CVEs from 2017
Total
11,611
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12477 | critical | 9.8 | 10.0 | 9y ago | It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacke… | |||
| CVE-2017-11394 | critical | 9.8 | 10.0 | 9y ago | Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by par… | |||
| CVE-2017-9769 | critical | 9.8 | 10.0 | 9y ago | A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. | |||
| CVE-2017-11494 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action. | |||
| CVE-2017-11517 | critical | 9.8 | 10.0 | 9y ago | Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request. | |||
| CVE-2017-11502 | critical | 9.8 | 10.0 | 9y ago | Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321. | |||
| CVE-2017-11471 | critical | 9.8 | 10.0 | 9y ago | IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. | |||
| CVE-2017-11470 | critical | 9.8 | 10.0 | 9y ago | IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. | |||
| CVE-2017-11467 | critical | 9.8 | 10.0 | 9y ago | OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection | |||
| CVE-2017-11435 | critical | 9.8 | 10.0 | 9y ago | The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the route… | |||
| CVE-2017-9811 | critical | 9.8 | 10.0 | 9y ago | The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine rea… | |||
| CVE-2017-11346 | critical | 9.8 | 10.0 | 9y ago | Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos. | |||
| CVE-2017-1000002 | critical | 9.8 | 10.0 | 9y ago | ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vu… | |||
| CVE-2017-11165 | critical | 9.8 | 10.0 | 9y ago | dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. | |||
| CVE-2017-7175 | critical | 9.9 | 10.0 | 9y ago | NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field). | |||
| CVE-2017-6026 | critical | 9.1 | 10.0 | 9y ago | A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to V… | |||
| CVE-2017-10682 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in the administrative backend in Piwigo through 2.9.1 allows remote users to execute arbitrary SQL commands via the cat_false or cat_true parameter in the comments or stat… | |||
| CVE-2017-6326 | critical | 10.0 | 10.0 | 9y ago | The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machi… | |||
| CVE-2017-3078 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code e… | |||
| CVE-2017-3077 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3076 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-1000375 | critical | 9.8 | 10.0 | 9y ago | NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This a… | |||
| CVE-2017-9730 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter. | |||
| CVE-2017-9602 | critical | 9.8 | 10.0 | 9y ago | KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. An unauthenticated user can access the file upload and delet… | |||
| CVE-2017-9544 | critical | 9.8 | 10.0 | 9y ago | There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering… | |||
| CVE-2017-4901 | critical | 9.9 | 10.0 | 9y ago | The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execu… | |||
| CVE-2017-4914 | critical | 9.8 | 10.0 | 9y ago | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance. | |||
| CVE-2017-7312 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data (including usernames and… | |||
| CVE-2017-8837 | critical | 9.8 | 10.0 | 9y ago | Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in questio… | |||
| CVE-2017-8835 | critical | 9.8 | 10.0 | 9y ago | SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth coo… | |||
| CVE-2017-9430 | critical | 9.8 | 10.0 | 9y ago | Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name ar… | |||
| CVE-2017-9417 | critical | 9.8 | 10.0 | 9y ago | Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. | |||
| CVE-2017-9232 | critical | 9.8 | 10.0 | 9y ago | Juju uses a UNIX domain socket without setting appropriate permissions in github.com/juju/juju | |||
| CVE-2017-2800 | critical | 9.8 | 10.0 | 9y ago | A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and pos… | |||
| CVE-2017-1092 | critical | 9.8 | 10.0 | 9y ago | IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390. | |||
| CVE-2017-2527 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "CoreAnimation" component. It allows remote attackers to execute arbitrary code or cause a … | |||
| CVE-2017-2524 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2523 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2522 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-9101 | critical | 9.8 | 10.0 | 9y ago | import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file. | |||
| CVE-2017-5174 | critical | 9.8 | 10.0 | 9y ago | An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architectu… | |||
| CVE-2017-5173 | critical | 9.8 | 10.0 | 9y ago | An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnera… | |||
| CVE-2017-6622 | critical | 9.8 | 10.0 | 9y ago | A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privil… | |||
| CVE-2017-8917 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2017-8798 | critical | 9.8 | 10.0 | 9y ago | Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||
| CVE-2017-8895 | critical | 9.8 | 10.0 | 9y ago | In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of ser… | |||
| CVE-2017-6553 | critical | 9.8 | 10.0 | 9y ago | Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory … | |||
| CVE-2017-5135 | critical | 9.1 | 10.0 | 9y ago | Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c34… | |||
| CVE-2017-8225 | critical | 9.8 | 10.0 | 9y ago | On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and… | |||
| CVE-2017-8224 | critical | 9.8 | 10.0 | 9y ago | Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. | |||
| CVE-2017-3623 | critical | 10.0 | 10.0 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily "exploitable" vulnerability allows un… | |||
| CVE-2017-3549 | critical | 9.1 | 10.0 | 9y ago | Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 1… | |||
| CVE-2017-8051 | critical | 9.8 | 10.0 | 9y ago | Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote… | |||
| CVE-2017-7722 | critical | 10.0 | 10.0 | 9y ago | In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiti… | |||
| CVE-2017-3061 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-7588 | critical | 9.8 | 10.0 | 9y ago | On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW… | |||
| CVE-2017-7462 | critical | 9.8 | 10.0 | 9y ago | Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | |||
| CVE-2017-0561 | critical | 9.8 | 10.0 | 9y ago | A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due … | |||
| CVE-2017-7581 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand f… | |||
| CVE-2017-7237 | critical | 9.8 | 10.0 | 9y ago | The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of th… | |||
| CVE-2017-7402 | critical | 9.8 | 10.0 | 9y ago | Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, … | |||
| CVE-2017-6182 | critical | 9.8 | 10.0 | 9y ago | In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | |||
| CVE-2017-6542 | critical | 9.8 | 10.0 | 9y ago | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect… | |||
| CVE-2017-2641 | critical | 9.8 | 10.0 | 9y ago | Moodle SQL injection via user preferences | |||
| CVE-2017-6361 | critical | 9.8 | 10.0 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. | |||
| CVE-2017-6360 | critical | 9.8 | 10.0 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. | |||
| CVE-2017-6359 | critical | 9.8 | 10.0 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. | |||
| CVE-2017-6972 | critical | 9.8 | 10.0 | 9y ago | AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulne… | |||
| CVE-2017-7230 | critical | 9.8 | 10.0 | 9y ago | A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request. | |||
| CVE-2017-6550 | critical | 9.8 | 10.0 | 9y ago | Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) … | |||
| CVE-2017-6880 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command. | |||
| CVE-2017-5496 | critical | 9.8 | 10.0 | 9y ago | Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash. | |||
| CVE-2017-5358 | critical | 9.8 | 10.0 | 9y ago | Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (… | |||
| CVE-2017-6506 | critical | 9.8 | 10.0 | 9y ago | In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that se… | |||
| CVE-2017-6465 | critical | 9.8 | 10.0 | 9y ago | Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leadin… | |||
| CVE-2017-6526 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi PO… | |||
| CVE-2017-6558 | critical | 9.8 | 10.0 | 9y ago | iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router… | |||
| CVE-2017-6548 | critical | 9.8 | 10.0 | 9y ago | Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-A… | |||
| CVE-2017-6416 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a … | |||
| CVE-2017-6187 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request. | |||
| CVE-2017-5586 | critical | 9.8 | 10.0 | 9y ago | OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons C… | |||
| CVE-2017-6095 | critical | 9.8 | 10.0 | 9y ago | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. | |||
| CVE-2017-5344 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query e… | |||
| CVE-2017-5162 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration. | |||
| CVE-2017-5941 | critical | 9.8 | 10.0 | 9y ago | Code Execution through IIFE in node-serialize | |||
| CVE-2017-3248 | critical | 9.8 | 10.0 | 10y ago | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. … | |||
| CVE-2017-3241 | critical | 9.0 | 10.0 | 10y ago | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u… | |||
| CVE-2017-17095 | high | 8.8 | 9.8 | 3y ago | RHSA-2025:4658: libtiff security update (Moderate) | |||
| CVE-2017-17874 | high | 8.8 | 9.8 | 9y ago | Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI. | |||
| CVE-2017-5261 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to … | |||
| CVE-2017-5260 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' acco… | |||
| CVE-2017-5259 | high | 8.8 | 9.8 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/sysc… | |||
| CVE-2017-5255 | high | 8.8 | 9.8 | 9y ago | In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-… | |||
| CVE-2017-5254 | high | 8.8 | 9.8 | 9y ago | In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after di… | |||
| CVE-2017-15049 | high | 8.8 | 9.8 | 9y ago | The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary… | |||
| CVE-2017-15048 | high | 8.8 | 9.8 | 9y ago | Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handle… | |||
| CVE-2017-17405 | high | 8.8 | 9.8 | 9y ago | Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument star… | |||
| CVE-2017-5264 | high | 8.8 | 9.8 | 9y ago | Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site requ… | |||
| CVE-2017-17615 | high | 8.8 | 9.8 | 9y ago | Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter. | |||
| CVE-2017-11319 | high | 8.8 | 9.8 | 9y ago | Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and m… |