| Max CVSS | 6.8 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9806 | 6.8 |
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
|
07-02-2022 - 16:28 | 20-11-2017 - 17:29 | |
| CVE-2017-12607 | 6.8 |
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary c
|
07-02-2022 - 16:27 | 20-11-2017 - 19:29 | |
| CVE-2017-12608 | 6.8 |
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
|
07-02-2022 - 16:17 | 20-11-2017 - 20:29 | |
| CVE-2017-1554 | 3.5 |
IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's clic
|
16-11-2017 - 19:11 | 01-11-2017 - 21:29 | |
| CVE-2017-1553 | 3.5 |
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure
|
16-11-2017 - 18:54 | 01-11-2017 - 21:29 | |
| CVE-2017-1552 | 4.9 |
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system,
|
16-11-2017 - 18:52 | 01-11-2017 - 21:29 | |
| CVE-2017-1363 | 3.5 |
IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses
|
13-11-2017 - 17:37 | 25-10-2017 - 12:29 | |
| CVE-2017-1164 | 3.5 |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio
|
13-11-2017 - 17:33 | 25-10-2017 - 12:29 | |
| CVE-2017-2132 | 6.4 |
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors.
|
08-11-2017 - 18:29 | 20-10-2017 - 11:29 | |
| CVE-2017-2131 | 5.0 |
Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors.
|
08-11-2017 - 18:27 | 20-10-2017 - 11:29 | |
| CVE-2017-2133 | 6.5 |
SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
07-11-2017 - 20:24 | 20-10-2017 - 11:29 | |
| CVE-2004-0407 | 2.6 |
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads bef
|
11-07-2017 - 01:30 | 01-06-2004 - 04:00 |