CVEs from 2017
Total
11,608
critical
critical 1,650
high
high 5,044
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5384 | critical | — | 9.5 | — | Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of… | |||
| CVE-2017-15417 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7830 | critical | — | 9.5 | — | The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability aff… | |||
| CVE-2017-7781 | critical | — | 9.5 | — | An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle atta… | |||
| CVE-2017-7785 | critical | — | 9.5 | — | A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thund… | |||
| CVE-2017-7751 | critical | — | 9.5 | — | A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||
| CVE-2017-5386 | critical | — | 9.5 | — | WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensio… | |||
| CVE-2017-7824 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks … | |||
| CVE-2017-7809 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This … | |||
| CVE-2017-7839 | critical | — | 9.5 | — | Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This … | |||
| CVE-2017-7831 | critical | — | 9.5 | — | A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unav… | |||
| CVE-2017-5410 | critical | — | 9.5 | — | Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects… | |||
| CVE-2017-5379 | critical | — | 9.5 | — | Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51. | |||
| CVE-2017-5129 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7753 | critical | — | 9.5 | — | An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefo… | |||
| CVE-2017-15389 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5378 | critical | — | 9.5 | — | Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an obj… | |||
| CVE-2017-15391 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7777 | critical | — | 9.5 | — | Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function. | |||
| CVE-2017-5389 | critical | — | 9.5 | — | WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. Thi… | |||
| CVE-2017-7803 | critical | — | 9.5 | — | When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbi… | |||
| CVE-2017-15392 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5419 | critical | — | 9.5 | — | If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of servi… | |||
| CVE-2017-5443 | critical | — | 9.5 | — | An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | |||
| CVE-2017-7000 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5130 | critical | — | 9.5 | — | An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a c… | |||
| CVE-2017-5408 | critical | — | 9.5 | — | Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This… | |||
| CVE-2017-7800 | critical | — | 9.5 | — | A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulne… | |||
| CVE-2017-7791 | critical | — | 9.5 | — | On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert fr… | |||
| CVE-2017-7838 | critical | — | 9.5 | — | Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed … | |||
| CVE-2017-15408 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7833 | critical | — | 9.5 | — | Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character … | |||
| CVE-2017-15388 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5374 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary… | |||
| CVE-2017-5448 | critical | — | 9.5 | — | An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechan… | |||
| CVE-2017-7807 | critical | — | 9.5 | — | A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifes… | |||
| CVE-2017-7840 | critical | — | 9.5 | — | JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this… | |||
| CVE-2017-7799 | critical | — | 9.5 | — | JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficul… | |||
| CVE-2017-7806 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefo… | |||
| CVE-2017-5128 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15418 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7808 | critical | — | 9.5 | — | A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information … | |||
| CVE-2017-15416 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7801 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potenti… | |||
| CVE-2017-15411 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15426 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7784 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerabil… | |||
| CVE-2017-7756 | critical | — | 9.5 | — | A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firef… | |||
| CVE-2017-7762 | critical | — | 9.5 | — | When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerabilit… | |||
| CVE-2017-7837 | critical | — | 9.5 | — | SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57. | |||
| CVE-2017-5387 | critical | — | 9.5 | — | The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the … | |||
| CVE-2017-7794 | critical | — | 9.5 | — | On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no wr… | |||
| CVE-2017-12378 | critical | — | 9.5 | — | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Th… | |||
| CVE-2017-15420 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7835 | critical | — | 9.5 | — | Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked,… | |||
| CVE-2017-7758 | critical | — | 9.5 | — | An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52… | |||
| CVE-2017-5432 | critical | — | 9.5 | — | A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR … | |||
| CVE-2017-7836 | critical | — | 9.5 | — | The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl… | |||
| CVE-2017-7754 | critical | — | 9.5 | — | An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||
| CVE-2017-7792 | critical | — | 9.5 | — | A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. T… | |||
| CVE-2017-5418 | critical | — | 9.5 | — | An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set … | |||
| CVE-2017-7772 | critical | — | 9.5 | — | Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function. | |||
| CVE-2017-7779 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of the… | |||
| CVE-2017-15423 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7832 | critical | — | 9.5 | — | The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed… | |||
| CVE-2017-7798 | critical | — | 9.5 | — | The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when open… | |||
| CVE-2017-5458 | critical | — | 9.5 | — | When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themsel… | |||
| CVE-2017-7788 | critical | — | 9.5 | — | When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandb… | |||
| CVE-2017-5413 | critical | — | 9.5 | — | A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||
| CVE-2017-7842 | critical | — | 9.5 | — | If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of … | |||
| CVE-2017-5430 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these c… | |||
| CVE-2017-5438 | critical | — | 9.5 | — | A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affe… | |||
| CVE-2017-7778 | critical | — | 9.5 | — | A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Gra… | |||
| CVE-2017-7802 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exp… | |||
| CVE-2017-15390 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15387 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15425 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7826 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |||
| CVE-2017-15412 | critical | — | 9.5 | 9y ago | Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2017-14000 | critical | 9.4 | 9.4 | 9y ago | An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a mal… | |||
| CVE-2017-9630 | critical | 9.4 | 9.4 | 9y ago | An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpr… | |||
| CVE-2017-14854 | critical | 9.1 | 9.1 | 7y ago | A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25. | |||
| CVE-2017-16727 | critical | 9.1 | 9.1 | 9y ago | A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and NPort W2250A versions prior to 1.11. The default password is empty on the device. An unauthorized user c… | |||
| CVE-2017-15524 | critical | 9.1 | 9.1 | 9y ago | The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request. | |||
| CVE-2017-14090 | critical | 9.1 | 9.1 | 9y ago | A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted. | |||
| CVE-2017-14590 | critical | 9.1 | 9.1 | 9y ago | Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing plan that has… | |||
| CVE-2017-15896 | critical | 9.1 | 9.1 | 9y ago | Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application dat… | |||
| CVE-2017-13150 | critical | 9.1 | 9.1 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. | |||
| CVE-2017-13149 | critical | 9.1 | 9.1 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. | |||
| CVE-2017-0879 | critical | 9.1 | 9.1 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65025028. | |||
| CVE-2017-14487 | critical | 9.1 | 9.1 | 9y ago | The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by sniffing network traffic for search responses from the OhMiBod API server and then editing the username, use… | |||
| CVE-2017-10861 | critical | 9.1 | 9.1 | 9y ago | Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via a specially crafted command. | |||
| CVE-2017-0854 | critical | 9.1 | 9.1 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837. | |||
| CVE-2017-0853 | critical | 9.1 | 9.1 | 9y ago | An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63121644. | |||
| CVE-2017-5738 | critical | 9.1 | 9.1 | 9y ago | Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or inform… | |||
| CVE-2017-8807 | critical | 9.1 | 9.1 | 9y ago | vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a V… | |||
| CVE-2017-15535 | critical | 9.1 | 9.1 | 9y ago | MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enab… | |||
| CVE-2017-1000257 | critical | 9.1 | 9.1 | 9y ago | An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer … | |||
| CVE-2017-15597 | critical | 9.1 | 9.1 | 9y ago | An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not mat… | |||
| CVE-2017-10330 | critical | 9.1 | 9.1 | 9y ago | Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Gantt Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and … |