| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0427 | 2.1 |
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows loca
|
26-01-2024 - 18:56 | 07-07-2004 - 04:00 | |
| CVE-2017-9822 | 6.5 |
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
|
03-04-2020 - 05:15 | 20-07-2017 - 12:29 | |
| CVE-2017-16607 | 5.0 |
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within heapdumps.jsp. The i
|
09-10-2019 - 23:25 | 23-01-2018 - 01:29 | |
| CVE-2017-1694 | 4.3 |
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.
|
03-10-2019 - 00:03 | 20-12-2017 - 18:29 | |
| CVE-2017-14380 | 7.2 |
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts t
|
03-10-2019 - 00:03 | 13-12-2017 - 20:29 | |
| CVE-2017-17670 | 6.8 |
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operati
|
26-04-2019 - 15:11 | 15-12-2017 - 09:29 | |
| CVE-2017-1494 | 3.5 |
IBM Business Process Manager 8.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t
|
26-04-2019 - 15:10 | 20-12-2017 - 18:29 | |
| CVE-2017-17411 | 10.0 |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies
|
28-08-2018 - 21:29 | 21-12-2017 - 14:29 | |
| CVE-2017-14082 | 5.0 |
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.
|
01-02-2018 - 15:23 | 19-01-2018 - 19:29 | |
| CVE-2017-1751 | 3.5 |
IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre
|
05-01-2018 - 20:46 | 20-12-2017 - 18:29 | |
| CVE-2017-1558 | 5.8 |
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoo
|
27-12-2017 - 14:11 | 13-12-2017 - 18:29 |