Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-9841 | 7.5 |
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder,
|
18-04-2022 - 17:57 | 27-06-2017 - 17:29 | |
CVE-2017-16651 | 4.6 |
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to
|
04-03-2021 - 21:08 | 09-11-2017 - 14:29 | |
CVE-2017-15528 | 4.3 |
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the t
|
12-08-2020 - 17:48 | 22-11-2017 - 18:29 | |
CVE-2017-16669 | 6.8 |
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in m
|
27-01-2020 - 21:15 | 09-11-2017 - 00:29 | |
CVE-2017-14360 | 5.0 |
A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. The vulnerability could be remotely exploited to allow Denial of Service (DoS).
|
09-10-2019 - 23:23 | 08-11-2017 - 14:29 | |
CVE-2017-15102 | 6.9 |
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occur
|
08-05-2019 - 18:14 | 15-11-2017 - 21:29 | |
CVE-2017-16650 | 7.2 |
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
|
24-08-2018 - 10:29 | 07-11-2017 - 23:29 | |
CVE-2004-0424 | 7.2 |
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
|
03-05-2018 - 01:29 | 07-07-2004 - 04:00 | |
CVE-2017-15865 | 5.0 |
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers trans
|
29-11-2017 - 17:38 | 08-11-2017 - 20:29 | |
CVE-2017-16711 | 4.3 |
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractD
|
27-11-2017 - 12:58 | 09-11-2017 - 18:29 |