| Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-5711 | 7.2 |
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
|
22-05-2023 - 16:18 | 21-11-2017 - 14:29 | |
| CVE-2017-12190 | 4.9 |
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them int
|
12-02-2023 - 23:27 | 22-11-2017 - 18:29 | |
| CVE-2017-12299 | 5.0 |
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the devic
|
09-10-2019 - 23:22 | 16-11-2017 - 07:29 | |
| CVE-2017-12306 | 2.1 |
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation.
|
09-10-2019 - 23:22 | 16-11-2017 - 07:29 | |
| CVE-2016-0750 | 6.5 |
The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code executi
|
09-10-2019 - 23:16 | 11-09-2018 - 13:29 | |
| CVE-2017-5707 | 7.2 |
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code.
|
11-05-2018 - 01:29 | 21-11-2017 - 14:29 | |
| CVE-2017-5705 | 7.2 |
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.
|
11-05-2018 - 01:29 | 21-11-2017 - 14:29 | |
| CVE-2017-7736 | 3.5 |
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
|
07-12-2017 - 16:32 | 22-11-2017 - 17:29 | |
| CVE-2004-1957 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlp
|
11-07-2017 - 01:31 | 21-04-2004 - 04:00 | |
| CVE-2004-1956 | 5.0 |
PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in the (1) includes/blocks directory, (2) pnadodb directory, (3) NS-NewUser module, (4) NS-Your_Account, (5) NS-LostPassword module, or (6) NS-User module
|
11-07-2017 - 01:31 | 21-04-2004 - 04:00 |