CVEs from 2017
Total
11,610
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8118 | low | 2.3 | 2.3 | 9y ago | The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||
| CVE-2017-10292 | low | 2.3 | 2.3 | 9y ago | Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privile… | |||
| CVE-2017-3893 | low | 1.9 | 1.9 | 9y ago | In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with b… | |||
| CVE-2017-10120 | low | 1.9 | 1.9 | 9y ago | Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having … | |||
| CVE-2017-10122 | low | 1.8 | 1.8 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high … | |||
| CVE-2017-12637 | unknown | — | 1.5 | 1y ago | SAP NetWeaver Application Server (AS) Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to read arbitrary files vi… | |||
| CVE-2017-3506 | unknown | — | 1.5 | 2y ago | Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP req… | |||
| CVE-2017-6742 | unknown | — | 1.5 | 3y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected sys… | |||
| CVE-2017-6862 | unknown | — | 1.5 | 4y ago | Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution. | |||
| CVE-2017-0149 | unknown | — | 1.5 | 4y ago | Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service (DoS) via a crafted website. | |||
| CVE-2017-0210 | unknown | — | 1.5 | 4y ago | A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information. | |||
| CVE-2017-0022 | unknown | — | 1.5 | 4y ago | Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site. | |||
| CVE-2017-0005 | unknown | — | 1.5 | 4y ago | The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application. | |||
| CVE-2017-8543 | unknown | — | 1.5 | 4y ago | Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory. | |||
| CVE-2017-18362 | unknown | — | 1.5 | 4y ago | ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. | |||
| CVE-2017-12237 | unknown | — | 1.5 | 4y ago | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, … | |||
| CVE-2017-6737 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code. | |||
| CVE-2017-11826 | unknown | — | 1.5 | 4y ago | A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could … | |||
| CVE-2017-6663 | unknown | — | 1.5 | 4y ago | A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to… | |||
| CVE-2017-6738 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code. | |||
| CVE-2017-6627 | unknown | — | 1.5 | 4y ago | A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an inter… | |||
| CVE-2017-12319 | unknown | — | 1.5 | 4y ago | A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to r… | |||
| CVE-2017-6739 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected sys… | |||
| CVE-2017-12240 | unknown | — | 1.5 | 4y ago | The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrar… | |||
| CVE-2017-6740 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected sys… | |||
| CVE-2017-6743 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code. | |||
| CVE-2017-6744 | unknown | — | 1.5 | 4y ago | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or ca… | |||
| CVE-2017-11292 | unknown | — | 1.5 | 4y ago | Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution. | |||
| CVE-2017-12231 | unknown | — | 1.5 | 4y ago | A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service. | |||
| CVE-2017-12232 | unknown | — | 1.5 | 4y ago | A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an … | |||
| CVE-2017-12233 | unknown | — | 1.5 | 4y ago | There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resu… | |||
| CVE-2017-12234 | unknown | — | 1.5 | 4y ago | There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resu… | |||
| CVE-2017-12235 | unknown | — | 1.5 | 4y ago | A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload… | |||
| CVE-2017-0261 | unknown | — | 1.5 | 4y ago | Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution. | |||
| CVE-2017-12238 | unknown | — | 1.5 | 4y ago | A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service. | |||
| CVE-2017-0001 | unknown | — | 1.5 | 4y ago | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol… | |||
| CVE-2017-0222 | unknown | — | 1.5 | 4y ago | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. | |||
| CVE-2017-0262 | unknown | — | 1.5 | 4y ago | A remote code execution vulnerability exists in Microsoft Office. | |||
| CVE-2017-11774 | unknown | — | 1.5 | 5y ago | Microsoft Office Outlook contains a security feature bypass vulnerability due to improperly handling objects in memory. Successful exploitation allows an attacker to execute commands. | |||
| CVE-2017-18344 | unknown | — | 1.0 | — | The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access… | |||
| CVE-2017-13216 | unknown | — | 1.0 | — | In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged… | |||
| CVE-2017-15118 | unknown | — | 1.0 | — | A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be li… | |||
| CVE-2017-2619 | unknown | — | 1.0 | — | Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. | |||
| CVE-2017-8046 | unknown | — | 1.0 | 4y ago | Remote code execution in PATCH requests in Spring Data REST | |||
| CVE-2017-18379 | unknown | — | — | — | In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. | |||
| CVE-2017-9103 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. De… | |||
| CVE-2017-9104 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered. | |||
| CVE-2017-9107 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel wou… | |||
| CVE-2017-9105 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code… | |||
| CVE-2017-9106 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input … | |||
| CVE-2017-9108 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r… | |||
| CVE-2017-9109 | unknown | — | — | — | An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at t… | |||
| CVE-2017-2635 | unknown | — | — | — | A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial o… | |||
| CVE-2017-12171 | unknown | — | — | — | A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator cou… | |||
| CVE-2017-20004 | unknown | — | — | — | In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues th… | |||
| CVE-2017-18641 | unknown | — | — | — | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers. | |||
| CVE-2017-16816 | unknown | — | — | — | The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions. | |||
| CVE-2017-15652 | unknown | — | — | — | Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected… | |||
| CVE-2017-12087 | unknown | — | — | — | An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with… | |||
| CVE-2017-5392 | unknown | — | — | — | Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes.… | |||
| CVE-2017-5395 | unknown | — | — | — | Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed corre… | |||
| CVE-2017-2628 | unknown | — | — | — | curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanw… | |||
| CVE-2017-5409 | unknown | — | — | — | The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which… | |||
| CVE-2017-5411 | unknown | — | — | — | A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leadin… | |||
| CVE-2017-5450 | unknown | — | — | — | A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed … | |||
| CVE-2017-5462 | unknown | — | — | — | A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue t… | |||
| CVE-2017-12151 | unknown | — | — | — | A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and… | |||
| CVE-2017-12163 | unknown | — | — | — | An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server … | |||
| CVE-2017-7759 | unknown | — | — | — | Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin polic… | |||
| CVE-2017-7763 | unknown | — | — | — | Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS… | |||
| CVE-2017-7765 | unknown | — | — | — | The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows display… | |||
| CVE-2017-7766 | unknown | — | — | — | An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and… | |||
| CVE-2017-7768 | unknown | — | — | — | The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided b… | |||
| CVE-2017-7790 | unknown | — | — | — | On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially cont… | |||
| CVE-2017-7796 | unknown | — | — | — | On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line … | |||
| CVE-2017-7811 | unknown | — | — | — | Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |||
| CVE-2017-7812 | unknown | — | — | — | If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open… | |||
| CVE-2017-7813 | unknown | — | — | — | Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a lim… | |||
| CVE-2017-7821 | unknown | — | — | — | A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open a… | |||
| CVE-2017-7820 | unknown | — | — | — | The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possi… | |||
| CVE-2017-7825 | unknown | — | — | — | Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only… | |||
| CVE-2017-7843 | unknown | — | — | — | When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode a… | |||
| CVE-2017-7845 | unknown | — | — | — | A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the libr… | |||
| CVE-2017-3224 | unknown | — | — | — | Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two i… | |||
| CVE-2017-17663 | unknown | — | — | — | The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution. | |||
| CVE-2017-1000445 | unknown | — | — | — | ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | |||
| CVE-2017-1000476 | unknown | — | — | — | ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. | |||
| CVE-2017-12805 | unknown | — | — | — | In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. | |||
| CVE-2017-18267 | unknown | — | — | — | The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by … | |||
| CVE-2017-18008 | unknown | — | — | — | In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. | |||
| CVE-2017-18022 | unknown | — | — | — | In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. | |||
| CVE-2017-18027 | unknown | — | — | — | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-18028 | unknown | — | — | — | In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-18210 | unknown | — | — | — | In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked. | |||
| CVE-2017-18029 | unknown | — | — | — | In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-18209 | unknown | — | — | — | In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to Ge… | |||
| CVE-2017-18211 | unknown | — | — | — | In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLK… | |||
| CVE-2017-18250 | unknown | — | — | — | An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial… | |||
| CVE-2017-18251 | unknown | — | — | — | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a craft… | |||
| CVE-2017-18272 | unknown | — | — | — | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is m… |