| CVE-2017-5511 | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an impr... | S | |
| CVE-2017-5515 | Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allow... | E S | |
| CVE-2017-5516 | Multiple cross-site scripting (XSS) vulnerabilities in the user forms in GeniXCMS through 0.0.8 allo... | E S | |
| CVE-2017-5517 | SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers ... | E S | |
| CVE-2017-5518 | The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF atta... | E S | |
| CVE-2017-5519 | SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to ... | E S | |
| CVE-2017-5520 | The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions... | E S | |
| CVE-2017-5521 | An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, ... | KEV E | |
| CVE-2017-5522 | Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7... | S | |
| CVE-2017-5524 | Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection... | S | |
| CVE-2017-5525 | Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users t... | S | |
| CVE-2017-5526 | Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users... | S | |
| CVE-2017-5527 | TIBCO Spotfire injection vulnerabilities | | |
| CVE-2017-5528 | TIBCO JasperReports Server cross-site vulnerabilities | | |
| CVE-2017-5529 | TIBCO JasperReports Library Information Disclosure | | |
| CVE-2017-5530 | SAML protocol handling errors in tibbr | | |
| CVE-2017-5531 | Deployments of TIBCO Managed File Transfer Command Center versions 8.0.0 and 8.0.1 and TIBCO Managed... | | |
| CVE-2017-5532 | TIBCO JasperReports persistent cross site scripting | | |
| CVE-2017-5533 | TIBCO JasperReports Server credentials disclosure | | |
| CVE-2017-5534 | Improper sandboxing of a third-party component in tibbr | | |
| CVE-2017-5535 | TIBCO DataSynapse GridServer improper use of encryption | S | |
| CVE-2017-5536 | TIBCO DataSynapse GridServer manager component vulnerable to cross-site scripting attacks | S | |
| CVE-2017-5537 | The password reset form in Weblate before 2.10.1 provides different error messages depending on whet... | S | |
| CVE-2017-5538 | The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung de... | S | |
| CVE-2017-5539 | The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass v... | S | |
| CVE-2017-5541 | Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before... | | |
| CVE-2017-5542 | Cross-site scripting (XSS) vulnerability in template/usererror.missing_extension.php in Symphony CMS... | | |
| CVE-2017-5543 | includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Objec... | S | |
| CVE-2017-5544 | An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can a... | | |
| CVE-2017-5545 | The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtai... | S | |
| CVE-2017-5546 | The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 all... | S | |
| CVE-2017-5547 | drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONF... | S | |
| CVE-2017-5548 | drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the... | S | |
| CVE-2017-5549 | The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4... | S | |
| CVE-2017-5550 | Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 all... | S | |
| CVE-2017-5551 | The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid ... | S | |
| CVE-2017-5552 | Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka... | S | |
| CVE-2017-5553 | Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolut... | S | |
| CVE-2017-5554 | An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can reboot ... | | |
| CVE-2017-5556 | The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gf... | | |
| CVE-2017-5563 | LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS o... | | |
| CVE-2017-5565 | Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 1... | | |
| CVE-2017-5566 | Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and ear... | | |
| CVE-2017-5567 | Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlie... | | |
| CVE-2017-5569 | An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection... | | |
| CVE-2017-5570 | An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection... | | |
| CVE-2017-5571 | Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License ... | | |
| CVE-2017-5572 | An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated r... | | |
| CVE-2017-5573 | An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated r... | | |
| CVE-2017-5574 | SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to... | S | |
| CVE-2017-5575 | SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote atta... | S | |
| CVE-2017-5576 | Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM d... | S | |
| CVE-2017-5577 | The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux k... | S | |
| CVE-2017-5578 | Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (a... | S | |
| CVE-2017-5579 | Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows... | S | |
| CVE-2017-5580 | The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 a... | S | |
| CVE-2017-5581 | Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remo... | S | |
| CVE-2017-5583 | The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.... | | |
| CVE-2017-5584 | Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-O... | | |
| CVE-2017-5585 | OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Dat... | E | |
| CVE-2017-5586 | OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary... | E | |
| CVE-2017-5589 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5590 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5591 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5592 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5593 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5594 | An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is a... | E S | |
| CVE-2017-5595 | A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through... | S | |
| CVE-2017-5596 | In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop... | S | |
| CVE-2017-5597 | In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, tri... | S | |
| CVE-2017-5598 | An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection wit... | E | |
| CVE-2017-5599 | An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a reflected Cross Sit... | | |
| CVE-2017-5600 | The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obt... | | |
| CVE-2017-5601 | An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive ... | S | |
| CVE-2017-5602 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5603 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5604 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5605 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5606 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E | |
| CVE-2017-5607 | Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13... | E | |
| CVE-2017-5608 | Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows ... | S | |
| CVE-2017-5609 | SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote ... | S | |
| CVE-2017-5610 | wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly ... | S | |
| CVE-2017-5611 | SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 ... | S | |
| CVE-2017-5612 | Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the p... | S | |
| CVE-2017-5613 | Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary cod... | | |
| CVE-2017-5614 | Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arb... | | |
| CVE-2017-5615 | cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the re... | | |
| CVE-2017-5616 | Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject a... | | |
| CVE-2017-5617 | The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attack... | S | |
| CVE-2017-5618 | GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root priv... | E S | |
| CVE-2017-5619 | An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attacker... | | |
| CVE-2017-5620 | An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Atta... | | |
| CVE-2017-5621 | An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can ... | | |
| CVE-2017-5622 | With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the... | | |
| CVE-2017-5623 | An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can chang... | E | |
| CVE-2017-5624 | An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently... | E | |
| CVE-2017-5625 | In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bo... | | |
| CVE-2017-5626 | OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 a... | E | |
| CVE-2017-5627 | An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce... | | |
| CVE-2017-5628 | An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e... | | |
| CVE-2017-5630 | PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate fi... | E | |
| CVE-2017-5631 | An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user pa... | E | |
| CVE-2017-5632 | An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374_979. When exec... | | |
| CVE-2017-5633 | Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with... | E | |
| CVE-2017-5634 | The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to... | | |
| CVE-2017-5635 | In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user requ... | M | |
| CVE-2017-5636 | In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serializa... | M | |
| CVE-2017-5637 | Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization... | M | |
| CVE-2017-5638 | The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has in... | KEV E S | |
| CVE-2017-5639 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2017-5640 | It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating)... | | |
| CVE-2017-5641 | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allow... | | |
| CVE-2017-5642 | During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with prop... | | |
| CVE-2017-5643 | Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.... | | |
| CVE-2017-5644 | Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (C... | | |
| CVE-2017-5645 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s... | S | |
| CVE-2017-5646 | For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted... | | |
| CVE-2017-5647 | A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5... | | |
| CVE-2017-5648 | While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tom... | | |
| CVE-2017-5649 | Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager prope... | | |
| CVE-2017-5650 | In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame f... | | |
| CVE-2017-5651 | In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors i... | S | |
| CVE-2017-5652 | During a routine security analysis, it was found that one of the ports in Apache Impala (incubating)... | | |
| CVE-2017-5653 | JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that th... | S | |
| CVE-2017-5654 | In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be a... | | |
| CVE-2017-5655 | In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary fi... | | |
| CVE-2017-5656 | Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associa... | S | |
| CVE-2017-5657 | Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forger... | S | |
| CVE-2017-5658 | The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data wit... | | |
| CVE-2017-5659 | Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content len... | S | |
| CVE-2017-5660 | There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the... | | |
| CVE-2017-5661 | In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed... | S | |
| CVE-2017-5662 | In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be reve... | S | |
| CVE-2017-5663 | In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating, an authenticated user w... | | |
| CVE-2017-5664 | The error page mechanism of the Java Servlet Specification requires that, when an error occurs and a... | | |
| CVE-2017-5665 | The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a... | E | |
| CVE-2017-5666 | The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a d... | E | |
| CVE-2017-5667 | The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows l... | S | |
| CVE-2017-5668 | bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer de... | S | |
| CVE-2017-5669 | The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address ... | S | |
| CVE-2017-5670 | Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which m... | M | |
| CVE-2017-5671 | Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013... | E S | |
| CVE-2017-5672 | Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the priva... | E | |
| CVE-2017-5673 | In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subjec... | E | |
| CVE-2017-5674 | A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-la... | E | |
| CVE-2017-5675 | A command-injection vulnerability exists in a web application on a custom-built GoAhead web server u... | E | |
| CVE-2017-5677 | PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. I... | | |
| CVE-2017-5678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-13069. Reason: This candidat... | R | |
| CVE-2017-5680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5681 | The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions pri... | S | |
| CVE-2017-5682 | Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune... | | |
| CVE-2017-5683 | Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager bef... | S | |
| CVE-2017-5684 | The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC04... | | |
| CVE-2017-5685 | The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may all... | | |
| CVE-2017-5686 | The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may all... | | |
| CVE-2017-5687 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5688 | There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions be... | | |
| CVE-2017-5689 | An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKU... | KEV E S | |
| CVE-2017-5690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5691 | Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel... | | |
| CVE-2017-5692 | Out-of-bounds read condition in older versions of some Intel Graphics Driver for Windows code branch... | | |
| CVE-2017-5693 | Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which ... | | |
| CVE-2017-5694 | Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P a... | | |
| CVE-2017-5695 | Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedde... | | |
| CVE-2017-5696 | Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileg... | | |
| CVE-2017-5697 | Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before... | | |
| CVE-2017-5698 | Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technolog... | | |
| CVE-2017-5699 | Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker t... | S | |
| CVE-2017-5700 | Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i... | S | |
| CVE-2017-5701 | Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5... | S | |
| CVE-2017-5702 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5703 | Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to ... | | |
| CVE-2017-5704 | Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Process... | | |
| CVE-2017-5705 | Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10... | | |
| CVE-2017-5706 | Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker wi... | S | |
| CVE-2017-5707 | Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker wi... | | |
| CVE-2017-5708 | Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/... | | |
| CVE-2017-5709 | Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unaut... | S | |
| CVE-2017-5710 | Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unaut... | | |
| CVE-2017-5711 | Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmwa... | | |
| CVE-2017-5712 | Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x... | | |
| CVE-2017-5713 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5714 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5715 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allo... | E S | |
| CVE-2017-5716 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-12865. Reason: This candid... | R | |
| CVE-2017-5717 | Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user ... | E | |
| CVE-2017-5718 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5719 | A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotel... | | |
| CVE-2017-5720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5721 | Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BN... | S | |
| CVE-2017-5722 | Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH... | S | |
| CVE-2017-5723 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5724 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5725 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5727 | Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unp... | | |
| CVE-2017-5728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5729 | Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products a... | | |
| CVE-2017-5730 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5731 | Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentia... | S | |
| CVE-2017-5732 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5733 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5734 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2017-5735 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5736 | An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.... | | |
| CVE-2017-5737 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5738 | Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41... | S | |
| CVE-2017-5739 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5740 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5741 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5742 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5743 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5744 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5745 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5746 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5747 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5748 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5749 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5750 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5751 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5752 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5753 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unautho... | E S | |
| CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allo... | S | |
| CVE-2017-5755 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5756 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5757 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5758 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5759 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5760 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5761 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5762 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5763 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5764 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5765 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5766 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5767 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5768 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5769 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5770 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5771 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5772 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5773 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5774 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5775 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5776 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5777 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5778 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5779 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2017-5780 | A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.... | | |
| CVE-2017-5781 | A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found.... | | |
| CVE-2017-5782 | A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.... | | |
| CVE-2017-5783 | A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.... | | |
| CVE-2017-5784 | A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.... | | |
| CVE-2017-5785 | A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was f... | | |
| CVE-2017-5786 | A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version P... | | |
| CVE-2017-5787 | A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all ver... | | |
| CVE-2017-5788 | A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version... | | |
| CVE-2017-5789 | HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote att... | | |
| CVE-2017-5790 | A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) ... | | |
| CVE-2017-5791 | The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403... | | |
| CVE-2017-5792 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | E | |
| CVE-2017-5793 | A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT vers... | | |
| CVE-2017-5794 | A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT versi... | | |
| CVE-2017-5795 | A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLA... | | |
| CVE-2017-5796 | A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version... | | |
| CVE-2017-5797 | A Remote Unauthenticated Disclosure of Information vulnerability in HPE Intelligent Management Cente... | | |
| CVE-2017-5798 | A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerabi... | E | |
| CVE-2017-5799 | A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerabi... | E | |
| CVE-2017-5800 | A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations Bridge Analytics version v3.0 wa... | | |
| CVE-2017-5801 | A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v... | | |
| CVE-2017-5802 | A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and lat... | | |
| CVE-2017-5803 | A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L ... | | |
| CVE-2017-5804 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa... | | |
| CVE-2017-5805 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa... | | |
| CVE-2017-5806 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa... | | |
| CVE-2017-5807 | A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09... | | |
| CVE-2017-5808 | A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09... | | |
| CVE-2017-5809 | A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09... | | |
| CVE-2017-5810 | A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and ... | | |
| CVE-2017-5811 | A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and... | | |
| CVE-2017-5812 | A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0... | | |
| CVE-2017-5813 | A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 1... | | |
| CVE-2017-5814 | A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10... | | |
| CVE-2017-5815 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5816 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | E | |
| CVE-2017-5817 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | E | |
| CVE-2017-5818 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5819 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5820 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5821 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5822 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5823 | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0... | | |
| CVE-2017-5824 | An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version... | | |
| CVE-2017-5825 | A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.... | | |
| CVE-2017-5826 | An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6... | | |
| CVE-2017-5827 | A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x w... | | |
| CVE-2017-5828 | An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was... | | |
| CVE-2017-5829 | An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was f... | | |
| CVE-2017-5830 | Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data i... | S | |
| CVE-2017-5831 | Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, whe... | S | |
| CVE-2017-5832 | Cross-site scripting (XSS) vulnerability in Revive Adserver before 4.0.1 allows remote authenticated... | S | |
| CVE-2017-5833 | Cross-site scripting (XSS) vulnerability in the invocation code generation for interstitial zones in... | S | |
| CVE-2017-5834 | The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (... | S | |
| CVE-2017-5835 | libplist allows attackers to cause a denial of service (large memory allocation and crash) via vecto... | S | |
| CVE-2017-5836 | The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (c... | S | |
| CVE-2017-5837 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GSt... | S | |
| CVE-2017-5838 | The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 a... | S | |
| CVE-2017-5839 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GSt... | | |
| CVE-2017-5840 | The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1... | S | |
| CVE-2017-5841 | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer befo... | S | |
| CVE-2017-5842 | The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreame... | S | |
| CVE-2017-5843 | Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, an... | S | |
| CVE-2017-5844 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GSt... | S | |
| CVE-2017-5845 | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer befo... | S | |
| CVE-2017-5846 | The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugl... | | |
| CVE-2017-5847 | The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugl... | S | |
| CVE-2017-5848 | The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer ... | S | |
| CVE-2017-5849 | tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which all... | E | |
| CVE-2017-5850 | httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a ser... | E S | |
| CVE-2017-5851 | The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a d... | E | |
| CVE-2017-5852 | The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allow... | | |
| CVE-2017-5853 | Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified i... | | |
| CVE-2017-5854 | base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL ... | | |
| CVE-2017-5855 | The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote at... | | |
| CVE-2017-5856 | Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) al... | S | |
| CVE-2017-5857 | Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quic... | S | |
| CVE-2017-5858 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote ... | E S | |
| CVE-2017-5859 | On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the cert... | | |
| CVE-2017-5861 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-1000020. Reason: This candid... | R | |
| CVE-2017-5863 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.... | | |
| CVE-2017-5864 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).... | | |
| CVE-2017-5865 | The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before ... | S | |
| CVE-2017-5866 | The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8... | S | |
| CVE-2017-5867 | ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows... | S | |
| CVE-2017-5868 | CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attac... | E M | |
| CVE-2017-5869 | Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.... | E S | |
| CVE-2017-5870 | Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to in... | E | |
| CVE-2017-5871 | Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is:... | E | |
| CVE-2017-5872 | The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1... | | |
| CVE-2017-5873 | Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows... | E M | |
| CVE-2017-5874 | CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to ... | | |
| CVE-2017-5875 | XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID pa... | E | |
| CVE-2017-5876 | XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events d... | E | |
| CVE-2017-5877 | XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /about-us/locations/i... | E | |
| CVE-2017-5878 | The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it per... | | |
| CVE-2017-5879 | An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited b... | S | |
| CVE-2017-5880 | Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9,... | S | |
| CVE-2017-5881 | GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or p... | E | |
| CVE-2017-5882 | Cross-site scripting (XSS) vulnerability in index.asp in SANADATA SanaCMS 7.3 allows remote attacker... | E | |
| CVE-2017-5884 | gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allo... | E S | |
| CVE-2017-5885 | Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functi... | E S | |
| CVE-2017-5886 | Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in... | | |
| CVE-2017-5887 | WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in th... | S | |
| CVE-2017-5891 | ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Se... | S | |
| CVE-2017-5892 | ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosu... | S | |
| CVE-2017-5896 | Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allow... | S | |
| CVE-2017-5897 | The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have un... | S | |
| CVE-2017-5898 | Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emu... | S | |
| CVE-2017-5899 | Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before ... | E | |
| CVE-2017-5900 | Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 ... | | |
| CVE-2017-5901 | The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates fro... | | |
| CVE-2017-5902 | The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows m... | | |
| CVE-2017-5905 | The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which ... | | |
| CVE-2017-5906 | The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verif... | | |
| CVE-2017-5907 | The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509... | | |
| CVE-2017-5908 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-3212. Reason: This candid... | R | |
| CVE-2017-5909 | The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certifi... | | |
| CVE-2017-5911 | The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certifica... | | |
| CVE-2017-5912 | The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certifi... | | |
| CVE-2017-5913 | The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers... | | |
| CVE-2017-5914 | The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which... | | |
| CVE-2017-5915 | The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1... | | |
| CVE-2017-5916 | The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 for iOS does not verify X.50... | | |
| CVE-2017-5917 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-3213. Reason: This candid... | R | |
| CVE-2017-5918 | The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 certificates from SSL server... | | |
| CVE-2017-5919 | The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 certificates from SSL servers, w... | | |
| CVE-2017-5923 | libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out... | E S | |
| CVE-2017-5924 | libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free... | E S | |
| CVE-2017-5925 | Page table walks conducted by the MMU during virtual to physical address translation leave a trace i... | E | |
| CVE-2017-5926 | Page table walks conducted by the MMU during virtual to physical address translation leave a trace i... | E | |
| CVE-2017-5927 | Page table walks conducted by the MMU during virtual to physical address translation leave a trace i... | E | |
| CVE-2017-5928 | The W3C High Resolution Time API, as implemented in various web browsers, does not consider that mem... | | |
| CVE-2017-5929 | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerS... | | |
| CVE-2017-5930 | The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to... | S | |
| CVE-2017-5931 | Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS pri... | S | |
| CVE-2017-5932 | The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted file... | S | |
| CVE-2017-5933 | Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, ... | | |
| CVE-2017-5934 | Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.1... | S | |
| CVE-2017-5936 | OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron securi... | S | |
| CVE-2017-5937 | The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0... | S | |
| CVE-2017-5938 | Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before ... | S | |
| CVE-2017-5940 | Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotf... | S | |
| CVE-2017-5941 | An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into ... | E | |
| CVE-2017-5942 | An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when c... | E | |
| CVE-2017-5943 | Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote at... | | |
| CVE-2017-5944 | The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14,... | | |
| CVE-2017-5945 | An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle. The vulnerability exi... | E S | |
| CVE-2017-5946 | The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerabi... | | |
| CVE-2017-5947 | An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. Th... | | |
| CVE-2017-5948 | An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnera... | E | |
| CVE-2017-5949 | JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote atta... | | |
| CVE-2017-5950 | The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers... | | |
| CVE-2017-5951 | The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 all... | E S | |
| CVE-2017-5953 | vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell fi... | S | |
| CVE-2017-5954 | An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into... | E S | |
| CVE-2017-5956 | The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a den... | S | |
| CVE-2017-5957 | Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in ... | S | |
| CVE-2017-5959 | CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassw... | S | |
| CVE-2017-5960 | An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient f... | E S | |
| CVE-2017-5961 | An issue was discovered in ionize through 1.0.8. The vulnerability exists due to insufficient filtra... | E S | |
| CVE-2017-5962 | An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2. The vulnerability exists due to ... | S | |
| CVE-2017-5963 | An issue was discovered in caddy (for TYPO3) before 7.2.10. The vulnerability exists due to insuffic... | E | |
| CVE-2017-5964 | An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtr... | E S | |
| CVE-2017-5965 | The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to exe... | E | |
| CVE-2017-5966 | Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via a... | E | |
| CVE-2017-5967 | The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows loc... | S | |
| CVE-2017-5969 | libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL... | | |
| CVE-2017-5970 | The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows... | S | |
| CVE-2017-5971 | SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.... | E | |
| CVE-2017-5972 | The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism ... | E | |
| CVE-2017-5973 | The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS... | S | |
| CVE-2017-5974 | Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13... | E | |
| CVE-2017-5975 | Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13... | E | |
| CVE-2017-5976 | Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.6... | E | |
| CVE-2017-5977 | The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to c... | E | |
| CVE-2017-5978 | The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a d... | E | |
| CVE-2017-5979 | The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial ... | E | |
| CVE-2017-5980 | The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a d... | E | |
| CVE-2017-5981 | seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure a... | E | |
| CVE-2017-5982 | Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to re... | E | |
| CVE-2017-5983 | The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parse... | | |
| CVE-2017-5984 | In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.... | E S | |
| CVE-2017-5985 | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create ne... | S | |
| CVE-2017-5986 | Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before ... | S | |
| CVE-2017-5987 | The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows l... | S | |
| CVE-2017-5988 | NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers t... | | |
| CVE-2017-5990 | An issue was discovered in PhreeBooksERP before 2017-02-13. The vulnerability exists due to insuffic... | E S | |
| CVE-2017-5991 | An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_ru... | E | |
| CVE-2017-5992 | Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE a... | | |
| CVE-2017-5993 | Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before ... | S | |
| CVE-2017-5994 | Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in... | S | |
| CVE-2017-5995 | The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers... | | |
| CVE-2017-5996 | The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.... | | |
| CVE-2017-5997 | The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial... | | |
| CVE-2017-5998 | Cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 all... | E | |
| CVE-2017-5999 | An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently revi... | S |