CVEs from 2017
Total
11,606
critical
critical 1,650
high
high 5,044
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15411 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15423 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7757 | critical | — | 9.5 | — | A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerab… | |||
| CVE-2017-5456 | critical | — | 9.5 | — | A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. T… | |||
| CVE-2017-5380 | critical | — | 9.5 | — | A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||
| CVE-2017-5469 | critical | — | 9.5 | — | Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | |||
| CVE-2017-15392 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15391 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5131 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5129 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15415 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5464 | critical | — | 9.5 | — | During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. T… | |||
| CVE-2017-5466 | critical | — | 9.5 | — | If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set in… | |||
| CVE-2017-5458 | critical | — | 9.5 | — | When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themsel… | |||
| CVE-2017-15396 | critical | — | 9.5 | — | arbitrary code execution in chromium | |||
| CVE-2017-15399 | critical | — | 9.5 | — | arbitrary code execution in chromium | |||
| CVE-2017-5414 | critical | — | 9.5 | — | The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or … | |||
| CVE-2017-5471 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |||
| CVE-2017-5402 | critical | — | 9.5 | — | A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. Th… | |||
| CVE-2017-5381 | critical | — | 9.5 | — | The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe loca… | |||
| CVE-2017-5441 | critical | — | 9.5 | — | A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firef… | |||
| CVE-2017-5126 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15387 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-12377 | critical | — | 9.5 | — | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute ar… | |||
| CVE-2017-12380 | critical | — | 9.5 | — | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Th… | |||
| CVE-2017-5393 | critical | — | 9.5 | — | The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions… | |||
| CVE-2017-5434 | critical | — | 9.5 | — | A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR … | |||
| CVE-2017-5459 | critical | — | 9.5 | — | A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox… | |||
| CVE-2017-5383 | critical | — | 9.5 | — | URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability a… | |||
| CVE-2017-5377 | critical | — | 9.5 | — | A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51. | |||
| CVE-2017-7801 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potenti… | |||
| CVE-2017-5453 | critical | — | 9.5 | — | A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing bu… | |||
| CVE-2017-7809 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This … | |||
| CVE-2017-7808 | critical | — | 9.5 | — | A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information … | |||
| CVE-2017-7837 | critical | — | 9.5 | — | SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57. | |||
| CVE-2017-7835 | critical | — | 9.5 | — | Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked,… | |||
| CVE-2017-7775 | critical | — | 9.5 | — | multiple issues in firefox | |||
| CVE-2017-7827 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |||
| CVE-2017-5133 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-12376 | critical | — | 9.5 | — | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute ar… | |||
| CVE-2017-5446 | critical | — | 9.5 | — | An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 5… | |||
| CVE-2017-7773 | critical | — | 9.5 | — | Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor. | |||
| CVE-2017-5413 | critical | — | 9.5 | — | A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||
| CVE-2017-15409 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5132 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15422 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-10140 | critical | — | 9.5 | — | Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and late… | |||
| CVE-2017-15386 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-15419 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-5127 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7826 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |||
| CVE-2017-7830 | critical | — | 9.5 | — | The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability aff… | |||
| CVE-2017-7831 | critical | — | 9.5 | — | A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unav… | |||
| CVE-2017-7832 | critical | — | 9.5 | — | The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed… | |||
| CVE-2017-5438 | critical | — | 9.5 | — | A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affe… | |||
| CVE-2017-7833 | critical | — | 9.5 | — | Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character … | |||
| CVE-2017-5432 | critical | — | 9.5 | — | A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR … | |||
| CVE-2017-7836 | critical | — | 9.5 | — | The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl… | |||
| CVE-2017-7839 | critical | — | 9.5 | — | Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This … | |||
| CVE-2017-5416 | critical | — | 9.5 | — | In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 5… | |||
| CVE-2017-5405 | critical | — | 9.5 | — | Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and… | |||
| CVE-2017-5403 | critical | — | 9.5 | — | When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable cras… | |||
| CVE-2017-5401 | critical | — | 9.5 | — | A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefo… | |||
| CVE-2017-5430 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these c… | |||
| CVE-2017-5400 | critical | — | 9.5 | — | JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox … | |||
| CVE-2017-5399 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |||
| CVE-2017-5398 | critical | — | 9.5 | — | Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbit… | |||
| CVE-2017-5418 | critical | — | 9.5 | — | An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set … | |||
| CVE-2017-5396 | critical | — | 9.5 | — | A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 4… | |||
| CVE-2017-5391 | critical | — | 9.5 | — | Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potent… | |||
| CVE-2017-5390 | critical | — | 9.5 | — | The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… | |||
| CVE-2017-5389 | critical | — | 9.5 | — | WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. Thi… | |||
| CVE-2017-5388 | critical | — | 9.5 | — | A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on … | |||
| CVE-2017-5387 | critical | — | 9.5 | — | The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the … | |||
| CVE-2017-5385 | critical | — | 9.5 | — | Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using thi… | |||
| CVE-2017-5384 | critical | — | 9.5 | — | Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of… | |||
| CVE-2017-5417 | critical | — | 9.5 | — | When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match t… | |||
| CVE-2017-5379 | critical | — | 9.5 | — | Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51. | |||
| CVE-2017-5378 | critical | — | 9.5 | — | Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an obj… | |||
| CVE-2017-5376 | critical | — | 9.5 | — | Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||
| CVE-2017-5373 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be explo… | |||
| CVE-2017-5382 | critical | — | 9.5 | — | Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vu… | |||
| CVE-2017-7818 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable… | |||
| CVE-2017-5374 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary… | |||
| CVE-2017-15418 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2017-7749 | critical | — | 9.5 | — | A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < … | |||
| CVE-2017-7751 | critical | — | 9.5 | — | A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||
| CVE-2017-5472 | critical | — | 9.5 | — | A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potenti… | |||
| CVE-2017-7752 | critical | — | 9.5 | — | A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash bu… | |||
| CVE-2017-5470 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |||
| CVE-2017-5468 | critical | — | 9.5 | — | An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vul… | |||
| CVE-2017-7753 | critical | — | 9.5 | — | An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefo… | |||
| CVE-2017-7754 | critical | — | 9.5 | — | An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||
| CVE-2017-7756 | critical | — | 9.5 | — | A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firef… | |||
| CVE-2017-7758 | critical | — | 9.5 | — | An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52… | |||
| CVE-2017-5467 | critical | — | 9.5 | — | A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and… | |||
| CVE-2017-5460 | critical | — | 9.5 | — | A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability… | |||
| CVE-2017-5455 | critical | — | 9.5 | — | The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution i… | |||
| CVE-2017-5454 | critical | — | 9.5 | — | A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This all… | |||
| CVE-2017-5451 | critical | — | 9.5 | — | A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to b… |