Total
32272 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8982 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found. | ||||
| CVE-2017-8979 | 1 Hp | 2 Integrated Lights-out, Integrated Lights-out 2 Firmware | 2024-11-21 | N/A |
| Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service. | ||||
| CVE-2017-8974 | 1 Hp | 2 Nonstop Server, Nonstop Server Software | 2024-11-21 | N/A |
| A Local Authentication Restriction Bypass vulnerability in HPE NonStop Server version L-Series: T6533L01 through T6533L01^ADN; J-Series and H-series: T6533H02 through T6533H04^ADF and T6533H05 through T6533H05^ADL was found. | ||||
| CVE-2017-8968 | 1 Hp | 1 Restful Interface Tool | 2024-11-21 | N/A |
| A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). The issue is resolved in iLOREST v2.1 or subsequent versions. | ||||
| CVE-2017-8960 | 1 Hp | 4 Msa 1040 San Storage, Msa 1040 San Storage Firmware, Msa 2040 San Storage and 1 more | 2024-11-21 | N/A |
| An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found. | ||||
| CVE-2017-8959 | 1 Hp | 4 Msa 1040 San Storage, Msa 1040 San Storage Firmware, Msa 2040 San Storage and 1 more | 2024-11-21 | N/A |
| An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found. | ||||
| CVE-2017-8958 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 and earlier was found. | ||||
| CVE-2017-8949 | 1 Hp | 1 Sitescope | 2024-11-21 | N/A |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | ||||
| CVE-2017-8948 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found. | ||||
| CVE-2017-8946 | 1 Hp | 1 Aruba Airwave Glass | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found. | ||||
| CVE-2017-8931 | 1 Bitdefender | 1 Gravityzone | 2024-11-21 | N/A |
| Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors. | ||||
| CVE-2017-8274 | 1 Qualcomm | 24 Mdm9206, Mdm9206 Firmware, Mdm9607 and 21 more | 2024-11-21 | N/A |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, an access control vulnerability exists in Core. | ||||
| CVE-2017-8176 | 1 Huawei | 2 Iptv Stb, Iptv Stb Firmware | 2024-11-21 | N/A |
| Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free. | ||||
| CVE-2017-7893 | 1 Saltstack | 1 Salt | 2024-11-21 | N/A |
| In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master. | ||||
| CVE-2017-7835 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57. | ||||
| CVE-2017-7830 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-11-21 | N/A |
| The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. | ||||
| CVE-2017-7822 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox < 56. | ||||
| CVE-2017-7820 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects Firefox < 56. | ||||
| CVE-2017-7790 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2024-11-21 | N/A |
| On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55. | ||||
| CVE-2017-7789 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox < 55. | ||||