Total
12593 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2495 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (application crash) via a crafted web site that improperly interacts with the history menu. | ||||
| CVE-2017-2535 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app. | ||||
| CVE-2017-2947 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | N/A |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF). | ||||
| CVE-2017-2511 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2017-2540 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | ||||
| CVE-2017-2731 | 1 Huawei | 2 P9 Plus, P9 Plus Firmware | 2025-04-20 | N/A |
| The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone vibrator service interface to crash the system. | ||||
| CVE-2017-2298 | 1 Puppet | 1 Mcollective-sshkey-security | 2025-04-20 | 6.5 Medium |
| The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem". | ||||
| CVE-2017-2340 | 1 Juniper | 1 Junos | 2025-04-20 | N/A |
| On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 prior to 16.1R3, on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured, a vulnerability in processing IPv6 ND packets originating from subscribers and destined to M/MX series routers can result in a PFE (Packet Forwarding Engine) hang or crash. | ||||
| CVE-2017-2351 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors. | ||||
| CVE-2017-2368 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. | ||||
| CVE-2017-2517 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2017-2414 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "DataAccess" component. It allows remote attackers to access Exchange traffic in opportunistic circumstances by leveraging a mistake in typing an e-mail address. | ||||
| CVE-2017-2500 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2017-2453 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site. | ||||
| CVE-2017-2179 | 1 Ipa | 1 Appgoat | 2025-04-20 | N/A |
| Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182. | ||||
| CVE-2017-8815 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2025-04-20 | N/A |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules. | ||||
| CVE-2017-8814 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2025-04-20 | N/A |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk." | ||||
| CVE-2017-7890 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Software Collections | 2025-04-20 | N/A |
| The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information. | ||||
| CVE-2017-17797 | 1 Ikarussecurity | 1 Anti.virus | 2025-04-20 | N/A |
| In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000058. | ||||
| CVE-2017-17799 | 1 Tgsoft | 1 Vir.it Explorer | 2025-04-20 | N/A |
| In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x82730068. | ||||