Max CVSS 8.5 Min CVSS 3.5 Total Count5
IDCVSSSummaryLast (major) updatePublished
CVE-2017-17055 8.5
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
06-12-2017 - 21:29 06-12-2017 - 21:29
CVE-2017-16884 4.3
Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
06-12-2017 - 21:29 06-12-2017 - 21:29
CVE-2017-14186 3.5
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.6, 5.2.0 to 5.2.12, 5.0 and below versions under SSL VPN web portal allows an authenticated user to inject arbitrary web script or HTML in the context of the
29-11-2017 - 14:29 29-11-2017 - 14:29
CVE-2017-16540 5.0
OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.
04-11-2017 - 15:29 04-11-2017 - 15:29
CVE-2017-9450 7.2
The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.
30-10-2017 - 10:29 30-10-2017 - 10:29
Back to Top Mark selected
Back to Top