| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9024 | 5.0 |
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via ../ sequences in a pathname.
|
09-09-2021 - 17:22 | 21-05-2017 - 14:29 | |
| CVE-2017-4915 | 7.2 |
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host m
|
03-10-2019 - 00:03 | 22-05-2017 - 14:29 | |
| CVE-2017-2509 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
03-10-2019 - 00:03 | 22-05-2017 - 05:29 | |
| CVE-2017-2516 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
03-10-2019 - 00:03 | 22-05-2017 - 05:29 | |
| CVE-2017-2522 | 7.5 |
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreFoundation" component. It allows remote
|
21-03-2019 - 21:30 | 22-05-2017 - 05:29 | |
| CVE-2017-9101 | 7.5 |
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
|
11-05-2018 - 01:29 | 21-05-2017 - 18:29 | |
| CVE-2007-1413 | 7.5 |
Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object
|
11-10-2017 - 01:31 | 12-03-2007 - 23:19 | |
| CVE-2017-9150 | 2.1 |
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address informa
|
09-09-2017 - 01:29 | 22-05-2017 - 22:29 | |
| CVE-2010-4996 | 7.5 |
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
|
29-08-2017 - 01:29 | 01-11-2011 - 22:55 | |
| CVE-2017-5631 | 4.3 |
An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
|
13-08-2017 - 01:29 | 01-05-2017 - 14:59 | |
| CVE-2017-7620 | 4.3 |
MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which
|
08-07-2017 - 01:29 | 21-05-2017 - 14:29 |