Max CVSS 10.0 Min CVSS 2.1 Total Count63
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7842 5.0
If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7840 4.3
JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7839 4.3
Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7838 5.0
Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7837 5.0
SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7835 7.5
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vuln
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7834 4.3
A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context o
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7833 5.0
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows fo
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7832 5.0
The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7831 5.0
A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affect
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7830 4.3
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderb
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7828 7.5
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7827 10.0
Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7826 10.0
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affect
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7525 7.5
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the Obj
06-02-2018 - 10:29 06-02-2018 - 10:29
CVE-2017-8823 6.8
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged i
03-12-2017 - 02:29 03-12-2017 - 02:29
CVE-2017-8822 4.3
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradatio
03-12-2017 - 02:29 03-12-2017 - 02:29
CVE-2017-8821 5.0
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requir
03-12-2017 - 02:29 03-12-2017 - 02:29
CVE-2017-8820 5.0
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory aut
03-12-2017 - 02:29 03-12-2017 - 02:29
CVE-2017-8819 5.0
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send
03-12-2017 - 02:29 03-12-2017 - 02:29
CVE-2017-17094 3.5
wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL.
02-12-2017 - 01:29 02-12-2017 - 01:29
CVE-2017-17093 3.5
wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site.
02-12-2017 - 01:29 02-12-2017 - 01:29
CVE-2017-17092 3.5
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
02-12-2017 - 01:29 02-12-2017 - 01:29
CVE-2017-17091 6.5
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
02-12-2017 - 01:29 02-12-2017 - 01:29
CVE-2017-17090 5.0
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain re
01-12-2017 - 19:29 01-12-2017 - 19:29
CVE-2017-15707 5.0
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
01-12-2017 - 11:29 01-12-2017 - 11:29
CVE-2017-13872 9.3
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain
29-11-2017 - 12:29 29-11-2017 - 12:29
CVE-2017-16994 2.1
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system c
27-11-2017 - 14:29 27-11-2017 - 14:29
CVE-2017-16879 6.8
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic
22-11-2017 - 17:29 22-11-2017 - 17:29
CVE-2017-15110 4.0
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and gu
20-11-2017 - 09:29 20-11-2017 - 09:29
CVE-2017-8807 6.4
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in cer
15-11-2017 - 21:29 15-11-2017 - 21:29
CVE-2017-16762 5.0
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring.
10-11-2017 - 04:29 10-11-2017 - 04:29
CVE-2017-16650 7.2
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16649 7.2
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted US
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16647 7.2
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16644 7.2
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted US
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16643 7.2
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted U
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-15597 9.0
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy
30-10-2017 - 10:29 30-10-2017 - 10:29
CVE-2017-15587 6.8
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
18-10-2017 - 04:29 18-10-2017 - 04:29
CVE-2017-15289 2.1
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2017-15369 6.8
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free an
15-10-2017 - 21:29 15-10-2017 - 21:29
CVE-2017-1000254 5.0
libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The server then responds with
06-10-2017 - 09:29 06-10-2017 - 09:29
CVE-2017-12617 6.8
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload
03-10-2017 - 21:29 03-10-2017 - 21:29
CVE-2017-14687 6.8
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. Thi
22-09-2017 - 02:29 22-09-2017 - 02:29
CVE-2017-14686 6.8
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because r
22-09-2017 - 02:29 22-09-2017 - 02:29
CVE-2017-14685 6.8
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. Thi
22-09-2017 - 02:29 22-09-2017 - 02:29
CVE-2017-14167 7.2
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.
08-09-2017 - 14:29 08-09-2017 - 14:29
CVE-2017-13733 4.3
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13732 4.3
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13731 4.3
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13730 4.3
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13729 4.3
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13728 4.3
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-11334 2.1
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-9847 4.3
The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
24-06-2017 - 13:29 24-06-2017 - 13:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2017-9216 4.3
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid f
24-05-2017 - 01:29 24-05-2017 - 01:29
CVE-2014-7169 10.0
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro
06-01-2017 - 22:00 24-09-2014 - 21:55
CVE-2014-6271 10.0
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman
06-01-2017 - 22:00 24-09-2014 - 14:48
CVE-2015-3456 7.7
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
02-01-2017 - 22:00 13-05-2015 - 14:59
CVE-2015-2808 4.3
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial
02-01-2017 - 21:59 31-03-2015 - 22:00
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2015-1789 4.3
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a cr
30-12-2016 - 21:59 12-06-2015 - 15:59
Back to Top Mark selected
Back to Top