Tools 2017

129040Apple iOS HTTP 7pk security [CVE-2017-2411]
129039Apple iOS State Management input validation [CVE-2017-13891]
129037Apple iOS type conversion [CVE-2017-13888]
129036Apple macOS APFS key management [CVE-2017-13887]
129035Apple macOS WiFi System Configuration improper authorization
123295CMS Web-Gooroo sql injection
118157Symantec Content Analysis Module/Mail Threat Defense Management Console cross-site request forgery
117569Apache Hadoop access control [CVE-2016-6811]🔒🔒
111941Symantec Advanced Secure Gateway/ProxySG Credentials credentials management🔒
111940Symantec Advanced Secure Gateway/ProxySG Management Console redirect🔒
111939FortiClientWindows FortiClientNamedPipe access control [CVE-2016-8493]
111216E-goi Smart Marketing SMS/Newsletters Forms Plugin egoi-for-wp-form_egoi.php cross site scripting
111212Exiv2 TIFF File value.cpp toLong null pointer dereference
111211Zurmo mapAndPoint cross site scripting
111210Trustwave Secure Web Gateway SSH Key sendKey key management
111209Wireshark MRDISC Dissector packet-mrdisc.c null pointer dereference🔒🔒
111208House iStar Ultra IP-ACM Ethernet Door Module access control
111207Webmin run.cgi cross site scripting🔒🔒
111206Red Lion HMI Panel URI 7pk error [CVE-2017-14855]
111205PHPJabbers File Sharing Script Comment Stored cross site scripting
111204PHPJabbers Night Club Booking Software Reservations Tab Stored cross site scripting
111203PHPJabbers Star Rating Script Rating Item Stored cross site scripting
111202PHPJabbers PHP Newsletter Script Admin Panel Stored cross site scripting
111201Magento Community Edition/Enterprise Edition E-Mail Template cross site scripting🔒
111200Biometric Shift Employee Management System index.php cross site scripting
111199Biometric Shift Employee Management System index.php cross site scripting
111198Biometric Shift Employee Management System index.php cross site scripting
111197Biometric Shift Employee Management System index.php download_form path traversal
111196Biometric Shift Employee Management System index.php cross site scripting
111195Biometric Shift Employee Management System index.php edit_holiday cross-site request forgery
111194Biometric Shift Employee Management System index.php edit_holiday cross site scripting
111193PHP Scripts Mall Muslim Matrimonial Script event_add.php cross site scripting
111192PHP Scripts Mall Muslim Matrimonial Script File Upload mydetails_edit.php unrestricted upload
111191PHP Scripts Mall Muslim Matrimonial Script caste_view.php cross site scripting
111190PHP Scripts Mall Muslim Matrimonial Script state_view.php cross site scripting
111189PHP Scripts Mall Muslim Matrimonial Script event_edit.php cross site scripting
111188PHP Scripts Mall Muslim Matrimonial Script view-profile.php sql injection
111187PHP Scripts Mall Muslim Matrimonial Script subadmin_edit.php cross-site request forgery
111186PHP Scripts Mall Muslim Matrimonial Script slider_edit.php cross site scripting
111185Linux Kernel usbtv-core.c usbtv_probe use after free🔒🔒
111184BA BAS Web get_sid_js.aspx credentials management🔒🔒
111183LibTIFF tiff2pdf tiff2pdf.c t2p_writeproc use after free🔒
111182Dolibarr ERP/CRM test_sql_and_script_inject cross site scripting🔒
111181NetTransport Download Manager NetTransport.exe memory corruption
111180Netwin SurgeFTP Web Manager Interface surgeftpmgr.cgi cross site scripting
111179Ruby on Rails reorder sql injection
111178Ruby on Rails order sql injection
111177Ruby on Rails where sql injection
111176Ruby on Rails find_by sql injection
111175Hoermann BiSecur cryptographic issues [CVE-2017-17910]
111174ZyXEL P-660HW TTL resource consumption [CVE-2017-17901]
111173OpenCV grfmt_pxm.cpp readData memory corruption🔒🔒
111172Mistune keyify cross site scripting🔒🔒
111171Linux Kernel EINJ einj.c einj_error_inject injection🔒
111170TheCartPress eCommerce Shopping Cart Authentication Mechanism access control
111168netcf Path Expression find_ifcfg_path input validation🔒🔒
111167rawstudio rs-filter.c rs_filter_graph link following🔒🔒
111166JBoss KeyCloak QR Code Generator resource consumption [CVE-2014-3651]
111165Play XML Data xml external entity reference [CVE-2014-3630] Admin Terminal improper authentication [CVE-2014-0121] Admin Terminal cross-site request forgery [CVE-2014-0120]
111162Direct Mail Extension Authentication Code information disclosure
111161Oracle Java SE jarsigner Signature injection🔒🔒
111160Zend Framework order sql injection🔒🔒
111159Kingsoft WP Office PPT File pptreader.dll input validation
111158PHP Scripts Mall PHP Multivendor Ecommerce sellerupd.php cross-site request forgery
111157PHP Scripts Mall PHP Multivendor Ecommerce seller-view.php sql injection
111156PHP Scripts Mall PHP Multivendor Ecommerce my_wishlist.php cross site scripting
111155PHP Scripts Mall PHP Multivendor Ecommerce my_wishlist.php sql injection
111154PHP Scripts Mall PHP Multivendor Ecommerce sellerupd.php cross site scripting
111153PHP Scripts Mall PHP Multivendor Ecommerce shopping-cart.php cross site scripting
111152PHP Scripts Mall PHP Multivendor Ecommerce seller-view.php cross site scripting
111151PHP Scripts Mall PHP Multivendor Ecommerce category.php cross site scripting
111150PHP Scripts Mall PHP Multivendor Ecommerce Registration URL input validation
111149PHP Scripts Mall PHP Multivendor Ecommerce shopping-cart.php sql injection
111148Cells Blog pub_readpost.php sql injection
111147Cells Blog pub_readpost.php cross site scripting
111146Cells Blog cross site scripting [CVE-2017-17948]
111145LibTIFF tif_packbits.c PackBitsEncode memory corruption🔒
111144PHP Scripts Mall Single Theater Booking movieview.php sql injection
111143PHP Scripts Mall Single Theater Booking sitesettings.php cross site scripting
111142PHP Scripts Mall Single Theater Booking sitesettings.php cross-site request forgery
111141PHP Scripts Mall Single Theater Booking viewtheatre.php cross site scripting
111140Vanguard Marketplace Digital Products PHP search cross site scripting
111139Vanguard Marketplace Digital Products PHP search cross-site request forgery
111138ALLPlayer ALLMediaServer Service Port 888 MediaServer.exe memory corruption
111137Synology Chat Slash Command Creator cross site scripting [CVE-2017-15892]
111136Synology Chat Link Preview server-side request forgery [CVE-2017-15886]
111135Dell EMC VNX1/VNX2 VNX Control Station Reflected cross site scripting
111134SysGauge input validation [CVE-2017-15667]
111133Apple watchOS IOKit memory corruption [CVE-2017-7162]🔒🔒
111132Apple tvOS IOKit memory corruption [CVE-2017-7162]🔒🔒
111131Apple macOS IOKit memory corruption [CVE-2017-7162]🔒🔒
111130Apple tvOS WebKit memory corruption [CVE-2017-7160]🔒🔒
111129Apple iTunes WebKit memory corruption [CVE-2017-7160]🔒🔒
111128Apple iCloud WebKit memory corruption [CVE-2017-7160]🔒🔒
111127Apple Safari WebKit memory corruption [CVE-2017-7160]🔒🔒
111126Apple macOS Kernel input validation [CVE-2017-7154]🔒🔒
111125Apple tvOS Kernel input validation [CVE-2017-7154]🔒🔒
111124Siemens 7KT PAC1200 Data Manager Integrated Web Server access control
111123FFmpeg MOV File null pointer dereference [CVE-2017-9608]🔒🔒
111122Apple macOS Intel Graphics Driver memory corruption [CVE-2017-7163]🔒🔒
111121Apple iOS IOKit memory corruption [CVE-2017-7162]🔒🔒
111120Apple iOS WebKit memory corruption [CVE-2017-7160]🔒🔒
111119Apple macOS IOAcceleratorFamily memory corruption [CVE-2017-7159]🔒🔒
111118Apple macOS Screen Sharing Server memory corruption [CVE-2017-7158]🔒🔒
111117Apple macOS Intel Graphics Driver memory corruption [CVE-2017-7155]🔒🔒
111116Apple iOS Kernel input validation [CVE-2017-7154]🔒🔒
111115Apple iOS Mail Message Framework Address 7pk security
111114Wireshark wslua_file.c File_read_line memory corruption🔒🔒
111113ImageMagick msl.c ProcessMSLScript resource management🔒
111112PHP Scripts Mall Resume Clone Script forget.php sql injection
111111PHP Scripts Mall Professional Service Script User Panel general_settingupd.php cross-site request forgery
111110PHP Scripts Mall Professional Service Script bannerview.php cross site scripting
111109PHP Scripts Mall Professional Service Script review.php sql injection
111108PHP Scripts Mall Professional Service Script Path path traversal
111107PHP Scripts Mall Professional Service Script Registration URL information disclosure
111106PHP Scripts Mall Professional Service Script general_settingupd.php cross site scripting
111105PHP Scripts Mall Professional Service Script review_userwise.php Path path traversal
111104GraphicsMagick png.c ReadMNGImage memory corruption🔒🔒
111103ImageMagick MNG Image File png.c ReadOnePNGImage resource management🔒🔒
111102GraphicsMagick webp.c WriteWEBPImage memory corruption🔒🔒
111101GraphicsMagick tiff.c ReadNewsProfile memory corruption🔒🔒
111100Archon contact.php cross site scripting
111099PHP Scripts Mall Responsive Realestate Script general.php cross site scripting
111098PHP Scripts Mall Responsive Realestate Script general cross-site request forgery
111097PHP Scripts Mall Car Rental Script areaedit.php cross site scripting
111096PHP Scripts Mall Car Rental Script carlistedit.php sql injection
111095PHP Scripts Mall Car Rental Script sitesettings.php cross-site request forgery
111094FS Lynda Clone cross site scripting [CVE-2017-17904]
111093FS Lynda Clone edit_profile cross-site request forgery
111092Dolibarr ERP/CRM index.php sql injection🔒
111091Dolibarr ERP/CRM info.php sql injection🔒
111090Dolibarr ERP/CRM information disclosure [CVE-2017-17898]🔒
111089Dolibarr ERP/CRM multiprix.php sql injection🔒
111088Readymade Job Site Script job cross site scripting
111087Readymade Job Site Script job sql injection
111086Readymade Job Site Script job cross-site request forgery
111085Readymade Video Sharing Script search_video.php cross site scripting
111084Readymade Video Sharing Script viewsubs.php sql injection
111083Readymade Video Sharing Script user-profile-edit.php cross-site request forgery
111082Anti-Web write.cgi os command injection🔒
111081ImageMagick MNG Image File cache.c GetImagePixelCache resource management🔒
111080ImageMagick PSD Image File psd.c ReadPSDChannelZip resource management🔒
111079ImageMagick PICT Image File pict.c ReadPICTImage resource management🔒
111078ImageMagick PNG Image File png.c WriteOnePNGImage resource management🔒
111077ImageMagick PGX Image File pgx.c ReadPGXImage resource management
111076ImageMagick XPM Image xpm.c ReadXPMImage resource management🔒
111075ImageMagick MAT Image File mat.c ReadMATImage resource management🔒
111074ImageMagick Version Check webp.c WriteWEBPImage memory corruption
111073ImageMagick png.c ReadOneMNGImage memory corruption🔒🔒
111072Valve Steam Link risky encryption [CVE-2017-17878]
111071Valve Steam Link SSH Daemon MAC Address credentials management
111070echno Biometric Shift Employee Management System permission [CVE-2017-17876]
111069JEXTN FAQ Pro Extension sql injection [CVE-2017-17875]
111068Vanguard Marketplace Digital Products PHP Add a new product/Add a product preview unrestricted upload
111067Vanguard Marketplace Digital Products PHP p sql injection
111066JEXTN Video Gallery Extension sql injection [CVE-2017-17872]
111065JEXTN Question And Answer Extension sql injection [CVE-2017-17871]
111064JBuildozer Extension sql injection [CVE-2017-17870]
111063mgl-instagram-gallery Plugin single-gallery.php cross site scripting
111062Liferay Portal cross site scripting [CVE-2017-17868]
111061Artifex MuPDF pdf-write.c memory corruption🔒🔒
111060Samsung Internet Browser IFRAME cross site scripting [CVE-2017-17859]
111059Linux Kernel verifier.c check_stack_boundary memory corruption🔒🔒
111058Linux Kernel Stack Pointer verifier.c memory corruption🔒🔒
111057Linux Kernel Pointer verifier.c memory corruption🔒🔒
111056Linux Kernel Pointer Arithmetic verifier.c integer overflow🔒🔒
111055Linux Kernel verifier.c memory corruption🔒🔒
111054Linux Kernel 32-bit ALU ops verifier.c memory corruption🔒🔒
111053GetGo Download Manager HTTP Server memory corruption [CVE-2017-17849]
111052Enigmail Multipart Message signature verification [CVE-2017-17848]🔒🔒
111051Enigmail Signature signature verification [CVE-2017-17847]🔒🔒
111050Enigmail Regular Expression input validation [CVE-2017-17846]🔒🔒
111049Enigmail Random Generator Math.Random weak prng🔒🔒
111048Enigmail information disclosure [CVE-2017-17844]🔒🔒
111047Enigmail Regular Expression cryptographic issues [CVE-2017-17843]🔒🔒
111046open-iscsi iscsiuio Server iscsid_ipc.c process_iscsid_broadcast memory corruption
111045ServersCheck Monitoring Software settings-save.html cross site scripting
111044Content Manager Assistant for PlayStation untrusted search path
111043Linux Kernel Register verifier.c memory corruption
111042Linux Kernel Sign Extension verifier.c check_alu_op memory corruption🔒🔒
111041IBM WebSphere Portal Error Message information disclosure [CVE-2017-1698]🔒
111040Auth0 passport-wsfed-saml2 SAML Response access control [CVE-2017-16897]
111039Synology MailPlus Server User Policy Editor cross site scripting
111038IBM Team Concert Web UI cross site scripting [CVE-2017-1365]
111037PDF-XChange PDF File launchURL input validation
111036IBM Rational Collaborative Lifecycle Management URL access control
111035MQTT.js PUBLISH Ticket resource management [CVE-2017-10910]
111034Samsung S6 Edge SecEmailComposer/EmailComposer permission [CVE-2015-7889]
111033Easy2Map Plugin Upload File MapImportCSV2.php path traversal
111032Easy2Map Plugin MapPinImageSave.php cross site scripting
111031ResAds Plugin admanagement.php cross site scripting
111030Payment Form for PayPal Pro Plugin cross site scripting
111029StackIdeas Komento Comment comment.php cross site scripting
111028phpMyBackupPro Multi-User Mode sql injection [CVE-2015-3637]
111027AirLive BU-2015/BU-3026/WL-2000CAM/POE-200CAM Web Server wireless_mft.cgi os command injection🔒
111026Linux Kernel Extended BPF Verifier verifier.c information disclosure🔒🔒
111025Linux Kernel Extended BPF Verifier verifier.c integer overflow🔒🔒
111024Linux Kernel Extended BPF Verifier verifier.c input validation🔒🔒
111023Siemens SIMATIC S7 data processing [CVE-2017-12741]
111022Siemens LOGO! Soft Comfort Integrity Verification insufficient verification of data authenticity
111021Siemens RuggedCom ROS Ruggedcom Discovery Protocol access control
111020HPE NonStop Server access control [CVE-2017-8974]
111019Ubiquiti UniFi Video Directory Permission permission [CVE-2016-6914]
111018Digium Asterisk PJSIP Channel Driver Contact Header input validation🔒🔒
111017Synology DiskStation Manager synodsmnotify injection [CVE-2017-16766]
111016Huawei HG8245H URL information disclosure [CVE-2017-15328]
111015Huawei S12700/S2700/S5700/S6700/S7700/S9700 NQA Packet input validation
111014Huawei Smart Phone NFC Message input validation [CVE-2017-15322]
111013Huawei FusionSphere OpenStack Transmission Protocol information disclosure
111012Huawei RP200/TE30/TE40/TE50/TE60 SS7 Packet out-of-bounds read
111011Huawei RP200/TE30/TE40/TE50/TE60 SS7 Packet out-of-bounds read
111010Huawei RP200/TE30/TE40/TE50/TE60 SS7 Packet out-of-bounds read
111009Huawei SRG3300 SCTP out-of-bounds read [CVE-2017-15317]
111008Huawei Mate 9 GPU Driver double free [CVE-2017-15316]
111007Huawei SmartCare CSV injection [CVE-2017-15313]
111006Huawei SmartCare Dashboard Stored cross site scripting
111005Huawei Mate 9/Mate 9 Pro/Mate 10/Mate 10 Pro Baseband Module memory corruption
111004Huawei iReader App SD Card input validation [CVE-2017-15310]
111003Huawei iReader App path traversal [CVE-2017-15309]
111002Huawei iReader App URL input validation [CVE-2017-15308]
111001Huawei Honor 8 Permission Control access control [CVE-2017-15307]
111000Rockwell Automation FactoryTalk Alarms/Events Service Port TCP 403 input validation
110999Music Center for PC DLL Loader untrusted search path [CVE-2017-10909]
110998H2O HTTP2 Header input validation [CVE-2017-10908]🔒
110997OneThird CMS Show Off path traversal [CVE-2017-10907]
110996H2O range error [CVE-2017-10872]🔒
110995H2O memory corruption [CVE-2017-10869]🔒🔒
110994H2O HTTP1 Header input validation [CVE-2017-10868]🔒🔒
110993Moxa NPort W2150A/NPort W2250A credentials management [CVE-2017-16727]
110992Micro Focus Operations Manager i cross site scripting [CVE-2017-14363]
110991F5 BIG-IP iControl REST race condition [CVE-2017-6167]🔒
110990F5 BIG-IP Traffic Management Microkernel input validation [CVE-2017-6164]🔒
110989F5 BIG-IP Virtual Server resource management [CVE-2017-6151]🔒
110988F5 BIG-IP Virtual Server input validation [CVE-2017-6140]🔒
110987F5 BIG-IP APM Debug Mode Log log file🔒
110986F5 BIG-IP TMM input validation [CVE-2017-6138]🔒
110985F5 BIG-IP Virtual Server Traffic Management Microkernel input validation🔒
110984F5 BIG-IP IPv4/IPv6 resource management [CVE-2017-6135]🔒
110983F5 BIG-IP TMM input validation [CVE-2017-6134]🔒
110982F5 BIG-IP HTTP input validation [CVE-2017-6133]🔒
110981F5 BIG-IP TMM input validation [CVE-2017-6132]🔒
110980F5 BIG-IP APM VPN/PPP input validation [CVE-2017-6129]🔒
110979BitDefender Internet Security cevakrnl.xmd out-of-bounds write
110978BitDefender Internet Security cevakrnl.xmd integer overflow
110977BitDefender Internet Security cevakrnl.xmd integer overflow
110976F5 BIG-IP AFM Management UI sql injection [CVE-2017-0304]🔒
110975F5 BIG-IP APM Portal access control [CVE-2017-0301]🔒
110974puppetlabs-mysql improper authentication [CVE-2015-7224]
110973Puppet Enterprise Certificate certificate validation [CVE-2015-4100]🔒
110972GitHub Git LFS Config File input validation [CVE-2017-17831]🔒
110971Bus Booking Script new_master.php cross-site request forgery
110970Bus Booking Script view_seatseller.php sql injection
110969Bus Booking Script results.php cross site scripting
110968Piwigo Configuration admin.php cross-site request forgery🔒
110967Piwigo Configuration admin.php Persistent cross site scripting🔒
110966Piwigo Batch Manager admin.php Persistent cross site scripting🔒
110965Piwigo Batch Manager batch_manager_unit.php sql injection🔒
110964Piwigo Configuration configuration.php sql injection🔒
110963Piwigo List Users API user_list_backend.php sql injection🔒
110962WebKit FastBitVector.h resizeSlow memory corruption
110961Netwide Assembler preproc.c use after free🔒🔒
110960NASM preproc.c find_cc null pointer dereference🔒🔒
110959NASM preproc.c paste_tokens memory corruption🔒🔒
110958NASM preproc.c use after free🔒🔒
110957NASM preproc.c pp_getline use after free🔒🔒
110956NASM preproc.c is_mmacro Address unusual condition🔒🔒
110955NASM preproc.c use after free🔒🔒
110954NASM preproc.c pp_list_one_macro use after free🔒🔒
110953NASM preproc.c detoken memory corruption🔒🔒
110952NASM preproc.c paste_tokens memory corruption🔒🔒
110951NASM Macro Call preproc.c input validation🔒🔒
110950Samsung Internet Browser information disclosure [CVE-2017-17692]
110949Genexis GAPS CPE Command information disclosure [CVE-2017-6094]
110948Cambium cnPilot Web Application cross-site request forgery [CVE-2017-5263]
110947Cambium cnPilot SNMP information disclosure [CVE-2017-5262]
110946Cambium cnPilot Administrative Console traceroute path traversal
110945Cambium cnPilot Administrative Console down_cfg_file Config config
110944Cambium cnPilot syscmd.asp 7pk security
110943Cambium ePMP SNMP cross site scripting [CVE-2017-5258]
110942Cambium ePMP SNMP cross site scripting [CVE-2017-5257]
110941Cambium ePMP Web Administration Console Persistent cross site scripting
110940Cambium ePMP Web Management Console get_chart command injection
110939Cambium ePMP access control [CVE-2017-5254]
110938VMware vCenter Server Appliance showlog Plugin access control🔒
110937VMware ESXi/Workstation/Fusion VNC Session memory corruption🔒
110936VMware ESXi Host Client Stored cross site scripting🔒
110935VMware ESXi/Workstation/Fusion VNC Session memory corruption🔒
110934Golden Frog VyprVPN vyprvpnservice Launch Daemon untrusted search path
110933Linux Kernel KEYS Subsystem request_key.c request_key access control🔒🔒
110932Linux Kernel HMAC hmac.c memory corruption🔒🔒
110931Linux Kernel Salsa20 Encryption Algorithm salsa20_generic.c input validation🔒🔒
110930Ability Mail Server _readmail cross site scripting
110929TP-LINK TL-SG108E Logout access control [CVE-2017-17747]
110928TP-LINK TL-SG108E NAT access control [CVE-2017-17746]
110927TP-LINK TL-SG108E system_name_set.cgi cross site scripting
110926IBM Security Guardium Back-End Database sql injection [CVE-2017-1757]
110925IBM Robotic Process Automation with Automation Anywhere Web UI cross site scripting
110924Open Ticket Request System Cookie Session Hijacking access control🔒🔒
110923IBM Jazz for Service Management cross-site request forgery [CVE-2017-1746]
110922IBM QRadar input validation [CVE-2017-1696]
110921IBM Integration Bus Credentials information disclosure [CVE-2017-1694]
110920Ceph RADOS Gateway 7pk security🔒🔒
110919Ecava IntegraXor Database Log sql injection [CVE-2017-16735]
110918Ecava IntegraXor sql injection [CVE-2017-16733]
110917ABB Ellipse LDAP credentials management [CVE-2017-16731]
110916XiongMai IP Camera/DVR NetSurveillance Web Interface memory corruption
110915WECON LeviStudio HMI memory corruption [CVE-2017-16717]
110914Foxit Reader SIZ Marker out-of-bounds read [CVE-2017-16589]🔒🔒
110913Foxit Reader SOT Marker out-of-bounds read [CVE-2017-16588]🔒🔒
110912Foxit Reader removeField use after free🔒
110911Foxit Reader addAnnot use after free🔒🔒
110910Foxit Reader app.response use after free🔒🔒
110909Foxit Reader util.printf out-of-bounds read🔒
110908Foxit Reader XFA Form use after free [CVE-2017-16583]🔒🔒
110907Foxit Reader XFA clearItems type conversion🔒
110906Foxit Reader Document Object use after free [CVE-2017-16581]🔒🔒
110905Foxit Reader XFA Form out-of-bounds read [CVE-2017-16580]🔒
110904Foxit Reader JPEG2000 Image out-of-bounds read [CVE-2017-16579]🔒🔒
110903Foxit Reader XFA Form type conversion [CVE-2017-16578]🔒
110902Foxit Reader Field Object use after free [CVE-2017-16577]🔒🔒
110901Foxit Reader XFA Field Element use after free [CVE-2017-16576]🔒🔒
110900Foxit Reader XFA Bind Element use after free [CVE-2017-16575]🔒
110899Foxit Reader Image Filter out-of-bounds read [CVE-2017-16574]🔒
110898Foxit Reader LZWDecode Filter out-of-bounds read [CVE-2017-16573]🔒🔒
110897Foxit Reader FormCalc closeDoc type conversion🔒
110896Foxit Reader FormCalc type conversion [CVE-2017-16571]🔒🔒
110895IBM Jazz for Service Management cross-site request forgery [CVE-2017-1631]
110894IBM Security Guardium Database Activity Monitor cross site scripting
110893IBM Security Guardium Database Activity Monitor cryptographic issues
110892IBM Security Guardium Database Activity Monitor information disclosure
110891IBM Security Guardium Database Activity Monitor information disclosure
110890Symantec Messaging Gateway path traversal [CVE-2017-15532]🔒🔒
110889Ikarus anti.virus Driver ntguard.sys out-of-bounds write🔒
110888Ikarus anti.virus Driver ntguard.sys input validation🔒
110887Ikarus anti.virus Driver ntguard.sys input validation🔒
110886Ikarus anti.virus Driver ntguard.sys input validation🔒
110885Ikarus anti.virus Driver ntguard.sys input validation🔒
110884Ikarus anti.virus Driver ntguard.sys input validation🔒
110883Ikarus anti.virus Driver ntguard.sys input validation🔒
110882Ikarus anti.virus Driver ntguard.sys out-of-bounds write🔒
110881IBM Business Process Manager Web UI cross site scripting [CVE-2017-1494]
110880Foxit Reader XFA Layout Object pageSpan type conversion🔒🔒
110879Foxit Reader Annotation use after free [CVE-2017-14836]🔒🔒
110878Foxit Reader XFA Layout Object page type conversion🔒🔒
110877Foxit Reader FileAttachment Annotation Object use after free🔒🔒
110876Foxit Reader Text Annotation Object use after free [CVE-2017-14833]🔒🔒
110875Foxit Reader Caret Annotation Object use after free [CVE-2017-14832]🔒🔒
110874Foxit Reader Circle Annotation Object use after free [CVE-2017-14831]🔒🔒
110873Foxit Reader XFAScriptObject Object setFocus type conversion🔒🔒
110872Foxit Reader XFAScriptObject Object openList type conversion🔒🔒
110871Foxit Reader XFA Layout Object type conversion [CVE-2017-14828]🔒🔒
110870Foxit Reader XFA Node Object append type conversion🔒🔒
110869Foxit Reader XFA Node Object formNodes type conversion🔒🔒
110868Foxit Reader XFAScriptObject Object remove type conversion🔒🔒
110867Foxit Reader XFAScriptObject Object insert type conversion🔒🔒
110866Foxit Reader XFA Signature Object type conversion [CVE-2017-14823]🔒🔒
110865Foxit Reader SIZ Marker out-of-bounds read [CVE-2017-14822]🔒
110864Foxit Reader SIZ Marker out-of-bounds read [CVE-2017-14821]🔒
110863Foxit Reader JPEG2000 Image out-of-bounds read [CVE-2017-14820]🔒
110862Foxit Reader cdef Box out-of-bounds read [CVE-2017-14819]🔒🔒
110861Foxit Reader JPEG2000 Image out-of-bounds read [CVE-2017-14818]🔒
110860EMC Isilon OneFS NFS Service 7pk security [CVE-2017-14387]
110859IBM Data Domain DD OS SMB1 memory corruption [CVE-2017-14385]
110858IBM Security Guardium Session session fixiation [CVE-2017-1270]
110857IBM Security Guardium Permission permission [CVE-2017-1266]
110856IBM Security Guardium HTTP Response Splitting response splitting
110855IBM Security Guardium Log File information disclosure [CVE-2017-1261]
110854IBM Security Guardium information disclosure [CVE-2017-1257]
110853Synology Photo Station PixlrEditorHandler.php cross site scripting🔒
110852Foxit Reader Link Object setAction use after free🔒🔒
110851Foxit Reader Field Object use after free [CVE-2017-10958]🔒🔒
110850Foxit Reader Annotation Object use after free [CVE-2017-10957]🔒
110849Foxit Reader out-of-bounds read [CVE-2017-10956]🔒🔒
110848SolarWinds Storage Manager/Storage Profiler/Backup Profiler LoginServlet Page sql injection
110847bSuite Plugin ui_stats.php cross site scripting
110846Linksys WVBR0 os command injection [CVE-2017-17411]🔒
110845Apple tvOS HomeKit state issue [CVE-2017-13903]
110844Ikarus Anti-Virus Driver ntguard.sys input validation🔒
110843TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110842TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110841TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110840TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110839TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110838TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110837Ikarus Anti-Virus Driver ntguard.sys input validation🔒
110836TG Soft Vir.IT eXplorer Lite Driver VIRAGTLT.SYS input validation
110835Ikarus Anti-Virus Driver ntguard.sys input validation🔒
110834BlogoText Access Restriction preferences.php access control
110833BlogoText maintenance.php creer_fichier_zip information disclosure
110832BlogoText conv.php markup_clean_href cross site scripting
110831Ruby resolv.rb new injection🔒🔒
110830GIMP file-psp.c read_channel_data memory corruption🔒🔒
110829GIMP xcf.c xcf_load_stream out-of-bounds read🔒🔒
110828GIMP file-psp.c read_creator_block out-of-bounds read🔒🔒
110827GIMP RGBA Image file-tga.c readimage out-of-bounds read🔒🔒
110826GIMP fli.c fli_read_brun memory corruption🔒🔒
110825GIMP gbr Import Parser file-gbr.c load_image out-of-bounds read🔒🔒
110824GraphicsMagick palm.c readpalmimage memory corruption🔒🔒
110823GraphicsMagick png.c memory corruption🔒🔒
110822Horde Groupware prefs.php sql injection🔒
110821Apple iOS HomeKit state issue [CVE-2017-13903]
110820Clockwork SM clockwork-test-message.php cross site scripting
110819Paid To Read Script referrals.php sql injection
110818Paid To Read Script referrals.php cross site scripting
110817Paid To Read Script viewvisitcamp.php improper authentication
110816Paid To Read Script userview.php Path information disclosure
110815Piwigo admin.php cross site scripting🔒
110814Piwigo configuration.php cross-site request forgery🔒
110813SuperBeam Direct Share cryptographic issues [CVE-2017-17763]
110812Ichano AtHome IP Camera Noodles Service command injection [CVE-2017-17761]
110811Conarc iChannel wc.dll access control [CVE-2017-17759]
110810TP-LINK TL-WVR/TL-WAR dhcps.lua zone_get_iface_bydev command injection
110809TP-LINK TL-WVR/TL-WAR wportal.lua get_device_byif command injection
110808esb-csv-import-export Plugin esb-cie-import-export-page.php cross site scripting
110807custom-map Plugin advancedsettings.php cross site scripting
110806wp-concours Plugin concours_page.php cross site scripting
110805SyncBreeze Enterprise Server Request memory corruption [CVE-2017-17088]
110804Meinberg Lantime Web Configuration Utility mainv2 File information disclosure
110803Zoom Client zoommtg:/ Scheme ZoomLauncher os command injection
110802Zoom Client zoommtg:/ Scheme ZoomLauncher memory corruption
110801JBPM Kie Workbench Task Name cross site scripting [CVE-2013-6465]
110800Zivif PR115-204-P-RS hard-coded credentials [CVE-2017-17107]
110799Zivif PR115-204-P-RS param.cgi credentials management
110798Zivif PR115-204-P-RS iptest.cgi command injection
110797AccessKeys AccessPress Anonymous Post Pro Plugin file-uploader.php unrestricted upload
110796GPWeb User Database db.php Credentials information disclosure
110795GPWeb File Upload unrestricted upload [CVE-2017-15876]
110794GPWeb Password Recovery sql injection [CVE-2017-15875]
110793Kemp Load Balancer Web Application Firewall 7pk security [CVE-2017-15524]
110792MT4 SenhaSegura Web Application login_if.php session fixiation
110791IBM WebSphere information disclosure [CVE-2017-1423]
110790ZUUSE BEIMS ContractorWeb .NET List sql injection
110789Apache Sling Authentication Service Credentials information disclosure
110788Heketi 5 Server Configuration File heketi.json Password information disclosure🔒🔒
110787Heketi 5 Server API input validation [CVE-2017-15103]🔒🔒
110786NetApp Clustered Data ONTAP SMB input validation [CVE-2017-14583]
110785Apache Drill Query Page cross site scripting [CVE-2017-12630]
110784Linux Kernel KVM x86.c out-of-bounds read🔒🔒
110783OpenLDAP nops Module nops.c memory corruption🔒
110782BrightSign Digital Signage storage.html path traversal
110781BrightSign Digital Signage tools.html File access control
110780BrightSign Digital Signage network_diagnostics.html cross site scripting
110779CMS Made Simple Login Cache information disclosure [CVE-2017-17735]
110778CMS Made Simple Login Cache information disclosure [CVE-2017-17734]
110777Paid To Read Script userview.php sql injection
110776Readymade Video Sharing Script single-video-detail.php code injection
110775Bus Booking Script index.php sql injection
110774FS Lynda Clone sql injection [CVE-2017-17643]
110773MacCMS index.php command injection
110772DeDeCMS recommend.php sql injection
110771DeDeCMS flink_add.php sql injection
110770DeDeCMS File Upload article_edit.php unrestricted upload
110769GNU C Library dl-load.c untrusted search path🔒🔒
110768net-ldap gem SSL Certificate Validator certificate validation
110767Sonatype Nexus Repository Manager Password risky encryption [CVE-2017-17717]🔒
110766GitLab LDAP SSL Certificate Verification certificate validation
110765QNAP QTS memory corruption [CVE-2017-17033]🔒
110764QNAP QTS memory corruption [CVE-2017-17032]🔒
110763QNAP QTS memory corruption [CVE-2017-17031]🔒
110762QNAP QTS memory corruption [CVE-2017-17030]🔒
110761QNAP QTS memory corruption [CVE-2017-17029]🔒
110760QNAP QTS memory corruption [CVE-2017-17028]🔒
110759QNAP QTS memory corruption [CVE-2017-17027]🔒
110758Apple iTunes WebKit memory corruption [CVE-2017-13866]🔒🔒
110757Apple iTunes WebKit memory corruption [CVE-2017-13870]🔒🔒
110756Apple iTunes WebKit memory corruption [CVE-2017-13856]🔒🔒
110755Apple iTunes WebKit memory corruption [CVE-2017-7157]🔒🔒
110754Apple iTunes WebKit memory corruption [CVE-2017-7156]🔒🔒
110753Apple iTunes APNs Server Track information disclosure🔒
110752Apple Safari WebKit memory corruption [CVE-2017-13866]🔒🔒
110751Apple Safari WebKit memory corruption [CVE-2017-13870]🔒🔒
110750Apple Safari WebKit memory corruption [CVE-2017-13856]🔒🔒
110749Apple Safari WebKit memory corruption [CVE-2017-7157]🔒🔒
110748Apple Safari WebKit memory corruption [CVE-2017-7156]🔒🔒
110747Telegram Messenger saveFile path traversal
110746Trape cross site scripting [CVE-2017-17714]
110745Trape sql injection [CVE-2017-17713]
110744UrBackup Server cross site scripting [CVE-2017-16950]
110743Maplesoft Maple T.A. Password Page Reflected cross site scripting
110742PCAUSA Rawether Framework BPF Data memory corruption [CVE-2017-3196]
110741Commvault Edge Communication Service memory corruption [CVE-2017-3195]
110740Pandora SSL Certificate Validator information disclosure [CVE-2017-3194]
110739D-Link DIR-850L HNAP Service memory corruption [CVE-2017-3193]🔒
110738D-Link DIR-130/DIR-330 Base64 Encoding tools_admin.asp Credentials credentials management
110737D-Link DIR-130/DIR-330 Remote Management tools_admin.asp input validation
110736Flash Seats Mobile App SSL Certificate Validator certificate validation
110735ACTi Camera hard-coded credentials [CVE-2017-3186]🔒
110734ACTi Camera HTTP GET information disclosure [CVE-2017-3185]🔒
110733ACTi Camera setup_maintain_firmware-default.html hard-coded credentials🔒
110732Linux Kernel raw.c raw_sendmsg race condition🔒🔒
110731K7 Antivirus K7Sentry.sys null pointer dereference [CVE-2017-17701]
110730K7 Antivirus K7Sentry.sys null pointer dereference [CVE-2017-17700]
110729K7 Antivirus K7Sentry.sys null pointer dereference [CVE-2017-17699]
110728Zoho ManageEngine Password Manager Pro Reflected cross site scripting🔒
110727Harbor target.go Ping server-side request forgery
110726Techno Portfolio Management Panel search.php Path information disclosure
110725Techno Portfolio Management Panel search.php sql injection
110724Techno Portfolio Management Panel search.php cross site scripting
110723Techno Portfolio Management Panel portfolio.php access control
110722VideoLAN VLC Media Player MP4 Converter libmp4.c Invalid Free use after free🔒🔒
110721Synaptics TouchPad Driver Registry information disclosure [CVE-2017-17556]🔒
110720Ruby Net::FTP os command injection [CVE-2017-17405]🔒🔒
110719Meinberg Lantime Web Configuration Utility path traversal [CVE-2017-16788]
110718Meinberg Lantime Web Configuration Utility mainv2 information disclosure
110717Mckesson Conserus Workflow Intelligence credentials management
110716Synology MailPlus Server cross site scripting [CVE-2017-15890]
110715Fortinet FortiClient information disclosure [CVE-2017-14184]
110714Mckesson Conserus Image Repository Archive Solution xml external entity reference
110713Trend Micro ScanMail for Exchange Log Query/Quarantine Query cross site scripting🔒
110712Trend Micro ScanMail for Exchange Web Interface cross-site request forgery🔒
110711Trend Micro ScanMail for Exchange Other Update Sources insufficient verification of data authenticity🔒
110710Trend Micro ScanMail for Exchange inadequate encryption [CVE-2017-14090]🔒
110709Cisco ASA 5500 TLS Protocol Bleichenbacher cryptographic issues🔒
110708Trend Micro Encryption for Email DLL Preloader untrusted search path
110707Qt access control [CVE-2017-10905]
110706Qt os command injection [CVE-2017-10904]
110705Fortinet FortiClient Security Alert access control [CVE-2017-7344]
110704Rapid7 Nexpose Web Application cross-site request forgery [CVE-2017-5264]
110703Phusion Passenger Spawner.h information disclosure🔒
110702ecstatic npm Regular Expression ecstatic.js input validation
110701Apache Fineract Query sql injection [CVE-2017-5663]
110700Panda Global Protection memory corruption [CVE-2017-17684]🔒
110699Panda Global Protection memory corruption [CVE-2017-17683]🔒
110698ImageMagick WPG Image wpg.c ExtractPostscript resource consumption🔒🔒
110697ImageMagick psd.c ReadPSDChannelZip resource consumption🔒
110696ImageMagick XPM Image xpm.c ReadXPMImage memory corruption🔒
110695Bob Hepple gjots2 URL injection
110694Mensis URL uiutil.c injection
110693Tkabber URL injection [CVE-2017-17533]
110692Kiwi URL injection
110691GNU Global URL gozilla.c injection🔒🔒
110690Geomview URL help.c injection
110689AbiWord URL ut_go_file.cpp injection
110688ScummVM URL posix.cpp injection🔒🔒
110687PasDoc URL WWWBrowserRunnerDM.pas injection
110686Bernard Parisse Giac URL injection
110685xTuple PostBooks URL guiclient.cpp injection
110684SWI-Prolog URL injection
110683Python URL injection
110682FontForge URL uiutil.c injection
110681TIN URL injection [Disputed]
110680OCaml Batteries URL batteriesConfig.mlp injection
110679White_dune URL browser.c injection
110678Sylpheed URL utils.c injection
110677Reddit Terminal Viewer URL injection
110676Metview URL ObjectList injection
110675nip2 URL boxes.c injection
110674TeX Live URL mtxrun.lua injection
110673KildClient URL prefs.c injection🔒
110672Fortinet FortiOS SSL VPN Web Portal Session information disclosure🔒
110671vBulletin cacheTemplates unserialize deserialization🔒
110670vBulletin path traversal [CVE-2017-17671]
110669Exiv2 pngchunk_int.cpp keyTXTChunk memory corruption🔒
110668Octopus Deploy Update Process access control [CVE-2017-17665]🔒
110667Digium Asterisk RTCP Stack memory corruption [CVE-2017-17664]🔒🔒
110666Entrepreneur Dating Script search_result.php sql injection
110665Citrix Netscaler Application Delivery Controller/Gateway TLS Handshake information disclosure🔒
110664MikroTik RouterBOARD TCP Service 53 input validation [CVE-2017-17537]🔒
110663radware Alteon Private Key Bleichenbacher cryptographic issues🔒
110662Citrix Netscaler Application Delivery Controller TLS Bleichenbacher information disclosure🔒
110661IBM Tivoli Workload Scheduler information disclosure [CVE-2017-1716]
110660IBM Tivoli Monitoring use after free [CVE-2017-1635]
110659IBM Maximo Asset Management redirect [CVE-2017-1558]
110658Norton Family Android App information disclosure [CVE-2017-15530]
110657Norton Family Android App resource consumption [CVE-2017-15529]
110656IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1546]
110655Atlassian Bamboo Branch Name command injection [CVE-2017-14590]🔒🔒
110654Atlassian Bamboo Double OGNL Evaluation Java input validation🔒🔒
110653EMC Isilon OneFS compadmin isi_get_profile access control
110652IBM iNotes Web UI cross site scripting [CVE-2017-1421]
110651Adobe Flash Player Global Settings denial of service [CVE-2017-11305]🔒🔒
110650tibbr Community/tibbr Enterprise User Profiles access control🔒
110649tibbr Community/tibbr Enterprise SAML access control [CVE-2017-5530]🔒
110648VMware AirWatch Console/AirWatch Inbox Access Control access control
110647Basic Job Site Script job sql injection
110646Resume Clone Script preview.php sql injection
110645Advanced World Database city.php sql injection
110644Muslim Matrimonial Script success-story.php sql injection
110643Groupon Clone Script city_ajax.php sql injection
110642Car Rental Script countrycode1.php sql injection
110641MLM Forced Matrix news-detail.php sql injection
110640MLM Forex Market Plan Script news_detail.php sql injection
110639Single Theater Booking Script findcity.php sql injection
110638Multiplex Movie Theater Booking Script trailer-detail.php sql injection
110637Responsive Events And Movie Ticket Booking findcity.php sql injection
110636Multireligion Responsive Matrimonial success-story.php sql injection
110635Yoga Class Script list sql injection
110634Secure E-commerce Script category.php sql injection
110633Responsive Realestate Script sql injection [CVE-2017-17628]
110632Readymade Video Sharing Script single-video-detail.php sql injection
110631Readymade PHP Classified Script categories sql injection
110630Professional Service Script sql injection [CVE-2017-17625]
110629PHP Multivendor Ecommerce single_detail.php sql injection
110628Opensource Classified Ads Script advance_result.php sql injection
110627Online Exam Test Application exams.php sql injection
110626Multivendor Penny Auction Clone Script detail sql injection
110625Lawyer Search Script lawyer-list sql injection
110624Laundry Booking Script list sql injection
110623Kickstarter Clone Script investcalc.php sql injection
110622Foodspotting Clone Script quicksearch.php sql injection
110621Event Search Script event-list sql injection
110620Facebook Clone Script friend-profile.php sql injection
110619Food Order Script list sql injection
110618Freelance Website Script jobdetails.php sql injection
110617Hot Scripts Clone categories sql injection
110616Doctor Search Script list sql injection
110615E-commerce MLM Software service_detail.php sql injection
110614Chartered Accountant Booking Script service-list sql injection
110613Child Care Script list sql injection
110612CMS Auditor Website news-detail sql injection
110611Co-work Space Search Script list sql injection
110610Consumer Complaints Clone Script other-user-profile.php sql injection
110609Entrepreneur Bus Booking Script booker_details.php sql injection
110608Advanced Real Estate Script search-results.php sql injection
110607Advance B2B Script tradeshow-list-detail.php sql injection
110606Cab Booking Script service-list sql injection
110605Basic B2B Script product_details.php sql injection
110604Advance Online Learning Management Script courselist.php sql injection
110603Affiliate MLM Script product-category.php sql injection
110602Nearbuy Clone Script category_list.php sql injection
110601Entrepreneur Job Portal Script jobsearch_all.php sql injection
110600Beauty Parlour Booking Script list sql injection
110599DomainSale PHP Script domain.php sql injection
110598Simple Chatting System File Upload my_profile.php access control
110597Website Auction Marketplace search.php sql injection
110596Realestate Crowdfunding Script single-cause.php sql injection
110595FS Stackoverflow Clone question sql injection
110594FS Thumbtack Clone browse-category.php sql injection
110593FS IMDB Clone movie.php sql injection
110592FS Indiamart Clone catcompany.php sql injection
110591FS Olx Clone subpage.php sql injection
110590FS Monster Clone Employer_Details.php sql injection
110589FS Makemytrip Clone show-flight-result.php sql injection
110588FS Shutterstock Clone Category sql injection
110587FS Grubhub Clone food sql injection
110586FS Quibids Clone itechd.php sql injection
110585FS Linkedin Clone group.php sql injection
110584FS Freelancer Clone profile.php sql injection
110583FS Crowdfunding Script latest_news_details.php sql injection
110582FS Trademe Clone search_item.php sql injection
110581FS Gigs Script browse-category.php sql injection
110580FS Groupon Clone item_details.php sql injection
110579FS Care Clone searchJob.php sql injection
110578FS Ebay Clone product.php sql injection
110577FS Amazon Clone VerAyari sql injection
110576FS Foodpanda Clone food sql injection
110575FS Expedia Clone pages.php sql injection
110574Scubez Posty Readymade Classifieds user_activate_submit.php cross site scripting
110573Scubez Posty Readymade Classifieds Access Control user_activate_submit.php access control
110572Scubez Posty Readymade Classifieds user_activate_submit.php sql injection
110571MikroTik ICMP Packet resource management [CVE-2017-17538]🔒
110570Micro Focus Project/Portfolio Management Center cross-site request forgery
110569Micro Focus Project/Portfolio Management Center access control
110568wolfSSL Bleichenbacher Oracle Key Recovery cryptographic issues🔒
110567BouncyCastle TLS JCE Key Recovery cryptographic issues🔒🔒
110566Microsoft Edge Scripting Engine information disclosure [CVE-2017-11919]🔒🔒
110565Microsoft Edge Scripting Engine memory corruption [CVE-2017-11912]🔒🔒
110564Microsoft Edge Scripting Engine memory corruption [CVE-2017-11895]🔒🔒
110563Microsoft Edge Scripting Engine memory corruption [CVE-2017-11894]🔒🔒
110562Intel Graphics Driver Content Protection HECI Service type conversion
110561Xen Shadow Mode data processing [CVE-2017-17566]🔒🔒
110560Xen Shadow Mode input validation [CVE-2017-17565]🔒🔒
110559Xen Error 7pk error [CVE-2017-17564]🔒🔒
110558Xen Shadow Mode memory corruption [CVE-2017-17563]🔒🔒
110557EmbedThis GoAhead cgi.c cgiHandler input validation🔒
110556SeaCMS admin_ping.php access control
110555Western Digital MyCloud PR4100 Web Administration multi_uploadify.php improper authentication🔒🔒
110554openstack-tripleo-heat-templates Permission access control [CVE-2017-12155]
110553Microsoft Office information disclosure [CVE-2017-11939]
110552Microsoft SharePoint Enterprise Server Web Request access control🔒
110551Microsoft Excel memory corruption [CVE-2017-11935]
110550Microsoft PowerPoint information disclosure [CVE-2017-11934]🔒🔒
110549Microsoft Exchange Server Outlook Web Access input validation🔒
110548Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110547Microsoft Windows its:/ Protocol information disclosure [CVE-2017-11927]🔒🔒
110546Microsoft Internet Explorer Scripting Engine information disclosure🔒🔒
110545Microsoft Edge Scripting Engine memory corruption [CVE-2017-11918]🔒🔒
110544Microsoft ChakraCore Scripting Engine memory corruption [CVE-2017-11916]
110543Microsoft Edge Scripting Engine GetPropertyBuiltIns memory corruption🔒🔒
110542Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110541Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110540Microsoft Edge Scripting Engine asm.js memory corruption🔒🔒
110539Microsoft Edge Scripting Engine memory corruption [CVE-2017-11910]🔒🔒
110538Microsoft Edge Scripting Engine RemoveEmptyLoopAfterMemOp memory corruption🔒🔒
110537Microsoft Edge Scripting Engine memory corruption [CVE-2017-11908]🔒🔒
110536Microsoft Internet Explorer Scripting Engine JScript.dll Array.sort memory corruption🔒🔒
110535Microsoft Internet Explorer Scripting Engine LastParen information disclosure🔒🔒
110534Microsoft Edge Scripting Engine memory corruption [CVE-2017-11905]🔒🔒
110533Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110532Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110531Microsoft Windows Device Guard 7pk security [CVE-2017-11899]🔒🔒
110530Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110529Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110528Microsoft Edge Scripting Engine Op_MinInAnArray memory corruption🔒🔒
110527Microsoft Internet Explorer Scripting Engine Compile memory corruption🔒🔒
110526Microsoft Edge Scripting Engine memory corruption [CVE-2017-11889]🔒🔒
110525Microsoft Edge memory corruption [CVE-2017-11888]🔒🔒
110524Microsoft Internet Explorer Scripting Engine information disclosure🔒🔒
110523Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
110522Microsoft Windows RRAS input validation [CVE-2017-11885]🔒🔒🔒
110521Erlang otp TLS Server RSA PKCS Padding cryptographic issues [CVE-2017-1000385]🔒🔒
110520Linux Kernel USB Core System config.c usb_destroy_configuration out-of-bounds write🔒🔒
110519FFmpeg/aubio libswresample audioconvert.c swri_audio_convert null pointer dereference🔒
110518aubio source_avcodec.c aubio_source_avcodec_readframe null pointer dereference🔒
110517SAP Basis Note Assistant tool Signature input validation
110516SAP Plant Connectivity NwSapSetup/Installation Self-Extracting Program DWMAPI.dll untrusted search path
110515SAP Kernel Trusted RFC Connection improper authentication [CVE-2017-16689]
110514SAP HANA User Self-Service Tools information disclosure
110513SAP Business Warehouse Universal Data Integration Encoding cross site scripting
110512SAP Business Intelligence Promotion Management Application improper authentication
110511SAP Business Objects Platform denial of service [CVE-2017-16683]
110510SAP NetWeaver Internet Transaction Server code injection [CVE-2017-16682]
110509SAP Business Intelligence Promotion Management Applicatio Encoding cross site scripting
110508SAP HANA HTTP/REST Endpoint Controller Log injection
110507SAP Kernel Startup Service redirect [CVE-2017-16679]
110506SAP EPBC2 server-side request forgery [CVE-2017-16678]
110505CogniToys Dino Smart Toy Voice Traffic key management [CVE-2017-8867]
110504CogniToys Dino Smart Toy VoIP Traffic risky encryption [CVE-2017-8866]
110503CogniToys Dino Smart Toy VoIP Traffic information disclosure
110502ACDSee Ultimate PSD File out-of-bounds write [CVE-2017-2886]
110501IBM WebSphere MQ Queue Manager access control [CVE-2017-1760]
110500MoboTap Dolphin Browser Intent URI Scheme 7pk security [CVE-2017-17553]
110499MoboTap Dolphin Browser Backup/Restore input validation [CVE-2017-17551]
110498Posty Readymade Classifieds Script listings.php sql injection
110497Techno Portfolio Management Panel single.php sql injection
110496IBM Connections Engagement Center Web UI cross site scripting
110495Phoenix Contact FL Comserver cross site scripting [CVE-2017-16723]
110494IBM Sterling File Gateway Web UI cross site scripting [CVE-2017-1632]
110493IBM Connections Engagement Center Template information disclosure
110492IBM Financial Transaction Manager sql injection [CVE-2017-1606]
110491Palo Alto PAN-OS Management Interface access control [CVE-2017-15944]🔒
110490Palo Alto PAN-OS Web Interface server-side request forgery [CVE-2017-15943]🔒
110489Palo Alto PAN-OS Management Interface resource management [CVE-2017-15942]🔒
110488Palo Alto PAN-OS Web Interface command injection [CVE-2017-15940]🔒
110487Node.js Encoding Buffer.alloc information disclosure🔒
110486Node.js TLS Handshake SSL_read 7pk error🔒
110485Palo Alto GlobalProtect Agent access control [CVE-2017-15870]
110484Apache Synapse Apache Commons Collections injection [CVE-2017-15708]
110483IBM Sterling File Gateway Password 7pk security [CVE-2017-1550]
110482IBM Sterling File Gateway Web UI cross site scripting [CVE-2017-1549]
110481IBM Sterling File Gateway path traversal [CVE-2017-1548]
110480IBM WebSphere Portal cross site scripting [CVE-2017-1536]
110479IBM Jazz Foundation information disclosure [CVE-2017-1507]
110478QNAP Qsync untrusted search path [CVE-2017-13070]
110477Check_MK HTTP Basic Authentication cross site scripting [CVE-2017-11507]🔒🔒
110476Perspective ICM Investigation / Case access control [CVE-2017-11319]
110475Linux Kernel Diagnostic Port unusual condition [CVE-2017-1000407]🔒🔒
110474Clustered Data ONTAP VASA Provider Credentials credentials management
110473Puppet Enterprise Cookie information disclosure [CVE-2015-8470]
110472Puppet Enterprise Console cross site scripting [CVE-2015-6502]
110471Huawei EC156/EC176/EC177 Partner.exe untrusted search path
110470puppet Configuration File certificate validation [CVE-2014-3250]🔒
110469Phabricator Mercurial hg command injection [CVE-2017-17536]
110468LilyPond lilypond-invoke-editor injection [CVE-2017-17523]
110467sensible-utils sensible-browser injection [CVE-2017-17512]🔒🔒
110466LANDesk Management Suite permission [CVE-2017-11463]
110465Apple watchOS Wi-Fi KRACK 7pk security🔒🔒
110464Apple watchOS Kernel information disclosure [CVE-2017-13869]🔒🔒
110463Apple watchOS Kernel information disclosure [CVE-2017-13868]🔒🔒
110462Apple watchOS Kernel information disclosure [CVE-2017-13865]🔒🔒
110461Apple watchOS Kernel memory corruption [CVE-2017-13867]🔒🔒
110460Apple watchOS Kernel type conversion [CVE-2017-13855]🔒🔒
110459Apple watchOS Kernel memory corruption [CVE-2017-13833]🔒🔒
110458Apple watchOS Kernel memory corruption [CVE-2017-13876]🔒🔒
110457Apple watchOS Kernel memory corruption [CVE-2017-13862]🔒🔒
110456Apple watchOS IOSurface memory corruption [CVE-2017-13861]
110455HDF5 H5Gcache.c H5G__ent_decode_vec out-of-bounds write
110454HDF5 H5T.c H5T_set_loc divide by zero
110453HDF5 H5Tconv.c H5T_conv_struct_opt out-of-bounds read
110452HDF5 H5Opline.c H5Opline_pline_decode out-of-bounds read
110451HDF5 H5Opline.c H5O_pline_decode null pointer dereference
110450ImageMagick png.c ReadOneMNGImage memory corruption🔒🔒
110449GraphicsMagick gray.c ReadGRAYImage out-of-bounds read🔒🔒
110448GraphicsMagick cmyk.c ReadCMYKImage out-of-bounds read🔒🔒
110447GraphicsMagick png.c WriteOnePNGImage out-of-bounds read🔒🔒
110446GraphicsMagick rgb.c ReadRGBImage out-of-bounds read🔒🔒
110445ImageMagick Image.cpp read use after free🔒🔒
110444GraphicsMagick pnm.c WritePNMImage memory corruption🔒🔒
110443TIBCO BusinessWorks Process Monitor Integration Matters nJAMS cross site scripting
110442tidy clean.c prvTidyTidyMetaCharset memory corruption
110441idevicerestore Access Restriction socket.c socket_create access control
110440International Components for Unicode ucnv_u8.cpp ucnv_UTF8FromUTF8 memory corruption🔒🔒
110439Adobe Flash Player Out-of-Range out-of-bounds read [CVE-2017-3114]🔒🔒
110438Adobe Flash Player AdobePSDK Pointer out-of-bounds read🔒🔒
110437Adobe Experience Manager Token information disclosure [CVE-2017-3111]
110436Adobe Experience Manager HtmlRendererServlet Reflected cross site scripting
110435AMAG Symmetry Door Edge Network Controller Serial over TCP/IP access control
110434Adobe Photoshop use after free [CVE-2017-11304]🔒🔒
110433Adobe Photoshop memory corruption [CVE-2017-11303]🔒🔒
110432Adobe InDesign memory corruption [CVE-2017-11302]🔒
110431Adobe Digital Editions information disclosure [CVE-2017-11301]🔒🔒
110430Adobe Digital Editions information disclosure [CVE-2017-11300]🔒🔒
110429Adobe Digital Editions information disclosure [CVE-2017-11299]🔒🔒
110428Adobe Digital Editions information disclosure [CVE-2017-11298]🔒🔒
110427Adobe Digital Editions information disclosure [CVE-2017-11297]🔒🔒
110426Adobe Experience Manager Apache Sling Servlets Post cross site scripting
110425Adobe DNG Converter memory corruption [CVE-2017-11295]🔒
110424Adobe Shockwave memory corruption [CVE-2017-11294]🔒🔒
110423Adobe Connect server-side request forgery [CVE-2017-11291]🔒🔒
110422Adobe Connect 7pk security [CVE-2017-11290]🔒🔒
110421Adobe Connect Reflected cross site scripting [CVE-2017-11289]🔒🔒
110420Adobe Connect Reflected cross site scripting [CVE-2017-11288]🔒🔒
110419Adobe Connect Reflected cross site scripting [CVE-2017-11287]🔒🔒
110418Adobe Digital Editions XML File information disclosure [CVE-2017-11273]🔒🔒
110417Adobe Flash Player use after free [CVE-2017-11225]🔒🔒
110416Adobe Flash Player use after free [CVE-2017-11215]🔒🔒
110415Adobe Flash Player out-of-bounds read [CVE-2017-11213]🔒🔒
110414Apple macOS Screen Sharing Server privileges management [CVE-2017-13826]🔒🔒
110413Apple macOS OpenSSL memory corruption [CVE-2017-3735]🔒🔒
110412Apple macOS Mail Drafts information disclosure [CVE-2017-13860]🔒🔒
110411Apple macOS Mail state issue [CVE-2017-13871]🔒🔒
110410Apple macOS Kernel information disclosure [CVE-2017-13869]🔒🔒
110409Apple macOS Kernel information disclosure [CVE-2017-13868]🔒🔒
110408Apple macOS Kernel information disclosure [CVE-2017-13865]🔒🔒
110407Apple macOS Kernel memory corruption [CVE-2017-13867]🔒🔒
110406Apple macOS Kernel type conversion [CVE-2017-13855]🔒🔒
110405Apple macOS Kernel memory corruption [CVE-2017-13876]🔒🔒
110404Apple macOS Kernel memory corruption [CVE-2017-13833]🔒🔒
110403Apple macOS Kernel memory corruption [CVE-2017-13862]🔒🔒
110402Apple macOS IOKit memory corruption [CVE-2017-13847]🔒🔒
110401Apple macOS IOKit input validation [CVE-2017-13858]🔒🔒
110400Apple macOS IOKit input validation [CVE-2017-13848]🔒🔒
110399Apple macOS IOAcceleratorFamily information disclosure [CVE-2017-13844]🔒🔒
110398Apple macOS Intel Graphics Driver out-of-bounds read [CVE-2017-13875]🔒🔒
110397Apple macOS Intel Graphics Driver out-of-bounds read [CVE-2017-13878]🔒🔒
110396Apple macOS Intel Graphics Driver memory corruption [CVE-2017-13883]🔒🔒
110394Apple macOS curl memory corruption [CVE-2017-1000254]🔒🔒
110393Apple macOS apache use after free [CVE-2017-9798]🔒🔒🔒
110392Apple iOS Mail Drafts information disclosure [CVE-2017-13860]🔒🔒
110391Apple iOS Mail 7pk security [CVE-2017-13874]
110390Apple iOS Kernel information disclosure [CVE-2017-13869]🔒🔒
110389Apple iOS Kernel information disclosure [CVE-2017-13868]🔒🔒
110388Apple iOS Kernel information disclosure [CVE-2017-13865]🔒🔒
110387Apple iOS Kernel memory corruption [CVE-2017-13867]🔒🔒
110386Apple iOS Kernel type conversion [CVE-2017-13855]🔒🔒
110385Apple iOS Kernel memory corruption [CVE-2017-13833]🔒🔒
110384Apple iOS Kernel memory corruption [CVE-2017-13876]🔒🔒
110383Apple iOS Kernel memory corruption [CVE-2017-13862]🔒🔒
110382Apple iOS IOSurface memory corruption [CVE-2017-13861]🔒
110381Apple iOS IOMobileFrameBuffer memory corruption [CVE-2017-13879]
110380Apple iOS IOKit memory corruption [CVE-2017-13847]🔒🔒
110379Apple tvOS Wi-Fi random values [CVE-2017-13080]🔒🔒
110378Apple tvOS Kernel information disclosure [CVE-2017-13869]🔒🔒
110377Apple tvOS Kernel information disclosure [CVE-2017-13868]🔒🔒
110376Apple tvOS Kernel information disclosure [CVE-2017-13865]🔒🔒
110375Apple tvOS Kernel memory corruption [CVE-2017-13867]🔒🔒
110374Apple tvOS Kernel type conversion [CVE-2017-13855]🔒🔒
110373Apple tvOS Kernel memory corruption [CVE-2017-13833]🔒🔒
110372Apple tvOS Kernel memory corruption [CVE-2017-13876]🔒🔒
110371Apple tvOS Kernel memory corruption [CVE-2017-13862]🔒🔒
110370Apple tvOS IOSurface memory corruption [CVE-2017-13861]
110369OpenJPEG convert.c pgxtovolume out-of-bounds write🔒🔒
110368OpenJPEG convert.c pgxtoimage out-of-bounds write🔒🔒
110367TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17475]
110366TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17474]
110365TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17473]
110364TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17472]
110363TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17471]
110362TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17470]
110361TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17469]
110360TG Soft Vir.IT eXplorer Lite access control [CVE-2017-17468]
110359TG Soft Vir.IT eXplorer Lite memory corruption [CVE-2017-17467]
110358TG Soft Vir.IT eXplorer Lite access control [CVE-2017-17466]
110357Open Ticket Request System PGP command injection [CVE-2017-16921]🔒🔒
110356Open Ticket Request System Ticket Search information disclosure🔒🔒
110355Synology Router Manager SYNO.FileStation.Extract path traversal
110354Synology DiskStation Manager SYNO.FileStation.Extract path traversal
110353Synology File Station SYNO.FileStation.Extract path traversal
110352Synology Calendar Access Control SYNO.Cal.EventBase access control
110351Kaspersky Embedded Systems Security Kernel memory corruption
110350Microsoft Windows Malware Protection Engine memory corruption🔒🔒
110349Kibana Fix CVE-2017-8451 redirect [CVE-2017-11482]🔒
110348Kibana URL cross site scripting [CVE-2017-11481]🔒
110347Packetbeat PostgreSQL Protocol Logging access control
110346Fluentd Termin UI command injection [CVE-2017-10906]
110345Buffalo BBR-4HG and/BBR-4MG Unresponsive input validation [CVE-2017-10897]
110344Buffalo BBR-4HG and/BBR-4MG cross site scripting [CVE-2017-10896]
110343Public Certification Service for Individuals untrusted search path
110342K7 Antivirus K7Sentry.sys null pointer dereference [CVE-2017-17465]
110341K7 Antivirus K7Sentry.sys null pointer dereference [CVE-2017-17464]
110340Vivo Modem HTML Source Code index.cgi information disclosure
110339npm Regular Expression marked.js input validation
110338OpenSSL Montgomery Multiplication rsaz_1024_mul_avx2 information disclosure🔒🔒
110337OpenSSL Error State SSL_do_handshake 7pk error🔒🔒
110336Fossil SSH Sync Protocol http_transport.c command injection🔒
110335Mercurial Repository post-update os command injection🔒
110334IBM Connections Web UI cross site scripting [CVE-2017-1498]
110333IBM Sterling File Gateway information disclosure [CVE-2017-1497]
110332IBM Sterling File Gateway information disclosure [CVE-2017-1487]
110331IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting
110330IBM Sterling B2B Integrator Standard Edition information disclosure
110329IBM TRIRIGA cross site scripting [CVE-2017-1465]
110328Dell 2335dn/2355dn Web User Interface cross site scripting [CVE-2017-14386]
110327IBM WebSphere MQ RFH Header data processing [CVE-2017-1433]🔒🔒
110326IBM Atlas eDiscovery Process Management sql injection [CVE-2017-1356]
110325IBM Atlas eDiscovery Process Management URL Parameter Referrer information disclosure
110324IBM Atlas eDiscovery Process Management Web UI cross site scripting
110323IBM Atlas eDiscovery Process Management information disclosure
110322IBM Insights Foundation for Energy Error Message information disclosure
110321IBM WebSphere MQ access control [CVE-2017-1341]🔒🔒
110320IBM InfoSphere BigInsights code injection [CVE-2017-1336]
110319IBM Security Guardium Algorithm Negotiation inadequate encryption
110318Microsoft Windows Malware Protection Engine memory corruption🔒🔒
110317Linux Kernel L2CAP Command l2cap_parse_conf_req information disclosure🔒🔒
110316libsndfile ulaw.c d2ulaw_array out-of-bounds read🔒
110315libsndfile alaw.c d2alaw_array out-of-bounds read🔒
110314Sangoma NetBorder/Vega Session Controller Web Interface access control🔒
110313ISPConfig Cron Job access control [CVE-2017-17384]
110312QEMU Virtio Vring divide by zero [CVE-2017-17381]🔒🔒
110311Red Hat Enterprise Linux fuse Filesystem input validation [CVE-2017-15121]🔒
110310WP Mailster Plugin Unsubscribe unsubscribe2.php cross site scripting
110309Linux Kernel Access Restriction xt_osf.c 7pk security🔒🔒
110308Linux Kernel af_netlink.c __netlink_deliver_tap_skb information disclosure🔒🔒
110307Linux Kernel Access Restriction nfnetlink_cthelper.c 7pk security🔒🔒
110306Vaultek Gun Safe VT20i inadequate encryption [CVE-2017-17436]
110305Vaultek Gun Safe VT20i PIN improper authentication [CVE-2017-17435]
110304game-music-emu Data_Reader.cpp read_avail numeric error
110303Auth0 auth0.js Library auth0.popup.callback information disclosure
110302Google Android NVIDIA Mediaserver use after free [CVE-2017-6276]
110301Google Android NVIDIA Driver use after free [CVE-2017-6263]
110300Google Android NVIDIA Driver use after free [CVE-2017-6262]
110299GNU Libextractor xm_extractor.c EXTRACTOR_xm_extract_method null pointer dereference🔒🔒
110298Heimdal KDC kerberos5.c der_length_visible_string null pointer dereference🔒🔒
110297Google Android NVIDIA libwilhelm information disclosure [CVE-2017-13175]
110296Google Android Kernel edl access control [CVE-2017-13174]
110295Google Android MediaTek System Server access control [CVE-2017-13173]
110294Google Android MediaTek Bluetooth Driver access control [CVE-2017-13172]
110293Google Android MediaTek Performance Service access control [CVE-2017-13171]
110292Google Android MediaTek Display Driver access control [CVE-2017-13170]
110291Google Android Kernel Camera Server information disclosure [CVE-2017-13169]
110290Google Android Kernel SCSI Driver access control [CVE-2017-13168]🔒
110289Google Android Kernel Sound Timer access control [CVE-2017-13167]🔒
110288Google Android Kernel v4l2 Video Driver access control [CVE-2017-13166]🔒🔒
110287Google Android Kernel File System access control [CVE-2017-13165]
110286Google Android Kernel Binder Driver information disclosure [CVE-2017-13164]
110285Google Android Kernel MTP USB Driver access control [CVE-2017-13163]
110284Google Android Kernel Binder access control [CVE-2017-13162]
110283Google Android Broadcom Wireless Driver access control [CVE-2017-13161]
110282Google Android Bluetooth access control [CVE-2017-13160]
110281Google Android activitymanagerservice information disclosure
110280Google Android activitymanagerservice information disclosure
110279Google Android activitymanagerservice information disclosure
110278Google Android art access control [CVE-2017-13156]
110277Google Android Media Framework access control [CVE-2017-13154]
110276Google Android Media Framework access control [CVE-2017-13153]
110275Google Android Media Framework information disclosure [CVE-2017-13152]
110274Google Android Media Framework access control [CVE-2017-13151]
110273Google Android Media Framework information disclosure [CVE-2017-13150]
110272Google Android Media Framework information disclosure [CVE-2017-13149]
110271Google Android Media Framework input validation [CVE-2017-13148]🔒
110270Google Android Media Framework access control [CVE-2017-0880]
110269Google Android Media Framework information disclosure [CVE-2017-0879]
110268Google Android Media Framework input validation [CVE-2017-0878]
110267Google Android Media Framework input validation [CVE-2017-0877]
110266Google Android Media Framework input validation [CVE-2017-0876]
110265Google Android Media Framework input validation [CVE-2017-0874]
110264Google Android Media Framework input validation [CVE-2017-0873]
110263Google Android Media Framework input validation [CVE-2017-0872]
110262Google Android Framework Base access control [CVE-2017-0871]
110261Google Android libminikin access control [CVE-2017-0870]
110260Google Android Media Framework access control [CVE-2017-0837]
110259Puppet Agent pxp-agent code injection [CVE-2016-5713]
110258rsync Access Restriction receiver.c read_ndx_and_attrs access control🔒🔒
110257rsync Daemon receiver.c recv_files access control🔒🔒
110256Jenkins Job Configuration cross site scripting [CVE-2017-17383]🔒🔒
110255Amazon Audible ActiveSetupN.exe untrusted search path
110254Google Android Linux Kernel access control [CVE-2017-9716]
110253Google Android Linux Kernel memory corruption [CVE-2017-6211]
110252VMware NSX-V Edge OSPF resource consumption [CVE-2017-4920]
110251OpenAFS Rx ack Packet integer underflow [CVE-2017-17432]🔒🔒
110250GeniXCMS cross site scripting [CVE-2017-17431]
110249Linux Kernel l2cap Socket core.c bnep_add_connection access control🔒🔒
110248Google Android GPS Location Wireless Interface use after free
110247Google Android Message Passing Interface memory corruption [CVE-2017-14917]
110246Google Android Message Passing Interface memory corruption [CVE-2017-14916]
110245Google Android Global Client Structure input validation [CVE-2017-14914]
110244Google Android Count input validation [CVE-2017-14909]
110243Google Android SafeSwitch Test Application input validation [CVE-2017-14908]
110242Google Android Mediaserver access control [CVE-2017-14904]
110241Google Android GLink Kernel Driver use after free [CVE-2017-14902]
110240Google Android Linux Kernel memory corruption [CVE-2017-14897]
110239Google Android Linux Kernel access control [CVE-2017-14895]
110238Dell Storage Manager SMI-S Service hard-coded credentials [CVE-2017-14374]
110237HPE Connected Backup access control [CVE-2017-14355]
110236Johnson & Johnson Ethicon Endo-Surgery Generator Gen11 improper authentication
110235Google Android Linux Kernel integer overflow [CVE-2017-11043]
110234Google Android Linux Kernel HandleMetaImgFlash memory corruption
110233Google Android Linux Kernel use after free [CVE-2017-11006]
110232Google Android Linux Kernel use after free [CVE-2017-11005]
110231Google Android Linux Kernel memory corruption [CVE-2017-9722]
110230Google Android Linux Kernel memory corruption [CVE-2017-9718]
110229Google Android Linux Kernel memory corruption [CVE-2017-9710]
110228Google Android Linux Kernel access control [CVE-2017-9709]
110227Google Android Camera Driver msm_ois_power_down race condition
110226Google Android Camera Driver use after free [CVE-2017-9703]
110225Google Android Linux Kernel fw_name_store memory corruption
110224Google Android Linux Kernel memory corruption [CVE-2017-9698]
110223GNU C Library malloc integer overflow🔒🔒
110222OpenStack Nova FilterScheduler resource management [CVE-2017-17051]
110221Bitbucket Auto-Unapprove Plugin Event access control [CVE-2017-16857]
110220Atlassian Confluence RSS Feed Macro cross site scripting [CVE-2017-16856]🔒
110219Google Android Linux Kernel memory corruption [CVE-2017-15813]
110218Google Android Linux Kernel cryptographic issues [CVE-2017-14907]
110217Google Android Linux Kernel memory corruption [CVE-2017-14905]
110216Google Android Linux Kernel memory corruption [CVE-2017-14903]
110215Google Android Linux Kernel memory corruption [CVE-2017-14901]
110214Google Android Linux Kernel memory corruption [CVE-2017-14900]
110213Google Android Linux Kernel memory corruption [CVE-2017-14899]
110212Google Android Linux Kernel memory corruption [CVE-2017-14898]
110211Google Android Linux Kernel Kernel Memory memory corruption
110210Google Android Linux Kernel memory corruption [CVE-2017-11049]
110209Google Android Graphics Driver copy_from_user Kernel Memory access control
110208Google Android Camera Driver use after free [CVE-2017-11045]
110207Google Android Linux Kernel use after free [CVE-2017-11044]
110206Google Android Access Control access control [CVE-2017-11042]
110205Google Android Linux Kernel use after free [CVE-2017-11033]
110204Google Android Linux Kernel use after free [CVE-2017-11031]
110203Google Android Linux Kernel hdmi_edid_sysfs_rda_res_info Kernel Memory access control
110202Google Android Linux Kernel get_metadata memory corruption
110201Google Android Linux Kernel create_cal_block access control
110200postgresql-common pg_ctlcluster postgresql link following🔒🔒
110199Tor Hidden Service Descriptor memory corruption [CVE-2016-1254]🔒🔒
110198wheezy LZMA File os command injection [CVE-2016-1253]🔒
110197Linux Kernel System Call proto.c dccp_disconnect use after free🔒🔒
110196i2pd/kovri I2P Routing information disclosure [CVE-2017-17066]
110195Claymore Dual GPU Miner Remote Management Interface memory corruption
110194Claymore Dual GPU Miner Remote Management Interface path traversal
110193Synology DiskStation Manager smart.cgi command injection
110192Synology Photo Station HTTP Config File .htaccess information disclosure
110191Synology Photo Station picasa.php File information disclosure
110190QEMU NBD Server out-of-bounds write [CVE-2017-15118]🔒🔒
110189MistServer api cross site scripting
110188Artica Web Proxy freeradius.users.php os command injection
110187ZKTime Web Department Reflected cross site scripting🔒
110186ZKTime Web Modify Password password_change cross-site request forgery🔒
110185Geovap Reliance SCADA cross site scripting [CVE-2017-16721]🔒
110184libav mpegpicture.c ff_free_picture_tables memory corruption🔒
110183libav vc1_mc.c ff_vc1_mc_4mv_chroma4 null pointer dereference
110182libav h264_slice.c h264_slice_init memory corruption
110181libav vc1dec.c vc1_decode_frame null pointer dereference
110180GNU binutils readelf.c load_debug_section memory corruption🔒
110179GNU binutils nm.c _bfd_elf_get_symbol_version_string memory corruption🔒
110178GNU binutils coffgen.c bfd_coff_read_string_table memory corruption🔒
110177GNU binutils coffcode.h coff_slurp_reloc_table null pointer dereference🔒
110176GNU binutils objdump.c dump_relocs_in_section integer overflow🔒
110175GNU binutils libbfd memory corruption [CVE-2017-17121]🔒
110174Ikarus anti.virus ntguard_x64.sys memory corruption [CVE-2017-17114]
110173Ikarus anti.virus ntguard_x64.sys null pointer dereference [CVE-2017-17113]
110172Ikarus anti.virus ntguard_x64.sys memory corruption [CVE-2017-17112]
110171Fiyo CMS check_file.php File information disclosure
110170Fiyo CMS sys_user.php sql injection
110169Fiyo CMS site.php sql injection
110168Flexense SyncBreeze Enterprise HTTP Server memory corruption
110167Content Cards Plugin OpenGraph Data cross site scripting [CVE-2017-17096]
110166Tor Onion Service v2 use after free [CVE-2017-8823]🔒🔒
110165Tor Downloaded Descriptor Anonymity path error🔒🔒
110164Tor PEM Hang memory corruption🔒🔒
110163Tor null pointer dereference [CVE-2017-8820]🔒🔒
110162Tor Replay-Cache Protection access control [CVE-2017-8819]🔒🔒
110161SAP Business Objects Financial Consolidation cross site scripting
110160LibTIFF pal2rgb pal2rgb.c TIFFSetupStrips memory corruption🔒🔒
110159WordPress URL feed.php cross site scripting🔒🔒
110158WordPress HTML Element general-template.php cross site scripting🔒🔒
110157WordPress JS File functions.php cross site scripting🔒🔒
110156WordPress Access Restriction user-new.php access control🔒🔒
110155Cisco Umbrella Virtual Appliance SSH 7pk security [CVE-2017-6679]
110154Adobe RoboHelp redirect [CVE-2017-3105]🔒
110153Adobe RoboHelp cross site scripting [CVE-2017-3104]🔒
110152Digium Asterisk chan_skinny Channel Driver chan_skinny.c resource management🔒🔒
110151VIM SWP File fileio.c information disclosure🔒
110150Indeo Otter script Tag input validation [CVE-2017-17086]
110149Wireshark CIP Safety Dissector packet-cipsafety.c unusual condition🔒🔒
110148Wireshark IWARP_MPA Dissector packet-iwarp-mpa.c unusual condition🔒🔒
110147Wireshark NetBIOS Dissector packet-netbios.c unusual condition🔒🔒
110146ZTE ZXDSL 831CII HTTP Basic Authentication connoppp.cgi improper authentication🔒
110145Arq arq_updater access control [CVE-2017-16895]
110144Piwigo tags.php sql injection🔒
110143libXcursor integer overflow [CVE-2017-16612]🔒🔒
110142libXfont/libXfont2 7pk security [CVE-2017-16611]🔒🔒
110141Apache Struts REST Plugin input validation [CVE-2017-15707]🔒🔒
110140Apache Qpid Broker-J access control [CVE-2017-15702]
110139Apache Qpid Broker-J AMQP Frame resource consumption [CVE-2017-15701]
110138Inedo Otter path traversal [CVE-2017-15607]
110137Arq Auto-Update setpermissions race condition
110136Hikvision Wi-Fi IP Camera Access Point access control [CVE-2017-14953]
110135OhMiBod Remote App OhMiBod API Server OMB.xml cryptographic issues
110134Vibease Wireless Remote Vibrator App information disclosure [CVE-2017-14486]
110133iSmartAlarm CubeOne Password File Credentials information disclosure
110132iSmartAlarm CubeOne Log File Key information disclosure
110131Adobe ColdFusion xml external entity reference [CVE-2017-11286]🔒🔒
110130Adobe ColdFusion Reflected cross site scripting [CVE-2017-11285]🔒🔒
110129Adobe ColdFusion deserialization [CVE-2017-11284]🔒🔒
110128Adobe ColdFusion deserialization [CVE-2017-11283]🔒🔒
110127Adobe Flash Player MP4 Atom Parser memory corruption [CVE-2017-11282]🔒🔒
110126Adobe Flash Player memory corruption [CVE-2017-11281]🔒🔒
110125PTW-WMS1 improper authentication [CVE-2017-10903]
110124PTW-WMS1 os command injection [CVE-2017-10902]
110123PTW-WMS1 memory corruption [CVE-2017-10901]
110122PTW-WMS1 Access Restriction access control [CVE-2017-10900]
110121A-Reserve/A-Reserve for MT Cloud sql injection [CVE-2017-10899]
110120A-Member/A-Member for MT Cloud sql injection [CVE-2017-10898]
110119sDNSProxy.exe unusual condition [CVE-2017-10895]
110118StreamRelay.NET.exe unusual condition [CVE-2017-10894]
110117Music Center for PC untrusted search path [CVE-2017-10892]
110116Media Go untrusted search path [CVE-2017-10891]
110115PWR-Q200 DNS Query Cache Poisoning random values
110114QND path traversal [CVE-2017-10861]
110113Lenovo XClarity Administrator LXCA Web User Interface information disclosure
110112FFmpeg MPEG File mpegvideodsp.c gmc_mmx out-of-bounds read🔒🔒
110111GNU binutils libbfd elf.c memory corruption🔒
110110D-Link DIR-605L HNAP input validation [CVE-2017-17065]🔒
110109Linux Kernel rng.c rngapi_reset null pointer dereference🔒
110108Restlet Framework REST API HTTP Request xml external entity reference
110107Restlet Framework SimpleXMLProvider xml external entity reference
110106Apache CXF Fediz Spring cross-site request forgery [CVE-2017-12631]
110105OpenDaylight Karaf Cache 7pk security [CVE-2017-1000406]
110104Linux Kernel THP pmd_mkdirty race condition🔒🔒
110103Splunk Enterprise Web Impersonation access control🔒
110102Squiz Matrix Tag access control [CVE-2017-14198]
110101Squiz Matrix WYSIWYG Plugin Reflected cross site scripting
110100Squiz Matrix File Bridge Plugin path traversal [CVE-2017-14196]
110099Cisco WebEx Network Recording Player ARF/WRF File memory corruption🔒
110098Cisco WebEx Network Recording Player ARF/WRF File memory corruption🔒
110097Cisco WebEx Network Recording Player ARF/WRF File memory corruption🔒
110096Cisco WebEx Network Recording Player ARF/WRF File out-of-bounds read🔒
110095Cisco WebEx Network Recording Player ARF/WRF File memory corruption🔒
110094Cisco WebEx Network Recording Player ARF/WRF File input validation🔒
110093Cisco WebEx Meeting Center cross site scripting [CVE-2017-12366]
110092Cisco WebEx Event Center information disclosure [CVE-2017-12365]
110091Cisco Prime Service Catalog SQL Query sql injection [CVE-2017-12364]
110090Cisco WebEx Meeting Server Welcome Message access control [CVE-2017-12363]
110089Cisco Meeting Server resource management [CVE-2017-12362]
110088Cisco Jabber information disclosure [CVE-2017-12361]
110087Cisco WebEx Network Recording Player WRF Player resource management
110086Cisco WebEx Network Recording Player ARF Player memory corruption
110085Cisco Jabber Web-based Management Interface cross site scripting
110084Cisco Unified Communications Manager Web-based Management Interface cross site scripting
110083Cisco Jabber Web-based Management Interface cross site scripting
110082Cisco IOS XR Local Packet Transport Services resource management
110081Cisco Secure Access Control System Web Interface information disclosure
110080Cisco Email Security Appliance MIME Scanner 7pk security [CVE-2017-12353]🔒
110079Cisco Application Policy Infrastructure Controller Script File command injection
110078Cisco NX-OS Guest Shell access control [CVE-2017-12351]
110077Cisco UCS Central Software Web-based Management Interface cross site scripting
110076Cisco UCS Central Software Web-based Management Interface cross site scripting
110075Cisco Data Center Network Manager Configuration Parameter cross site scripting
110074Cisco Data Center Network Manager Configuration Parameter cross site scripting
110073Cisco Data Center Network Manager Configuration Parameter input validation
110072Cisco Data Center Network Manager Configuration Parameter redirect
110071Cisco Data Center Network Manager Configuration Parameter input validation
110070Cisco NX-OS Open Agent Container access control [CVE-2017-12342]
110069Cisco NX-OS CLI command injection [CVE-2017-12341]
110068Cisco NX-OS access control [CVE-2017-12340]
110067Cisco NX-OS CLI command injection [CVE-2017-12339]
110066Cisco NX-OS CLI input validation [CVE-2017-12338]
110065Cisco NX-OS TCL Script Subsystem input validation [CVE-2017-12336]
110064Cisco NX-OS CLI command injection [CVE-2017-12335]
110063Cisco NX-OS CLI input validation [CVE-2017-12334]
110062Cisco NX-OS Software Image signature verification [CVE-2017-12333]
110061Cisco NX-OS Patch Installation unrestricted upload [CVE-2017-12332]
110060Cisco NX-OS Software Patch signature verification [CVE-2017-12331]
110059Cisco NX-OS CLI Parser command injection [CVE-2017-12330]
110058Cisco Firepower Extensible Operating System/NX-OS CLI Parser command injection
110057Cisco IP Phone 8800 Session Initiation Protocol input validation🔒
110056Cisco WebEx Meeting Center Access Control input validation [CVE-2017-12297]
110055cURL/libcURL SSL Library memory corruption [CVE-2017-8818]🔒
110054cURL/libcURL FTP Wildcard out-of-bounds read [CVE-2017-8817]🔒🔒
110053cURL/libcURL NTLM Authentication integer overflow [CVE-2017-8816]🔒🔒
110052amtyThumb amty-thumb-recent-post amtyThumbPostsAdminPg.php cross site scripting
110051Atlassian FishEye/Crucible argument injection [CVE-2017-14591]🔒
110050EMC RSA Authentication Agent API 7pk error [CVE-2017-14378]
110049EMC RSA Authentication Agent for Web improper authentication🔒
110048Fortinet FortiWebManager Access Control access control [CVE-2017-14189]
110047Fortinet FortiOS Web Portal cross site scripting [CVE-2017-14186]🔒
110046Apple macOS Directory Utility Login improper authentication🔒🔒
110045WooCommerce Plugin path traversal [CVE-2017-17058]
110044aubio source_wavread.c new_aubio_source_wavread divide by zero🔒
110043Linux Kernel Crafted Program mmu_context.h init_new_context use after free🔒
110042Linux Kernel Crafted Program fork.c mm_init use after free🔒
110041TG Soft Vir.IT eXplorer Lite Viragtlt null pointer dereference
110040TG Soft Vir.IT eXplorer Lite Viragtlt null pointer dereference
110039Dahua IP Camera/IP PTZ Temporary Password cryptographic issues
110038Xen DRAM information disclosure [CVE-2017-17046]🔒🔒
110037Xen PoD Error access control [CVE-2017-17045]🔒🔒
110036Xen PoD Error data processing [CVE-2017-17044]🔒🔒
110035Emag Marketplace Connector Plugin awb-meta-box.php Reflected cross site scripting
110034YARD file.rb path traversal [CVE-2017-17042]🔒🔒
110033KMPlayer NSV File input validation [CVE-2017-16952]
110032WinAmp Pro Media File input validation [CVE-2017-16951]
110031CS-Cart Administration files unrestricted upload
110030EMC ScaleIO SDBG Service memory corruption [CVE-2017-8020]
110029EMC ScaleIO MDM/SDS/LIA input validation [CVE-2017-8019]
110028EMC ScaleIO Log File credentials management [CVE-2017-8001]
110027Cloud Foundry Cloud Controller Takeover access control
110026Pebble Smartwatch UUID Storage information disclosure [CVE-2016-10702]
110025Hitachi Vantara Pentaho BA Business Analytics cross-site request forgery
110024Dahua IPC-HDW4300S Firmware Upgrade improper authentication [CVE-2017-9316]
110023Linux Kernel pagewalk.c mincore Kernel Memory information disclosure🔒🔒
110022IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1689]
110021IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1688]
110020IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1678]
110019IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1650]
110018IBM Business Process Manager Event Manager improper authorization
110017IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1607]
110016IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1593]
110015IBM Jazz Foundation Stack Trace information disclosure [CVE-2017-1570]
110014IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1560]
110013libvirtd config [CVE-2017-15114]
110012Foreman Facts Submission Stored cross site scripting🔒🔒
110011TeamPass Access Control items.queries.php access control🔒
110010TeamPass File Upload upload.files.php unrestricted upload🔒
110009TeamPass Access Control roles.queries.php access control🔒
110008TeamPass Access Control users.queries.php access control🔒
110007TeamPass Stored cross site scripting [CVE-2017-15051]🔒
110006IBM WebSphere Commerce Enterprise information disclosure [CVE-2017-1484]
110005IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1461]
110004Hipchat Desktop Client Video Call Link Parser memory corruption
110003Hipchat Server server-side request forgery [CVE-2017-14585]
110002IBM WebSphere MQ resource management [CVE-2017-1283]
110001IBM Collaborative Lifecycle Management CLM Application information disclosure
110000IBM Rhapsody DM Error Message information disclosure [CVE-2017-1240]
109999Jos de Jong typed-function input validation [CVE-2017-1001004]
109998math.js Unicode Character input validation [CVE-2017-1001003]
109997math.js code injection [CVE-2017-1001002]🔒
109996xiphux GitPHP os command injection [CVE-2017-1000214]
109995Swagger Parser/Codegen YAML Parser code [CVE-2017-1000207]
109994Evince Printing to PDF command injection [CVE-2017-1000159]🔒🔒
109993Zulip Server Invitation System User improper authentication
109992IBM Jazz Error Message information disclosure [CVE-2016-6024]
109991Seagate ST500LT015 SED 7pk security [CVE-2015-7269]
109990Samsung 850 Pro/PM851 SED 7pk security [CVE-2015-7268]
109989Samsung 850 Pro/PM851 SED 7pk security [CVE-2015-7267]
109988Pivotal Spring AMQP deserialization [CVE-2017-8045]
109987Pivotal Single Sign-On for PCF cross site scripting [CVE-2017-8044]
109986Pivotal Spring Web Flow Incomplete Fix 7pk security [CVE-2017-8039]
109985Cloud Foundry Access Control List access control [CVE-2017-8038]
109984Cloud Foundry improper authorization [CVE-2017-8031]
109983Pivotal Spring-LDAP credentials management [CVE-2017-8028]🔒🔒
109982Pivotal Spring Security deserialization [CVE-2017-4995]
109981Communigate Pro WebMail Stored cross site scripting
109980BigTree CMS auto-modules.php sql injection🔒
109979TP-LINK TL-WVR/TL-WAR/TL-ER/TL-R uhttpd interface.lua get_device_byif command injection
109978TP-LINK TL-WVR/TL-WAR/TL-ER/TL-R uhttpd luci File path traversal
109977TP-LINK TL-WVR/TL-WAR/TL-ER/TL-R uhttpd bridge.lua get_device_byif command injection
109976TP-LINK TL-WVR/TL-WAR/TL-ER/TL-R uhttpd diagnostic.lua zone_get_effect_devices command injection
109975b3log Symphony article cross site scripting
109974InLinks Plugin options-general.php sql injection
109973Cloud Foundry Loggregator access control [CVE-2017-14390]
109972Bazaar SSH Subprocess command injection [CVE-2017-14176]🔒🔒
109971TG Soft Vir.IT eXplorer Lite null pointer dereference [CVE-2017-16948]🔒
109970MISP UsersController.php admin_edit Password log file
109969Exim SMTP Daemon receive.c bdat_getc resource consumption🔒🔒
109968Exim SMTP Daemon receive.c receive_msg use after free🔒🔒
109967libsndfile wav_w64.c wav_w64_read_fmt_chunk divide by zero🔒
109966October CMS Theme .htaccess unrestricted upload [Disputed]
109965Linux Kernel XFRM Dump Policy xfrm_user.c access control🔒🔒
109964OptiPNG GIF File gifread.c LZWReadByte memory corruption🔒🔒
109963Shenzhen Tenda Ac9 request path traversal
109962Ametys Access Restriction access control [CVE-2017-16935]
109961DBL DBLTek HTTP Basic Authentication frame.html os command injection
109960Icinga prepare-dirs access control🔒
109959Cacti Access Restriction auth_login.php access control
109958libxml2 parser.c resource consumption🔒
109957libxml2 NEXTL Macro parser.c xmlParserHandlePEReference memory corruption🔒
109956xrdp Session Manager libscp_v0.c scp_v0s_accept input validation🔒🔒
109955MIT Kerberos 5 X.509 Data pkinit_crypto_openssl.c X509_NAME_oneline_ex memory corruption🔒🔒
109954Moxa EDS-G512E Password Hash information disclosure [CVE-2017-13701]
109953Moxa EDS-G512E Encryption Algorithm inadequate encryption [CVE-2017-13699]
109952Moxa EDS-G512E Private Keys key management [CVE-2017-13698]
109951Huawei Warsaw access control [CVE-2017-8216]
109950Huawei Honor 8 access control [CVE-2017-8215]
109949Huawei Honor 8 Bootloader access control [CVE-2017-8214]
109948Huawei SMC2.0 TLS Handshake certificate validation [CVE-2017-8213]
109947Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8212]
109946Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8211]
109945Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8210]
109944Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8209]
109943Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8208]
109942Huawei Honor 5C/Honor 6X Driver memory corruption [CVE-2017-8207]
109941Huawei Honor 7 Lite App Lock 7pk security [CVE-2017-8206]
109940Huawei Honor 9 Bastet Driver integer overflow [CVE-2017-8205]
109939Huawei Honor 9 Bastet Driver memory corruption [CVE-2017-8204]
109938Huawei Nova 2/Nova 2 Plus Bastet Driver use after free [CVE-2017-8203]
109937Huawei Prague-AL00A CameraISP Driver memory corruption [CVE-2017-8202]
109936Huawei Max Presence/TP3106/TP3206 H.323 insufficient verification of data authenticity
109935Huawei Max Presence/TP3106/TP3206 H.323 out-of-bounds read [CVE-2017-8200]
109934Huawei Max Presence/TP3106/TP3206 H.323 out-of-bounds read [CVE-2017-8199]
109933Huawei FusionSphere sql injection [CVE-2017-8198]
109932Huawei FusionSphere command injection [CVE-2017-8197]
109931Huawei FusionSphere improper authorization [CVE-2017-8196]
109930Huawei FusionSphere OpenStack improper authentication [CVE-2017-8195]
109929Huawei FusionSphere OpenStack improper authentication [CVE-2017-8194]
109928Huawei FusionSphere OpenStack command injection [CVE-2017-8193]
109927Huawei FusionSphere OpenStack improper authorization [CVE-2017-8192]
109926Huawei FusionSphere OpenStack risky encryption [CVE-2017-8191]
109925Huawei FusionSphere OpenStack signature verification [CVE-2017-8190]
109924Huawei FusionSphere OpenStack path traversal [CVE-2017-8189]
109923Huawei FusionSphere OpenStack command injection [CVE-2017-8188]
109922Huawei MHA-AL00A Bastet input validation [CVE-2017-8186]
109921Huawei ME906s-158 access control [CVE-2017-8185]
109920Huawei MTK memory corruption [CVE-2017-8184]
109919Huawei MTK information disclosure [CVE-2017-8183]
109918Huawei MTK out-of-bounds read [CVE-2017-8182]
109917Huawei Nice-AL00 Camera Driver memory corruption [CVE-2017-8181]
109916Huawei Nice-AL00 Camera Driver memory corruption [CVE-2017-8180]
109915Huawei Nice-AL00 Camera Driver memory corruption [CVE-2017-8179]
109914Huawei Email App Stored cross site scripting [CVE-2017-8178]
109913Huawei HiWallet APK File signature verification [CVE-2017-8177]
109912Huawei Vicky-AL00A/Victoria-AL00A/Warsaw-AL00 Bastet input validation
109911Huawei USG6300 inadequate encryption [CVE-2017-8174]
109910Huawei Warsaw-AL00 Factory Reset Protection access control [CVE-2017-8173]
109909Huawei P10/P10 Plus array index [CVE-2017-8172]
109908Huawei Vicky-AL00A Factory Reset Protection access control [CVE-2017-8171]
109907Huawei VIE-L09 memory corruption [CVE-2017-8170]
109906Huawei VIE-L09 memory corruption [CVE-2017-8169]
109905Huawei FusionSphere OpenStack information disclosure [CVE-2017-8168]
109904Huawei USG9500 input validation [CVE-2017-8167]
109903Huawei Honor V9 App Lock 7pk security [CVE-2017-8166]
109902Huawei SRG3300 out-of-bounds read [CVE-2017-8163]
109901Huawei SRG3300 memory corruption [CVE-2017-8162]
109900Huawei EVA-L09 Factory Reset Protection access control [CVE-2017-8161]
109899Huawei Vicky-AL00A Madapt Driver use after free [CVE-2017-8160]
109898Huawei Agassi-L09HN/Agassi-W09HN/Kobe-L09AHN/Kobe-W09CHN type conversion
109897Huawei FusionCompute permission [CVE-2017-8158]
109896Huawei OceanStor 5800/OceanStor 6900 cryptographic issues [CVE-2017-8157]
109895Huawei B2338-168 Outdoor Unit missing authentication [CVE-2017-8156]
109894Huawei B2338-168 Outdoor Unit missing authentication [CVE-2017-8155]
109893Huawei Vmall App permission [CVE-2017-8153]
109892Huawei Honor 5S Factory Reset Protection security check for standard
109891Huawei Honor 5S improper authentication [CVE-2017-8151]
109890Huawei P10/P10 Plus Boot Loader memory corruption [CVE-2017-8150]
109889Huawei P10/P10 Plus Boot Loader memory corruption [CVE-2017-8149]
109888Huawei P9 Audio Driver race condition [CVE-2017-8148]
109887Huawei Secospace USG6600 Poison input validation [CVE-2017-8147]
109886Huawei P10/P10 Plus Call Module input validation [CVE-2017-8146]
109885Huawei P10/P10 Plus Call Module input validation [CVE-2017-8145]
109884Huawei Honor 5A resource management [CVE-2017-8144]
109883Huawei Honor 5C/P9 Lite Wi-Fi Driver input validation [CVE-2017-8143]
109882Huawei Mate 9/Mate 9 Pro Trusted Execution Environment use after free
109881Huawei P10 Plus Touch Panel Driver double free [CVE-2017-8141]
109880Huawei P9 Plus Soundtrigger Driver double free [CVE-2017-8140]
109879Huawei HedEx Configuration File Stored cross site scripting
109878Huawei HedEx cross-site request forgery [CVE-2017-8138]
109877Huawei HedEx DLL untrusted search path [CVE-2017-8137]
109876Huawei HedEx File Download information disclosure [CVE-2017-8136]
109875Huawei FusionSphere OpenStack command injection [CVE-2017-8135]
109874Huawei FusionSphere OpenStack command injection [CVE-2017-8134]
109873Huawei iManager NetEco command injection [CVE-2017-8133]
109872Huawei FusionSphere OpenStack command injection [CVE-2017-8132]
109871Huawei FusionSphere OpenStack command injection [CVE-2017-8131]
109870Huawei UMA information disclosure [CVE-2017-8130]
109869Huawei UMA access control [CVE-2017-8129]
109868Huawei UMA access control [CVE-2017-8128]
109867Huawei UMA cross site scripting [CVE-2017-8127]
109866Huawei UMA access control [CVE-2017-8126]
109865Huawei UMA cross site scripting [CVE-2017-8125]
109864Huawei UMA access control [CVE-2017-8124]
109863Huawei UMA access control [CVE-2017-8123]
109862Huawei UMA access control [CVE-2017-8122]
109861Huawei UMA information disclosure [CVE-2017-8121]
109860Huawei UMA access control [CVE-2017-8120]
109859Huawei UMA access control [CVE-2017-8119]
109858Huawei UMA information disclosure [CVE-2017-8118]
109857Huawei UMA access control [CVE-2017-8117]
109856Fortinet FortiWeb webUI Certificate View Page Cert Import Stored cross site scripting
109855RPM Temp File link following [CVE-2017-7501]🔒🔒
109854F5 BIG-IP Traffic Management Microkernel double free [CVE-2017-6166]🔒
109853Huawei Vmall App Upgrade Package access control [CVE-2017-2739]
109852Huawei VCM5010 improper authentication [CVE-2017-2738]
109851Huawei VCM5010 unrestricted upload [CVE-2017-2737]
109850Huawei VCM5010 command injection [CVE-2017-2736]
109849Huawei TIT-AL00 routine [CVE-2017-2735]
109848Huawei P9 Plus resource consumption [CVE-2017-2734]
109847Huawei Honor 6X File Permission information disclosure [CVE-2017-2733]
109846Huawei Hilink App information disclosure [CVE-2017-2732]
109845Huawei P9 Plus Vibrator Service input validation [CVE-2017-2731]
109844Huawei HiLink App/Tech Support App information disclosure [CVE-2017-2730]
109843Huawei Honor 5A Boot Loader memory corruption [CVE-2017-2729]
109842Huawei Honor 6X Bluetooth 7pk security [CVE-2017-2728]
109841Huawei P9 User Management access control [CVE-2017-2727]
109840Huawei P10/P10 Plus Bastet memory corruption [CVE-2017-2726]
109839Huawei P10/P10 Plus Bastet memory corruption [CVE-2017-2725]
109838Huawei P10/P10 Plus Bastet memory corruption [CVE-2017-2724]
109837Huawei Files App information disclosure [CVE-2017-2723]
109836Huawei eSpace U1981 input validation [CVE-2017-2722]
109835Huawei Berlin/FRD-L02/FRD-L04/FRD-L09/FRD-L14/FRD-L19 Factory Reset Protection access control
109834Huawei FusionSphere OpenStack Key information disclosure [CVE-2017-2720]
109833Huawei FusionSphere OpenStack command injection [CVE-2017-2719]
109832Huawei FusionSphere OpenStack command injection [CVE-2017-2718]
109831Huawei Honor 8 Pro integer overflow [CVE-2017-2717]
109830Huawei Mate 9 memory corruption [CVE-2017-2716]
109829Huawei Files App information disclosure [CVE-2017-2715]
109828Huawei FusionSphere OpenStack GaussDB memory corruption [CVE-2017-2714]
109827Huawei P9 input validation [CVE-2017-2713]
109826Huawei S3300 Ethernet path error [CVE-2017-2712]
109825Huawei P9 Plus Touchscreen Driver input validation [CVE-2017-2711]
109824Huawei Beethoven-W09A/CRR-L09 Factory Reset Protection access control
109823Huawei HiGame/SkyTone App input validation [CVE-2017-2709]
109822Huawei Nice Find Phone Reset access control
109821Huawei Mate 9 Push Module access control [CVE-2017-2707]
109820Huawei Mate 9 Push Module path traversal [CVE-2017-2706]
109819Huawei P9 Settings access control [CVE-2017-2705]
109818Huawei Smarthome Encryption Key Stored information disclosure
109817Huawei Mate 9/P9 Phone Finder access control [CVE-2017-2703]
109816Huawei Mate 9 Phone Finder access control [CVE-2017-2702]
109815Huawei Mate 9 insufficient verification of data authenticity
109814Huawei AC6005/AC6605 resource management [CVE-2017-2700]
109813Huawei Themes APP access control [CVE-2017-2699]
109812Huawei P8 ddr_devfreq Driver memory corruption [CVE-2017-2698]
109811Huawei GT3/Honor 5C/KNT/P9 Lite/Y6 II Goldeneye Driver memory corruption
109810Huawei Y6 II emerg_data Driver memory corruption [CVE-2017-2696]
109809Huawei TIT-AL00 Email App path traversal [CVE-2017-2695]
109808Huawei HwVmall AlarmService permission [CVE-2017-2694]
109807Huawei P8 Lite/Mate 7/Mate S/P8/Honor 6/Honor 7/SHOTX/G8 File Decompression path traversal
109806Huawei P8 Lite/Mate 7/Mate S/P8/Honor 6/Honor 7/SHOTX/G8 Keyguard App command injection
109805Huawei P9 Screen Lock access control [CVE-2017-2691]
109804Huawei SoftCo/eSpace Permission resource management [CVE-2017-2690]
109803ncurses write_entry.c nc_write_entry memory corruption🔒
109802Symantec Install Norton Security Certificate certificate validation
109801PostgreSQL INSERT information disclosure [CVE-2017-15099]🔒🔒
109800PostgreSQL jsonb_populate_recordset information disclosure🔒🔒
109799QNAP Video Station command injection [CVE-2017-13071]
109798Linux Kernel assoc_array.c assoc_array_insert_into_terminal_node null pointer dereference🔒🔒
109797Linux Kernel SCSI I/O Vector bio.c bio_add_pc_page memory corruption🔒🔒
109796PostgreSQL link following [CVE-2017-12172]🔒🔒
109795Cohu 3960HD passwordsAreEqual protection mechanism🔒
109794Cohu 3960 esp Source Code information disclosure [CVE-2017-8863]🔒
109793Cohu 3960HD Firmware Upgrade webupgrade unrestricted upload🔒
109792Cohu 3960HD Configuration Parameter 7pk security [CVE-2017-8861]🔒
109791Cohu 3960HD information disclosure [CVE-2017-8860]🔒
109790Ohcount command injection [CVE-2017-16926]
109789Procmail formail formisc.c loadbuf memory corruption🔒🔒
109788EMC RSA Authentication Manager Security Console cross site scripting🔒
109787Samba memory corruption [CVE-2017-15275]🔒🔒
109786Samba SMB1 use after free [CVE-2017-14746]🔒🔒
109785Ansible jenkins_plugin Module Password log file🔒🔒
109784Intel Dual-Band Wireless-AC/Tri-Band Wireless-AC Wi-Fi Subsystem data processing
109783Intel Deep Learning Training Tool access control [CVE-2017-5719]
109782Shenzhen Tenda usbeject system command injection
109781FineCMS Membr API system.php key management
109780MapOS visualizar Stored cross site scripting
109779FFmpeg VC-2 Video Compression Encoder vc2enc.c out-of-bounds read🔒🔒
109778Open Ticket Request System Agent Interface code injection🔒🔒
109777OpenStack Swauth Middleware Authentication improper authentication🔒🔒
109776DocuWare Fulltext Search Server Solr access control [CVE-2017-15044]
109775Fiyo CMS rating.php sql injection
109774Intel Server Platform Service Kernel access control [CVE-2017-5710]
109773Intel Server Platform Service Kernel memory corruption [CVE-2017-5707]
109772Intel Server Platform Service Kernel access control [CVE-2017-5709]
109771Intel Server Platform Service Kernel memory corruption [CVE-2017-5706]
109770Intel Manageability Engine Active Management Technology memory corruption🔒
109769Intel Manageability Engine Active Management Technology memory corruption🔒
109768Intel Manageability Engine Kernel access control [CVE-2017-5708]🔒
109767Intel Manageability Engine Kernel memory corruption [CVE-2017-5705]🔒
109766Apache OpenOffice DOC File Parser WW8Fonts out-of-bounds write🔒🔒
109765libxls xls_getfcell memory corruption🔒🔒
109764libxls read_MSAT out-of-bounds write
109763libxls xls_mergedCells out-of-bounds write🔒🔒
109762Horde Groupware cross site scripting [CVE-2017-16908]
109761Horde Groupware Create Task List cross site scripting [CVE-2017-16907]🔒
109760Horde Groupware Calendar cross site scripting [CVE-2017-16906]🔒
109759LvyeCMS Public Tologin admin.php Log cross site scripting
109758LvyeCMS index.php path traversal
109757Vonage VDV-23 115 memory corruption [CVE-2017-16902]
109756Xfig fig2dev gentikz.c array index🔒🔒
109755libming listmp3.c printMP3Headers memory corruption🔒🔒
109754Tiny Tiny RSS public.php sql injection
109753BusyBox Terminal lineedit.c add_match code injection🔒
109752Symantec ITMS Management Console path traversal [CVE-2017-15527]🔒
109751Moodle Search User information disclosure🔒🔒
109750Apache OpenOffice DOC File Parser ImportOldFormatStyles out-of-bounds write🔒🔒
109749Apache OpenOffice PPT File Parser PPTStyleSheet out-of-bounds write🔒🔒
109748libxls xls_addCell out-of-bounds write🔒🔒
109747libxls xls_appendSST integer overflow🔒🔒
109746Belden Hirschmann Tofino Xenon Security Appliance OPC/Netfilter 7pk security
109745Belden Hirschmann Tofino Xenon Security Appliance ModBus Packet data processing
109744Belden Hirschmann Tofino Xenon Security Appliance Firmware Signature permission
109743Laravel Framework Permission .env writeNewEnvironmentFileWith Password information disclosure
109742bftpd rename memory corruption🔒
109741libming SWF File outputscript.c outputSWF_TEXT_RECORD null pointer dereference🔒🔒
109740Icinga Core icinga access control🔒
109739b3log Symphony JSON Object avatar cross site scripting
109738Adobe Acrobat Reader memory corruption [CVE-2017-16411]🔒🔒
109737Adobe Acrobat Reader memory corruption [CVE-2017-16375]🔒🔒
109736Adobe Acrobat Reader memory corruption [CVE-2017-16373]🔒🔒
109735Adobe Acrobat Reader memory corruption [CVE-2017-16372]🔒🔒
109734Adobe Acrobat Reader memory corruption [CVE-2017-16371]🔒🔒
109733Adobe Acrobat Reader memory corruption [CVE-2017-16364]🔒🔒
109732Adobe Acrobat Reader out-of-bounds read [CVE-2017-16406]🔒🔒
109731Adobe Acrobat Reader type conversion [CVE-2017-16379]🔒🔒
109730Adobe Acrobat Reader type conversion [CVE-2017-16367]🔒🔒
109729Adobe Acrobat Reader resource management [CVE-2017-16419]🔒🔒
109728Adobe Acrobat Reader 7pk security [CVE-2017-16380]🔒🔒
109727Adobe Acrobat Reader information disclosure [CVE-2017-16369]🔒🔒
109726Adobe Acrobat Reader 7pk security [CVE-2017-16366]🔒🔒
109725Adobe Acrobat Reader 7pk security [CVE-2017-16361]🔒🔒
109724Adobe Acrobat Reader out-of-bounds write [CVE-2017-16416]🔒🔒
109723Adobe Acrobat Reader out-of-bounds write [CVE-2017-16415]🔒🔒
109722Adobe Acrobat Reader out-of-bounds write [CVE-2017-16413]🔒🔒
109721Adobe Acrobat Reader out-of-bounds write [CVE-2017-16407]🔒🔒
109720Adobe Acrobat Reader memory corruption [CVE-2017-11293]🔒🔒
109719Adobe Acrobat Reader out-of-bounds read [CVE-2017-16420]🔒🔒
109718Adobe Acrobat Reader out-of-bounds read [CVE-2017-16418]🔒🔒
109717Adobe Acrobat Reader out-of-bounds write [CVE-2017-16417]🔒🔒
109716Adobe Acrobat Reader out-of-bounds read [CVE-2017-16414]🔒🔒
109715Adobe Acrobat Reader out-of-bounds read [CVE-2017-16412]🔒🔒
109714Adobe Acrobat Reader out-of-bounds read [CVE-2017-16409]🔒🔒
109713Adobe Acrobat Reader out-of-bounds read [CVE-2017-16408]🔒🔒
109712Adobe Acrobat Reader out-of-bounds read [CVE-2017-16405]🔒🔒
109711Adobe Acrobat Reader out-of-bounds read [CVE-2017-16404]🔒🔒
109710Adobe Acrobat Reader out-of-bounds read [CVE-2017-16403]🔒🔒
109709Adobe Acrobat Reader out-of-bounds read [CVE-2017-16402]🔒🔒
109708Adobe Acrobat Reader out-of-bounds read [CVE-2017-16401]🔒🔒
109707Adobe Acrobat Reader out-of-bounds read [CVE-2017-16400]🔒🔒
109706Adobe Acrobat Reader out-of-bounds read [CVE-2017-16399]🔒🔒
109705Adobe Acrobat Reader out-of-bounds read [CVE-2017-16397]🔒🔒
109704Adobe Acrobat Reader out-of-bounds read [CVE-2017-16394]🔒🔒
109703Adobe Acrobat Reader out-of-bounds read [CVE-2017-16382]🔒🔒
109702Adobe Acrobat Reader out-of-bounds read [CVE-2017-16376]🔒🔒
109701Adobe Acrobat Reader out-of-bounds read [CVE-2017-16370]🔒🔒
109700Adobe Acrobat Reader out-of-bounds read [CVE-2017-16362]🔒🔒
109699Adobe Acrobat Reader Array Index array index [CVE-2017-16410]🔒🔒
109698Adobe Acrobat Reader Array Index array index [CVE-2017-16391]🔒🔒
109697Adobe Acrobat Reader memory corruption [CVE-2017-16383]🔒🔒
109696Adobe Acrobat Reader memory corruption [CVE-2017-16368]🔒🔒
109695Adobe Acrobat Reader memory corruption [CVE-2017-16387]🔒🔒
109694Adobe Acrobat Reader memory corruption [CVE-2017-16386]🔒🔒
109693Adobe Acrobat Reader memory corruption [CVE-2017-16384]🔒🔒
109692Adobe Acrobat Reader memory corruption [CVE-2017-16374]🔒🔒
109691Adobe Acrobat Reader memory corruption [CVE-2017-16365]🔒🔒
109690Adobe Acrobat Reader memory corruption [CVE-2017-16363]🔒🔒
109689Adobe Acrobat Reader memory corruption [CVE-2017-16396]🔒🔒
109688Adobe Acrobat Reader memory corruption [CVE-2017-16395]🔒🔒
109687Adobe Acrobat Reader memory corruption [CVE-2017-16392]🔒🔒🔒
109686Adobe Acrobat Reader memory corruption [CVE-2017-16385]🔒🔒
109685Adobe Acrobat Reader memory corruption [CVE-2017-16381]🔒🔒
109684Adobe Acrobat Reader use after free [CVE-2017-16398]🔒🔒
109683Adobe Acrobat Reader use after free [CVE-2017-16393]🔒🔒🔒
109682Adobe Acrobat Reader use after free [CVE-2017-16390]🔒🔒
109681Adobe Acrobat Reader use after free [CVE-2017-16389]🔒🔒
109680Adobe Acrobat Reader use after free [CVE-2017-16388]🔒🔒
109679Adobe Acrobat Reader use after free [CVE-2017-16360]🔒🔒
109678Adobe Acrobat Reader uninitialized pointer [CVE-2017-16378]🔒🔒
109677Adobe Acrobat Reader uninitialized pointer [CVE-2017-16377]🔒🔒
109676F5 BIG-IP Virtual Server RSA cryptographic issues🔒
109675VMware Workstation DLL Loader untrusted search path [CVE-2017-4939]🔒
109674VMware Workstation/Fusion RPC null pointer dereference [CVE-2017-4938]🔒
109673VMware Workstation/Horizon View Client JPEG2000 Parser TPView.dll out-of-bounds read🔒
109672VMware Workstation/Horizon View Client JPEG2000 Parser TPView.dll out-of-bounds read🔒
109671VMware Workstation/Horizon View Client JPEG2000 Parser TPView.dll out-of-bounds write🔒
109670VMware Workstation/Fusion VMNAT Device memory corruption [CVE-2017-4934]🔒
109669VMware NSX Edge cross site scripting [CVE-2017-4929]
109668VMware vSphere Web Client cross-site request forgery [CVE-2017-4928]🔒
109667VMware vCenter Server ldap injection [CVE-2017-4927]🔒
109666filp whoops TemplateHelper.php dump cross site scripting
109665ZEIT Next.js _next path traversal
109664PJSIP key management [CVE-2017-16875]🔒🔒
109663PJSIP memory corruption [CVE-2017-16872]🔒🔒
109662UpdraftPlus Plugin admin.php plupload_action code injection [Disputed]🔒
109661UpdraftPlus Plugin admin.php updraft_ajax_handler server-side request forgery🔒
109660UPX p_mach.cpp memory corruption [Disputed]
109659SWFTools wav.c wav_convert2mono null pointer dereference
109658QEMU ps2.c out-of-bounds read🔒🔒
109657Icon Time Systems RTC-1000 employee.html Reflected cross site scripting
109656Jooan IP Camera A5 FTP Server improper authentication [CVE-2017-16566]
109655Philips IntelliSpace Cardiovascular/Xcelera Workstation Logging Credentials credentials management
109654Securimage example_form.php code injection
109653Moxa EDS-G512E input validation [CVE-2017-13703]
109652Moxa EDS-G512E Cookie information disclosure [CVE-2017-13702]
109651Moxa EDS-G512E Administration Interface cross site scripting
109650RX-V100/RX-V200/RX-CLV1-P/RX-CLV2-B/RX-CLV3-N Session Management session fixiation
109649TablePress xml external entity reference [CVE-2017-10889]🔒
109648BOOK WALKER information disclosure [CVE-2017-10888]
109647BOOK WALKER untrusted search path [CVE-2017-10887]
109646CS-Cart cross site scripting [CVE-2017-10886]
109645Redis-store deserialization [CVE-2017-1000248]
109644British Columbia Institute of Technology CodeIgniter set_status_header input validation
109643PySAML2 cryptographic issues [CVE-2017-1000246]
109642OpenEMR access control [CVE-2017-1000241]🔒
109641OpenEMR Reflected cross site scripting [CVE-2017-1000240]🔒
109640InvoicePlane Stored cross site scripting [CVE-2017-1000239]
109639InvoicePlane File Upload unrestricted upload [CVE-2017-1000238]
109638I/Librarian ajaxsupplement.php server-side request forgery
109637I/Librarian temp.php Reflected cross site scripting
109636I/Librarian batchimport.php os command injection
109635I/Librarian jqueryFileTree.php Directory information disclosure
109634ldns str2host.c double free🔒🔒
109633ldns parse.c double free🔒🔒
109632Snap7 Server WriteVar input validation
109631OptiPNG minitiff_read_info integer overflow🔒🔒
109630nodejs ejs ejs.renderFile input validation
109629Salutation Responsive WordPress + BuddyPress Theme Stored cross site scripting
109628Stop User Enumeration REST API Username information disclosure
109627Relevanssi Premium Plugin relevanssi_didyoumean Reflected cross site scripting
109626MODX Revolution Stored cross site scripting [CVE-2017-1000223]🔒
109625Opencast Access Restriction access control [CVE-2017-1000221]🔒
109624soyuka pidusage command injection [CVE-2017-1000220]
109623Opencast Media Module injection [CVE-2017-1000217]🔒
109622ROOT xrootd command injection [CVE-2017-1000215]
109621WBCE tool.php Reflected cross site scripting
109620Elixir VIM Plugin alchemist-server access control [CVE-2017-1000212]
109619Lynx HTML Parser use after free [CVE-2017-1000211]🔒🔒
109618picoTCP memory corruption [CVE-2017-1000210]
109617nv-websocket-client X.509 Certificate Verification certificate validation
109616Swagger-Parser's YAML Parser code [CVE-2017-1000208]
109615samtools htslib Library CRAM rANS Codec memory corruption [CVE-2017-1000206]
109614ROOT rootd command injection [CVE-2017-1000203]
109613tcmu-runner Daemon input validation [CVE-2017-1000201]🔒
109612tcmu-runner dbus on_unregister_handler null pointer dereference🔒
109611tcmu-runner information disclosure🔒
109610tcmu-runner memory corruption [CVE-2017-1000198]🔒
109609October CMS Asset Move File path error
109608October CMS Asset Manager code injection [CVE-2017-1000196]
109607October CMS File Permission injection
109606October CMS Apache Configuration unrestricted upload [CVE-2017-1000194]
109605October CMS Brand Logo Image Name Stored cross site scripting
109604Cygnux sysPass Configuration File information disclosure [CVE-2017-1000192]
109603Jool Kernel resource consumption [CVE-2017-1000191]
109602SimpleXML xml external entity reference [CVE-2017-1000190]
109601nodejs ejs ejs.renderFile input validation
109600nodejs ejs ejs.renderFile cross site scripting
109599SWFTools pdf2swf writeTTF memory corruption
109598SWFTools pdf2swf memory corruption [CVE-2017-1000186]
109597SWFTools gif2swf memcpy memory corruption
109596SWFTools wav2swf memory corruption [CVE-2017-1000182]
109595SWFTools swfc memcpy memory corruption
109594SWFTools swfdump swf_GetBits memory corruption
109593Creolabs Gravity memory corruption [CVE-2017-1000173]
109592Creolabs Gravity gravity_lexer.c use after free
109591jqueryFileTree path traversal [CVE-2017-1000170]
109590QuickerBB input validation [CVE-2017-1000169]
109589sodiumoxide ScalarMult scalarmult key management
109588Tine Addressbook cross site scripting [CVE-2017-1000164]
109587Phoenix Framework redirect [CVE-2017-1000163]
109586EllisLab ExpressionEngine cross site scripting [CVE-2017-1000160]
109585CPython stringobject.c PyString_DecodeEscape memory corruption🔒🔒
109584Serendipity Blog sql injection [CVE-2017-1000129]
109583Exiv2 JPEG2000 Parser out-of-bounds read [CVE-2017-1000128]
109582Exiv2 tiff Parser memory corruption [CVE-2017-1000127]
109581Exiv2 webp Parser out-of-bounds read [CVE-2017-1000126]
109580Codiad Installation access control [CVE-2017-1000125]
109579Google Android Linux Kernel memory corruption [CVE-2017-9721]
109578Google Android Kernel Driver MDSS memory corruption [CVE-2017-9719]
109577Google Android Camera Driver Pointer access control
109576Google Android Fastboot Command information disclosure [CVE-2017-9701]
109575Google Android Camera Driver information disclosure [CVE-2017-9696]
109574Google Android IOCTL memory corruption [CVE-2017-9690]
109573Google Android Linux Kernel information disclosure [CVE-2017-8279]
109572VMware AirWatch Launcher Native UI access control [CVE-2017-4932]
109571VMware AirWatch Log File input validation [CVE-2017-4931]
109570VMware AirWatch Console cross site scripting [CVE-2017-4930]
109569Amazon Key Cloud Cam 802.11 Deauthentication Frame data processing
109568dayrui FineCMS M_Controller.php cross site scripting
109567ipsilon SAML2 Session session fixiation [CVE-2017-16855]
109566OpenSAML Security Check DynamicMetadataProvider.cpp DynamicMetadataProvider signature verification🔒🔒
109565Shibboleth Service Provider Dynamic MetadataProvider Plugi DynamicMetadataProvider.cpp signature verification🔒🔒
109564Zoho ManageEngine Applications Manager sql injection🔒
109563Zoho ManageEngine Applications Manager sql injection🔒
109562Zoho ManageEngine Applications Manager sql injection🔒
109561Zoho ManageEngine Applications Manager sql injection🔒
109560Zoho ManageEngine Applications Manager sql injection🔒
109559Zoho ManageEngine Applications Manager sql injection🔒
109558Procmail formail formisc.c loadbuf memory corruption🔒🔒
109557Vonage VDV-23 115 RgParentalBasic Stored cross site scripting
109556Hashicorp Vagrant VMware Fusion Plugin access control [CVE-2017-16777]
109555Moxa NPort 5110/NPort 5130/NPort 5150 Packet injection [CVE-2017-16719]
109554Moxa NPort 5110/NPort 5130/NPort 5150 Ethernet Frame information disclosure
109553SanDisk Secure Access Temp File cryptographic issues [CVE-2017-16560]
109552Open Ticket Request System Agent Frontend Credentials credentials management🔒🔒
109551AltaVault OST Plug-in OST Share Credentials information disclosure
109550NetApp SnapCenter Server User Interface cross-site request forgery
109549Moxa NPort 5110 resource consumption [CVE-2017-14028]
109548Google Android Linux Kernel information disclosure [CVE-2017-11093]
109547Google Android Linux Kernel kgsl_ioctl_gpu_command use after free
109546Google Android Linux Kernel mdss_rotator mdss_rotator_ioctl use after free
109545Google Android Linux Kernel __wlan_hdd_cfg80211_set_pmksa information disclosure
109544Google Android Linux Kernel information disclosure [CVE-2017-11089]🔒🔒
109543Google Android Linux Kernel msm-audio-effects-q6-v2.c integer overflow
109542Google Android Linux Kernel cld Memory access control
109541Google Android Linux Kernel out-of-bounds read [CVE-2017-11058]
109540Google Android Linux Kernel 7pk time and state [CVE-2017-11038]
109539Google Android Linux Kernel csr_roam_issue_ft_preauth_req memory corruption
109538Google Android Linux Kernel service_locator_send_msg double free
109537Google Android Linux Kernel memory corruption [CVE-2017-11029]
109536Google Android Camera Driver msm_isp_get_stream_common_data information disclosure
109535Google Android Linux Kernel input validation [CVE-2017-11027]
109534Google Android access control [CVE-2017-11026]
109533Google Android Linux Kernel audio_effects_shared_ioctl race condition
109532Google Android Linux Kernel use after free [CVE-2017-11024]
109531Google Android Synchronization access control [CVE-2017-11023]
109530Google Android Linux Kernel information disclosure [CVE-2017-11022]
109529Google Android Camera Driver memory corruption [CVE-2017-11018]
109528Google Android Linux Kernel memory corruption [CVE-2017-11017]
109527Google Android Linux Kernel access control [CVE-2017-11015]
109526Google Android Linux Kernel access control [CVE-2017-11014]
109525Google Android Linux Kernel access control [CVE-2017-11013]
109524Google Android access control [CVE-2017-11012]
109523FreeBSD Kernel information disclosure [CVE-2017-1088]🔒
109522FreeBSD Shared Memory access control [CVE-2017-1087]🔒
109521FreeBSD Debugger information disclosure [CVE-2017-1086]🔒
109520YouTube Plugin cross-site request forgery [CVE-2017-1000224]🔒
109519npm KyleRoss windows-cpu command injection [CVE-2017-1000219]
109518LightFTP writelogentry memory corruption
109517private_address_check Ruby Gem Blacklist 7pk security [CVE-2017-0909]
109516Google Android Direct Rendering Kernel Memory access control
109515Google Android MediaTek soc Driver access control [CVE-2017-0865]
109514Google Android MediaTek ioctl access control [CVE-2017-0864]
109513Google Android Kernel Video Driver access control [CVE-2017-0863]
109512Google Android Kernel access control [CVE-2017-0862]
109511Google Android Kernel Audio Driver access control [CVE-2017-0861]🔒🔒
109510Google Android Dispatcher access control [CVE-2017-0860]
109509Google Android Media Framework resource management [CVE-2017-0859]
109508Google Android Media Framework resource management [CVE-2017-0858]
109507Google Android Media Framework resource management [CVE-2017-0857]
109506Google Android Media Framework information disclosure [CVE-2017-0854]
109505Google Android Media Framework information disclosure [CVE-2017-0853]
109504Google Android Media Framework resource management [CVE-2017-0852]
109503Google Android Media Framework information disclosure [CVE-2017-0851]
109502Google Android Media Framework information disclosure [CVE-2017-0850]
109501Google Android Media Framework information disclosure [CVE-2017-0849]
109500Google Android Media Framework information disclosure [CVE-2017-0848]
109499Google Android Media Framework access control [CVE-2017-0847]
109498Google Android SyncStorageEngine access control [CVE-2017-0845]
109497Google Android MediaTek ccci access control [CVE-2017-0843]
109496Google Android Bluetooth access control [CVE-2017-0842]
109495Google Android libutils access control [CVE-2017-0841]
109494Google Android Media Framework information disclosure [CVE-2017-0840]
109493Google Android Media Framework information disclosure [CVE-2017-0839]
109492Google Android Media Framework access control [CVE-2017-0838]
109491Google Android Media Framework access control [CVE-2017-0836]
109490Google Android Media Framework access control [CVE-2017-0835]
109489Google Android Media Framework access control [CVE-2017-0834]
109488Google Android Media Framework access control [CVE-2017-0833]
109487Google Android Media Framework access control [CVE-2017-0832]
109486Google Android Window Manager access control [CVE-2017-0831]
109485Google Android Device Policy Client access control [CVE-2017-0830]
109484Varnish HTTP Cache cache_fetch.c vbf_stp_error memory corruption🔒🔒
109483Intel Unite App Admin Portal access control [CVE-2017-5738]
109482Yoast SEO Plugin class-gsc-table.php cross site scripting🔒
109481Lansweeper CalendarActions.aspx cross site scripting
109480Trusted Boot PCR input validation [CVE-2017-16837]🔒🔒
109479Arris TG1682G ajax_managed_services.php Stored cross site scripting
109478PNP4Nagios npcd access control🔒
109477libbpg hevc_filter.c restore_tqb_pixels memory corruption
109476libbpg bpgenc.c image_alloc integer overflow
109475VideoLAN x265 cudata.cpp initialize null pointer dereference
109474Cisco Umbrella Insights Virtual Appliance Hypervisor hard-coded credentials
109473Cisco Prime Collaboration Deployment Upgrade improper authentication🔒
109472Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109471Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109470Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109469Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109468Cisco RF Gateway 1 TCP State Machine resource management [CVE-2017-12318]
109467Cisco Identity Services Engine improper authentication [CVE-2017-12316]
109466Cisco HyperFlex System Logging information disclosure [CVE-2017-12315]
109465Cisco FindIT Network Discovery Utility uncontrolled search path
109464Cisco Network Academy Packet Tracer input validation [CVE-2017-12313]
109463Cisco Immunet Antimalware Installer input validation [CVE-2017-12312]
109462Cisco Meeting Server H.264 Decoder resource management [CVE-2017-12311]
109461Cisco Email Security Appliance response splitting [CVE-2017-12309]
109460Cisco Spark Board Upgrade Process config [CVE-2017-12306]
109459Cisco IP Phone 8800 Debug Interface command injection [CVE-2017-12305]🔒
109458Cisco IOS/IOS XE IOSd cross site scripting [CVE-2017-12304]
109457Cisco Web Security Appliance Advanced Malware Protection security check for standard
109456Cisco Unified Communications Manager SQL Database Interface sql injection🔒
109455Cisco Firepower System Software Snort Detection Engine input validation
109454Cisco ASA NGFW Device Initialization input validation [CVE-2017-12299]
109453Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109452Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109451Cisco Registered Envelope Service Web-based Management Interface cross site scripting
109450MediaWiki Language Converter input validation [CVE-2017-8815]🔒🔒
109449MediaWiki Language Converter input validation [CVE-2017-8814]🔒🔒
109448MediaWiki Headline access control [CVE-2017-8812]🔒🔒
109447MediaWiki Raw Message Parameter Extension input validation [CVE-2017-8811]🔒🔒
109446MediaWiki Error Message User information disclosure🔒🔒
109445MediaWiki File Download api.php Reflected injection🔒🔒
109444MediaWiki URL Escape cross site scripting [CVE-2017-8808]🔒🔒
109443D-Link DCS-936L CSRF Protection cross-site request forgery [CVE-2017-7851]
109442TIBCO JasperReports Server Server Content Cache access control🔒
109441TIBCO JasperReports Server Report Renderer Persistent cross site scripting🔒
109440Gemirro javascript: URL .gemspec Stored cross site scripting
109439GNU binutils libbfd peicode.h pe_bfd_read_buildid integer overflow🔒
109438GNU binutils libbfd coffgen.c integer overflow🔒
109437GNU binutils Overflow Protection readelf.c print_gnu_property_note integer overflow🔒
109436GNU binutils libbfd elf-properties.c bfd_elf_parse_gnu_properties out-of-bounds read🔒
109435GNU binutils dwarf.c display_debug_frames integer overflow🔒
109434GNU binutils libbfd aoutx.h aout_get_external_symbols memory corruption🔒
109433GNU binutils libbfd coffcode.h coff_slurp_line_table memory corruption🔒
109432Konversation IRC Color data processing [CVE-2017-15923]🔒🔒
109431Zeta Components Mail file.php. ezcMailMtaTransport code injection
109430Scala Compilation Daemon scalac-compile-server-port access control🔒
109429PSFTPd Configuration PSFTPd.dat credentials management
109428PSFTPd sftp use after free [CVE-2017-15271]
109427PSFTPd Graphical User Interface input validation [CVE-2017-15270]
109426PSFTPd Bounce Scan 7pk security [CVE-2017-15269]
109425Linux Kernel socket.c sctp_do_peeloff use after free🔒🔒
109424Linux Kernel USB Device legousbtower.c tower_probe null pointer dereference🔒🔒
109423Ikarus anti.virus Driver ntguard.sys input validation🔒
109422Siemens SICAM RTUs SM-2556 COM Module Integrated Web Server access control
109421Siemens SICAM RTUs SM-2556 COM Module Integrated Web Server cross site scripting
109420Siemens SICAM RTUs SM-2556 COM Module Integrated Web Server information disclosure
109419Apache Camel camel-castor deserialization [CVE-2017-12634]
109418Apache Camel camel-hessian deserialization [CVE-2017-12633]
109417Cacti unserialize(stripslashes) code injection🔒🔒
109416Livebox Configuration File 7pk security [CVE-2014-3150]
109415Cyberduck X.509 Certificate certificate validation [CVE-2014-2845]
109414CA Identity Governance Stored cross site scripting [CVE-2017-9394]
109413BlackBerry QNX Software Development Platform QNX SDP entropy
109412BlackBerry QNX Software Development Platform QNX SDP Memory information disclosure
109411Kodak InSite DiagnosticReport.asp cross site scripting
109410Google Android Thermal Driver Kernel Memory information disclosure
109409Google Android Thermal Driver out-of-bounds write [CVE-2017-6274]
109408Google Android NVIDIA GPU Driver access control [CVE-2017-6264]
109407BlackBerry QNX Software Development Platform QNX SDP memory corruption
109406BlackBerry QNX Software Development Platform QNX SDP Memory information disclosure
109405BlackBerry QNX Software Development Platform QNX SDP access control
109404b3log Symphony Admin Console cross site scripting
109403collectd SNMP Plugin snmp.c csnmp_read_table double free🔒🔒
109402Snap Creek Duplicator installer.php cross site scripting🔒
109401OpenStack Filter Scheduler access control [CVE-2017-16239]🔒🔒
109400Apache CouchDB Database Server os command injection [CVE-2017-12636]🔒🔒🔒
109399Apache CouchDB JSON Parser access control [CVE-2017-12635]🔒🔒🔒
109398Apache CXF JAX-WS/JAX-RS data processing [CVE-2017-12624]🔒
109397Oracle Fusion Middleware Tuxedo access control [CVE-2017-10278]🔒
109396Oracle Fusion Middleware Tuxedo access control [CVE-2017-10272]🔒
109395Oracle Fusion Middleware Tuxedo access control [CVE-2017-10269]🔒
109394Oracle Fusion Middleware Tuxedo information disclosure [CVE-2017-10267]🔒
109393Oracle Fusion Middleware Tuxedo information disclosure [CVE-2017-10266]🔒
109392Microsoft ASP.NET Core CORS access control [CVE-2017-8700]🔒
109391Microsoft SharePoint Enterprise Server Project Server cross-site request forgery🔒🔒
109390Microsoft Internet Explorer information disclosure [CVE-2017-11848]🔒🔒
109389Microsoft Excel memory corruption [CVE-2017-11884]🔒
109388Microsoft Office memory corruption [CVE-2017-11882]🔒🔒
109387Microsoft ASP.NET Core redirect [CVE-2017-11879]🔒🔒
109386Microsoft Excel memory corruption [CVE-2017-11878]🔒🔒
109385Microsoft Excel Security Feature Macro 7pk security🔒🔒
109384Microsoft Edge Security Feature 7pk security [CVE-2017-11874]🔒🔒
109383Microsoft Edge Security Feature 7pk security [CVE-2017-11872]🔒🔒
109382Microsoft Edge Security Feature input validation [CVE-2017-11863]🔒🔒
109381Microsoft Office/Word memory corruption [CVE-2017-11854]🔒🔒
109380Microsoft Windows GDI information disclosure [CVE-2017-11852]🔒🔒
109379Microsoft Windows Kernel Win32k information disclosure🔒🔒
109378Microsoft Windows Graphics Component information disclosure [CVE-2017-11850]🔒🔒
109377Microsoft Windows Kernel access control [CVE-2017-11847]🔒🔒
109376Microsoft Windows Kernel information disclosure [CVE-2017-11853]🔒🔒
109375Microsoft Windows Kernel information disclosure [CVE-2017-11849]🔒🔒
109374Microsoft Windows Kernel information disclosure [CVE-2017-11842]🔒🔒
109373Microsoft Internet Explorer Scripting Engine information disclosure🔒🔒
109372Microsoft Edge information disclosure [CVE-2017-11833]🔒🔒
109371Microsoft Windows EOT Font Engine information disclosure [CVE-2017-11835]🔒🔒
109370Microsoft Windows EOT Font Engine information disclosure [CVE-2017-11832]🔒🔒
109369Microsoft Windows Kernel information disclosure [CVE-2017-11880]🔒🔒
109368Microsoft Windows information disclosure [CVE-2017-11831]🔒🔒
109367Microsoft Windows Device Guard Security Feature Signature 7pk security🔒🔒
109366Microsoft Edge memory corruption [CVE-2017-11827]🔒🔒
109365Microsoft Internet Explorer memory corruption [CVE-2017-11827]🔒🔒
109364Microsoft Edge information disclosure [CVE-2017-11844]🔒🔒
109363Microsoft Edge information disclosure [CVE-2017-11803]🔒🔒
109362Microsoft Edge Scripting Engine information disclosure [CVE-2017-11791]🔒🔒
109361Microsoft Internet Explorer Scripting Engine information disclosure🔒🔒
109360Microsoft Windows Windows Search data processing [CVE-2017-11788]🔒🔒
109359Microsoft ASP.NET data processing [CVE-2017-11883]🔒🔒
109358Microsoft .NET Framework certificate validation [CVE-2017-11770]🔒
109357Microsoft Windows Windows Media Player information disclosure🔒🔒
109356Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
109355Microsoft Internet Explorer memory corruption [CVE-2017-11856]🔒🔒
109354Microsoft Internet Explorer JsArraySlice memory corruption🔒🔒
109353Microsoft Edge memory corruption [CVE-2017-11845]🔒🔒
109352Microsoft Edge Scripting Engine memory corruption [CVE-2017-11858]🔒🔒
109351Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
109350Microsoft Edge Scripting Engine memory corruption [CVE-2017-11846]🔒🔒
109349Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
109348Microsoft Edge Scripting Engine memory corruption [CVE-2017-11843]🔒🔒
109347Microsoft Edge Scripting Engine memory corruption [CVE-2017-11838]🔒🔒
109346Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
109345Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
109344Microsoft Edge Scripting Engine memory corruption [CVE-2017-11837]🔒🔒
109343Microsoft Edge Scripting Engine memory corruption [CVE-2017-11873]🔒🔒🔒
109342Microsoft Edge Scripting Engine memory corruption [CVE-2017-11871]🔒🔒
109341Microsoft Edge Chakra JIT memory corruption [CVE-2017-11870]🔒🔒
109340Microsoft Edge Scripting Engine memory corruption [CVE-2017-11866]🔒🔒
109339Microsoft Edge Scripting Engine memory corruption [CVE-2017-11862]🔒🔒
109338Microsoft Edge Scripting Engine memory corruption [CVE-2017-11861]🔒🔒
109337Microsoft Edge Chakra JIT InlineCallApplyTarget_Shared memory corruption🔒🔒
109336Microsoft Edge Chakra JIT OptTagChecks memory corruption🔒🔒
109335Microsoft Edge Chakra JIT BailOutOnTaggedValue memory corruption🔒🔒
109334Microsoft Edge Scripting Engine memory corruption [CVE-2017-11836]🔒🔒
109333Dahua NVR50XX/NVR52XX/NVR54XX/NVR58XX JSON Message improper authentication
109332Lenovo ThinkPad Realtek Audio Driver access control [CVE-2017-3767]
109331Apache Hadoop YARN Localization Stored access control🔒🔒
109330IBM Storwize V7000 Service Assistant GUI access control [CVE-2017-1710]🔒
109329Octopus cross site scripting [CVE-2017-16810]🔒
109328tcpdump print-aoe.c aoe_prin out-of-bounds read
109327Kirby Panel Content File cross site scripting [CVE-2017-16807]
109326Ulterius HTTP Server HttpServer.cs Process path traversal
109325radare2 ELF File dwarf.c out-of-bounds read
109324Redmine Reminder mailer.rb information disclosure🔒🔒
109323libav smacker.c build_table memory corruption🔒🔒
109322MISP misp.js sharingGroupPopulateOrganisations cross site scripting
109321Symantec Endpoint Encryption null pointer dereference [CVE-2017-15526]🔒
109320Symantec Endpoint Encryption resource management [CVE-2017-15525]🔒
109319IBM Security Access Manager XML Data xml external entity reference
109318IBM Security Access Manager os command injection [CVE-2017-1453]
109317Cloud Foundry DiffID Validator input validation [CVE-2017-14388]
109316Schneider Electric InduSoft Web Studio/InTouch Machine Edition memory corruption🔒
109315AutomationDirect SL-SOFT SOLO uncontrolled search path [CVE-2017-14020]
109314IBM Tivoli Endpoint Manager HSTC information disclosure [CVE-2017-1229]
109313IBM Tivoli Endpoint Manager Password Policy credentials management
109312HYPER SBI untrusted search path [CVE-2017-10885]
109311I-O DATA DEVICE LAN DISK Connect memory corruption [CVE-2017-10875]
109310NTT DOCOMO Wi-Fi STATION L-02F memory corruption [CVE-2017-10871]
109309Recurly Client .NET Library API Key server-side request forgery
109308Recurly Client Python Library API Key Resource.get server-side request forgery
109307Recurly Client Ruby Library API Key Resource#find server-side request forgery
109306private_address_check Ruby Gem Resolv.getaddresses 7pk security
109305Paperclip Ruby Gem UriAdapter server-side request forgery
109304Debian postgresql-common Symbolic Link link following [CVE-2017-8806]🔒🔒
109303Octopus Deploy Step Template Name cross site scripting [CVE-2017-16801]🔒
109302geminabox gem.erb Stored cross site scripting🔒
109301Kickbase Bundesliga Manager App id678241305 Credentials credentials management
109300iBall iB-WRA300N3GT normal access control
109299Apple watchOS Kernel information disclosure [CVE-2017-13852]🔒
109298Apple tvOS Kernel information disclosure [CVE-2017-13852]🔒
109297Apple macOS Kernel information disclosure [CVE-2017-13852]🔒
109296CMS Made Simple action.addcategory.php Stored cross site scripting🔒
109295CMS Made Simple Access Restriction action.upload.php is_file_acceptable cross site scripting🔒
109294SWFTools png.c png_load memory corruption
109293SWFTools png.c png_load memory corruption
109292Apple iOS Kernel information disclosure [CVE-2017-13852]🔒
109291Apple macOS CFNetwork memory corruption [CVE-2017-13833]🔒🔒
109290Apple macOS CFNetwork memory corruption [CVE-2017-13829]🔒
109289SWFTools png.c png_load memory corruption
109288SWFTools WAV Data wav.c wav_convert2mono memory corruption
109287Cacti host.php Reflected cross site scripting🔒🔒
109286CMS Made Simple Reflected cross site scripting [CVE-2017-16784]🔒
109285CMS Made Simple Template code injection [CVE-2017-16783]🔒
109284Home Assistant Notification Persistent cross site scripting
109283MyBB Installer cross site scripting [CVE-2017-16781]🔒
109282MyBB Installer access control [CVE-2017-16780]
109281D-Link DWR-933 gui.cgi cross site scripting
109280django_make_app YAML Parser read_yaml_file command injection
109279Confire YAML Parser yamlload command injection
109278Sanic path traversal [CVE-2017-16762]🔒🔒
109277Inedo BuildMaster redirect [CVE-2017-16761]
109276Inedo BuildMaster cross site scripting [CVE-2017-16760]
109275Inedo BuildMaster XslTransform privileges management
109274Inedo BuildMaster Event Listener access control [CVE-2017-16520]
109273Savitech Driver Package certificate validation [CVE-2017-9758]
109272NetApp Clustered Data ONTAP information disclosure [CVE-2017-5201]
109271LibreNMS Installation install.php access control
109270Ultimate Instagram Feed Plugin uif-access-token-display.php cross site scripting
109269Hola VPN 7za.exe permission
109268Bolt ProfilerListener.php access control
109267SWFTools swfbits.c swf_DefineLosslessBitsTagToImage null pointer dereference
109266Roundcube Webmail Configuration File access control [CVE-2017-16651]🔒🔒
109265Joomla CMS 2FA improper authentication [CVE-2017-16634]🔒🔒
109264Joomla CMS com_fields information disclosure [CVE-2017-16633]🔒🔒
109263Logitech Media Server radio URL cross site scripting [CVE-2017-16568]🔒
109262Logitech Media Server favorite cross site scripting [CVE-2017-16567]🔒
109261UserPro Plugin access control [CVE-2017-16562]🔒🔒
109260Debut Embedded http Server HTTP Request access control [CVE-2017-16249]🔒🔒
109259SuSEfirewall2 portmap Service access control [CVE-2017-15638]🔒
109258Avaya IP Office Contact Center ActiveX Control ViewerCtrlLib.ViewerCtrl open memory corruption
109257mkclean MKV File node.c Node_ValidatePtr null pointer dereference
109256libEBML MKV File ebmlnumber.c EBML_IntegerValue input validation
109255libEBML MKV File ebmlmaster.c UpdateDataSize input validation
109254libebml2 MKV File ebmlmain.c EBML_FindNextElement null pointer dereference
109253libEBML MKV File ebmlnumber.c ReadDataFloat input validation
109252libEBML MKV File ebmlmaster.c ReadData input validation
109251libebml2 MKV File ebmlelement.c EBML_BufferToID null pointer dereference
109250libebml2 MKV File ebmlstring.c ReadData use after free
109249mkvalidator MKV File node.c Node_GetData null pointer dereference
109248NetApp OnCommand Unified Manager for 7-mode User Interface input validation
109247Avaya IP Office SoftConsole Client memory corruption [CVE-2017-11309]
109246Cisco IOS/IOS XE Smart Install improper authentication
109245Datto Windows Agent command injection [CVE-2017-16674]
109244Datto Backup Agent Service Port 2556X information disclosure
109243iText XML Parser xml external entity reference [CVE-2017-9096]
109242Digium Asterisk pjsip Session Object memory corruption [CVE-2017-16672]🔒🔒
109241Digium Asterisk CDR Handller memory corruption [CVE-2017-16671]🔒🔒
109240GraphicsMagick wpg.c AcquireCacheNexus memory corruption🔒🔒
109239Back In Time notify-send Command os.system os command injection🔒🔒
109238RemObjects Remoting SDK soap Reflected cross site scripting
109237sam2p ReadImage integer overflow🔒
109236FRRouting BGP information disclosure [CVE-2017-15865]🔒
109235Red Hat Gluster Storage Fix CVE-2017-12163 information disclosure🔒
109234Red Hat Gluster Storage Fix CVE-2017-12151 cryptographic issues🔒
109233Red Hat Gluster Storage Fix CVE-2017-12150 information disclosure🔒
109232HPE Content Manager Workgroup Service resource consumption [CVE-2017-14360]
109231InPage Reader memory corruption [CVE-2017-12824]
109230Zoho ManageEngine ServiceDesk File Download path traversal [CVE-2017-11512]🔒
109229Zoho ManageEngine ServiceDesk File Download information disclosure🔒
109228MetalGenix GeniXCMS User.class.php sql injection [CVE-2015-3933]🔒
109227Fortinet FortiOS Reflected cross site scripting [CVE-2017-7739]🔒
109226Cacti Log clog.php information disclosure🔒🔒
109225Cacti Client-IP Header remote_agent.php access control🔒🔒
109224Gentoo assp access control
109223OwlMixin yaml Loader command injection
109222PyAnyAPI YAML Parser YAMLParser command injection
109221MLAlchemy YAML Parser parse_yaml_query command injection
109220Cesanta Mongoose WebSocket use after free [CVE-2017-2922]
109219Cesanta Mongoose WebSocket integer overflow [CVE-2017-2921]
109218Circle with Disney Notification os command injection [CVE-2017-2917]
109217Circle with Disney HTTP Request restore link following
109216Circle with Disney SSID command injection [CVE-2017-2915]
109215Circle with Disney API Daemon improper authentication [CVE-2017-2914]
109214Circle with Disney SSL Certificate Validator certificate validation
109213Circle with Disney SSL Certificate Validator certificate validation
109212Circle with Disney SSL Certificate Validator certificate validation
109211Mongoose DNS Server resource consumption [CVE-2017-2909]
109210Circle with Disney Signature Verification race condition [CVE-2017-2898]
109209Cesanta Mongoose MQTT Packet Parser out-of-bounds read [CVE-2017-2895]
109208Cesanta Mongoose MQTT Packet Parser memory corruption [CVE-2017-2894]
109207Cesanta Mongoose MQTT Packet Parser null pointer dereference
109206Cesanta Mongoose MQTT Packet Parser integer overflow [CVE-2017-2892]
109205Cesanta Mongoose HTTP Server use after free [CVE-2017-2891]
109204Circle with Disney HTTP Request restore os command injection
109203Circle with Disney apid Daemon resource consumption [CVE-2017-2889]
109202Circle with Disney API Call Brick resource consumption
109201Circle with Disney Database Update access control [CVE-2017-2883]
109200Circle with Disney Server Update input validation [CVE-2017-2882]
109199Circle with Disney Torlist Update input validation [CVE-2017-2881]
109198Circle with Disney HTTP Packet backup os command injection
109197Circle with Disney Firmware Update command injection [CVE-2017-2865]
109196Circle with Disney Auth Token improper authentication [CVE-2017-2864]
109195Linux Kernel USB Device qmi_wwan.c qmi_wwan_bind divide by zero🔒🔒
109194Linux Kernel USB Device cdc_ether.c usbnet_generic_cdc_bind divide by zero🔒🔒
109193Linux Kernel USB Device dvb_frontend.c dvb_frontend_free use after free🔒
109192Linux Kernel USB Device asix_devices.c null pointer dereference🔒🔒
109191Linux Kernel USB Device dib0700_devices.c null pointer dereference🔒🔒
109190Linux Kernel ims-pcu.c ims_pcu_get_cdc_union_desc out-of-bounds read🔒🔒
109189Linux Kernel USB Device hdpvr-core.c hdpvr_probe 7pk error🔒🔒
109188Linux Kernel gtco.c parse_hid_report_descriptor out-of-bounds read🔒🔒
109187PHP Date Extension parse_date.c php_parse_date out-of-bounds read🔒🔒
109186Cacti Settings rrd.php os command injection🔒🔒
109185Ingenious School Management System friend_profile.php Time-Based sql injection
109184Synology CardDAV Server principals credentials management
109183Circle with Disney WiFi Management access control [CVE-2017-12096]
109182Circle with Disney WiFi Channel Parser command injection [CVE-2017-12094]
109181Circle with Disney Cloud Infrastructure Routing 7pk security
109180Circle with Disney API Call access control [CVE-2017-12084]
109179Circle with Disney apid Daemon information disclosure [CVE-2017-12083]
109178Kabona AB WebDatorCentral Password Storage credentials management
109177Net::Ping::External Argument command injection [CVE-2008-7319]🔒🔒
109176NetIQ iManager Reflected cross site scripting [CVE-2017-7425]
109175Symantec Endpoint Protection Real Time Protection UI access control🔒🔒
109174Gentoo vde access control [CVE-2017-16638]🔒
109173Vectura Perfect Privacy VPN Manager input validation [CVE-2017-16637]
109172Bludit Persistent cross site scripting [CVE-2017-16636]
109171TinyWebGallery cross site scripting [CVE-2017-16635]
109170KeystoneJS CSRF Prevention cross-site request forgery [CVE-2017-16570]
109169Zurmo createMeeting redirect
109168Vonage HT802 login cross-site request forgery
109167Vonage HT802 config2 Stored cross site scripting
109166Vonage HT802 Basic Settings update cross-site request forgery
109165Samsung SRN-1670D Web Viewer network_ssl_upload.php unrestricted upload🔒
109164Hashicorp Vagrant VMware Fusion Plugin Plugin Update Process access control
109163FFmpeg ffv1dec.c read_header out-of-bounds read🔒🔒
109162Linux Kernel powerpc.c kvm_vm_ioctl_check_extension null pointer dereference🔒🔒
109161Zurmo data URL createMeeting cross site scripting
109159Trihedral VTScada uncontrolled search path [CVE-2017-14029]
109158ABB Fox515T File input validation [CVE-2017-14025]
109157Siemens SIMATIC PCS 7 DCOM Interface input validation [CVE-2017-14023]
109156Advantech WebAccess memory corruption [CVE-2017-14016]
109155Symantec Endpoint Protection File System access control [CVE-2017-13681]🔒🔒
109154Symantec Endpoint Protection UI File access control🔒🔒
109153Advantech WebAccess null pointer dereference [CVE-2017-12719]
109152TRITON AP-EMAIL File Access input validation [CVE-2017-11177]
109151Taxonomy Find Module cross site scripting [CVE-2015-7878]
109150rsync xattrs.c receive_xattr memory corruption🔒🔒
109149GraphicsMagick render.c DrawImage input validation🔒
109148ImageMagick WPG Image wpg.c ReadWPGImage memory corruption🔒🔒
109147GraphicsMagick WPG Image wpg.c ReadWPGImage null pointer dereference🔒🔒
109146Zoho ManageEngine Applications Manager sql injection🔒
109145Zoho ManageEngine Applications Manager sql injection🔒
109144Tor Browser file URI information disclosure [CVE-2017-16541]🔒🔒
109143OpenEMR Cloning setup.php information disclosure🔒
109142Docker Moby defaults.go DefaultLinuxSpec Data Loss information disclosure🔒🔒
109141Linux Kernel lmedm04.c input validation🔒🔒
109140Linux Kernel imon.c imon_probe null pointer dereference🔒🔒
109139Linux Kernel cx231xx-cards.c cx231xx_usb_probe null pointer dereference🔒🔒
109138Linux Kernel config.c usb_get_bos_descriptor out-of-bounds read🔒🔒
109137Linux Kernel message.c cdc_parse_cdc_header memory corruption🔒🔒
109136Linux Kernel hid-core.c usbhid_parse out-of-bounds read🔒🔒
109135Linux Kernel usbtest.c get_endpoints null pointer dereference🔒🔒
109134Linux Kernel config.c memory corruption🔒🔒
109133Linux Kernel uas-detect.h out-of-bounds read🔒🔒
109132Linux Kernel card.c snd_usb_create_streams out-of-bounds read🔒🔒
109131Linux Kernel seq_device.c use after free🔒🔒
109130Linux Kernel mixer.c use after free🔒🔒
109129Linux Kernel uwbd.c memory corruption🔒🔒
109128Linux Kernel console.c usb_serial_console_disconnect use after free🔒🔒
109127MitraStar GPT-2541GNAC/DSL-100HN-T1 credentials management [CVE-2017-16523]
109126MitraStar GPT-2541GNAC/DSL-100HN-T1 sh access control
109125yajl-ruby gem yajl_encode.c format string🔒
109124Ipswitch WS_FTP Pro Search memory corruption [CVE-2017-16513]🔒
109123HPE Performance Center cross site scripting [CVE-2017-14359]
109122Mobile Access Access Log Password log file
109121Mahara Log Password information disclosure
109120Mahara Configuration Page access control [CVE-2017-1000156]
109119Mahara Profile Picture information disclosure [CVE-2017-1000155]
109118Mahara improper authentication [CVE-2017-1000154]
109117Mahara Password Reset Link access control [CVE-2017-1000153]
109116Mahara Session access control [CVE-2017-1000152]
109115Mahara Error Log Password information disclosure
109114Mahara Session session fixiation [CVE-2017-1000150]
109113Mahara cross site scripting [CVE-2017-1000149]
109112Mahara XML File unserialize code injection
109111Mahara cross-site request forgery [CVE-2017-1000147]
109110Mahara Portfolio Page cross site scripting [CVE-2017-1000146]
109109Mahara Comment access control [CVE-2017-1000145]
109108Mahara Institution Display Name cross site scripting [CVE-2017-1000144]
109107Mahara Watchlist Notification information disclosure [CVE-2017-1000143]
109106Mahara URL access control [CVE-2017-1000142]
109105Mahara XML File cross site scripting [CVE-2017-1000140]
109104Mahara server-side request forgery [CVE-2017-1000139]
109103Mahara Drag/Drop cross site scripting [CVE-2017-1000138]
109102Mahara Drag/Drop cross site scripting [CVE-2017-1000137]
109101Mahara Session session expiration [CVE-2017-1000136]
109100Mahara Session session expiration [CVE-2017-1000135]
109099Mahara Permission access control [CVE-2017-1000134]
109098Mahara Export information disclosure [CVE-2017-1000133]
109097Mahara SWF File cross site scripting [CVE-2017-1000132]
109096Mahara MNet SSO API credentials management [CVE-2017-1000131]
109095Apple iOS Wi-Fi KRACK random values🔒🔒
109094Apple iOS WebKit memory corruption [CVE-2017-13803]🔒🔒
109093Apple iOS WebKit memory corruption [CVE-2017-13802]🔒🔒
109092Apple iOS WebKit memory corruption [CVE-2017-13798]🔒🔒
109091Apple iOS WebKit memory corruption [CVE-2017-13797]🔒
109090Apple iOS WebKit memory corruption [CVE-2017-13796]🔒🔒
109089Apple iOS WebKit memory corruption [CVE-2017-13795]🔒🔒
109088Apple iOS WebKit memory corruption [CVE-2017-13794]🔒🔒
109087Apple iOS WebKit memory corruption [CVE-2017-13793]🔒🔒
109086Apple iOS WebKit memory corruption [CVE-2017-13792]🔒🔒
109085Apple iOS WebKit memory corruption [CVE-2017-13791]🔒🔒
109084Apple iOS WebKit memory corruption [CVE-2017-13788]🔒🔒
109083Apple iOS WebKit memory corruption [CVE-2017-13785]🔒🔒
109082Apple iOS WebKit memory corruption [CVE-2017-13784]🔒🔒
109081Apple iOS WebKit memory corruption [CVE-2017-13783]🔒🔒
109080Apple iOS UIKit information disclosure [CVE-2017-7113]
109079Apple iOS StreamingZip input validation [CVE-2017-13804]🔒🔒
109078Apple iOS Siri information disclosure [CVE-2017-13805]
109077Apple iOS Messages information disclosure [CVE-2017-13844]🔒🔒
109076Apple iOS Kernel memory corruption [CVE-2017-13799]🔒🔒
109075Apple iOS CoreText input validation [CVE-2017-13849]🔒
109074Apple macOS Wi-Fi KRACK 7pk security🔒🔒
109073Apple macOS Wi-Fi 7pk security [CVE-2017-13078]🔒🔒
109072Apple macOS Wi-Fi 7pk security [CVE-2017-13077]🔒🔒
109071Apple macOS tcpdump memory corruption [CVE-2017-13725]🔒🔒
109070Apple macOS tcpdump memory corruption [CVE-2017-13690]🔒🔒
109069Apple macOS tcpdump memory corruption [CVE-2017-13689]🔒🔒
109068Apple macOS tcpdump memory corruption [CVE-2017-13688]🔒🔒
109067Apple macOS tcpdump memory corruption [CVE-2017-13687]🔒🔒
109066Apple macOS tcpdump memory corruption [CVE-2017-13055]🔒🔒
109065Apple macOS tcpdump memory corruption [CVE-2017-13054]🔒🔒
109064Apple macOS tcpdump memory corruption [CVE-2017-13053]🔒🔒
109063Apple macOS tcpdump memory corruption [CVE-2017-13052]🔒🔒
109062Apple macOS tcpdump memory corruption [CVE-2017-13051]🔒🔒
109061Apple macOS tcpdump memory corruption [CVE-2017-13050]🔒🔒
109060Apple macOS tcpdump memory corruption [CVE-2017-13049]🔒🔒
109059Apple macOS tcpdump memory corruption [CVE-2017-13048]🔒🔒
109058Apple macOS tcpdump memory corruption [CVE-2017-13047]🔒🔒
109057Apple macOS tcpdump memory corruption [CVE-2017-13046]🔒🔒
109056Apple macOS tcpdump memory corruption [CVE-2017-13045]🔒🔒
109055Apple macOS tcpdump memory corruption [CVE-2017-13044]🔒🔒
109054Apple macOS tcpdump memory corruption [CVE-2017-13043]🔒🔒
109053Apple macOS tcpdump memory corruption [CVE-2017-13042]🔒🔒
109052Apple macOS tcpdump memory corruption [CVE-2017-13041]🔒🔒
109051Apple macOS tcpdump memory corruption [CVE-2017-13040]🔒🔒
109050Apple macOS tcpdump memory corruption [CVE-2017-13039]🔒🔒
109049Apple macOS tcpdump memory corruption [CVE-2017-13038]🔒🔒
109048Apple macOS tcpdump memory corruption [CVE-2017-13037]🔒🔒
109047Apple macOS tcpdump memory corruption [CVE-2017-13036]🔒🔒
109046Apple macOS tcpdump memory corruption [CVE-2017-13035]🔒🔒
109045Apple macOS tcpdump memory corruption [CVE-2017-13034]🔒🔒
109044Apple macOS tcpdump memory corruption [CVE-2017-13033]🔒🔒
109043Apple macOS tcpdump memory corruption [CVE-2017-13032]🔒🔒
109042Apple macOS tcpdump memory corruption [CVE-2017-13031]🔒🔒
109041Apple macOS tcpdump memory corruption [CVE-2017-13030]🔒🔒
109040Apple macOS tcpdump memory corruption [CVE-2017-13029]🔒🔒
109039Apple macOS tcpdump memory corruption [CVE-2017-13028]🔒🔒
109038Apple macOS tcpdump memory corruption [CVE-2017-13027]🔒🔒
109037Apple macOS tcpdump memory corruption [CVE-2017-13026]🔒🔒
109036Apple macOS tcpdump memory corruption [CVE-2017-13025]🔒🔒
109035Apple macOS tcpdump memory corruption [CVE-2017-13024]🔒🔒
109034Apple macOS tcpdump memory corruption [CVE-2017-13023]🔒🔒
109033Apple macOS tcpdump memory corruption [CVE-2017-13022]🔒🔒
109032Apple macOS tcpdump memory corruption [CVE-2017-13021]🔒🔒
109031Apple macOS tcpdump memory corruption [CVE-2017-13020]🔒🔒
109030Apple macOS tcpdump memory corruption [CVE-2017-13019]🔒🔒
109029Apple macOS tcpdump memory corruption [CVE-2017-13018]🔒🔒
109028Apple macOS tcpdump memory corruption [CVE-2017-13017]🔒🔒
109027Apple macOS tcpdump memory corruption [CVE-2017-13016]🔒🔒
109026Apple macOS tcpdump memory corruption [CVE-2017-13015]🔒🔒
109025Apple macOS tcpdump memory corruption [CVE-2017-13014]🔒🔒
109024Apple macOS tcpdump memory corruption [CVE-2017-13013]🔒🔒
109023Apple macOS tcpdump memory corruption [CVE-2017-13012]🔒🔒
109022Apple macOS tcpdump memory corruption [CVE-2017-13011]🔒🔒
109021Apple macOS tcpdump memory corruption [CVE-2017-13010]🔒🔒
109020Apple macOS tcpdump memory corruption [CVE-2017-13009]🔒🔒
109019Apple macOS tcpdump memory corruption [CVE-2017-13008]🔒🔒
109018Apple macOS tcpdump memory corruption [CVE-2017-13007]🔒🔒
109017Apple macOS tcpdump memory corruption [CVE-2017-13006]🔒🔒
109016Apple macOS tcpdump memory corruption [CVE-2017-13005]🔒🔒
109015Apple macOS tcpdump memory corruption [CVE-2017-13004]🔒🔒
109014Apple macOS tcpdump memory corruption [CVE-2017-13003]🔒🔒
109013Apple macOS tcpdump memory corruption [CVE-2017-13002]🔒🔒
109012Apple macOS tcpdump memory corruption [CVE-2017-13001]🔒🔒
109011Apple macOS tcpdump memory corruption [CVE-2017-13000]🔒🔒
109010Apple macOS tcpdump memory corruption [CVE-2017-12999]🔒🔒
109009Apple macOS tcpdump memory corruption [CVE-2017-12998]🔒🔒
109008Apple macOS tcpdump resource management [CVE-2017-12997]🔒🔒
109007Apple macOS tcpdump memory corruption [CVE-2017-12996]🔒🔒
109006Apple macOS tcpdump resource management [CVE-2017-12995]🔒🔒
109005Apple macOS tcpdump memory corruption [CVE-2017-12994]🔒🔒
109004Apple macOS tcpdump memory corruption [CVE-2017-12993]🔒🔒
109003Apple macOS tcpdump memory corruption [CVE-2017-12992]🔒🔒
109002Apple macOS tcpdump memory corruption [CVE-2017-12991]🔒🔒
109001Apple macOS tcpdump resource management [CVE-2017-12990]🔒🔒
109000Apple macOS tcpdump resource management [CVE-2017-12989]🔒🔒
108999Apple macOS tcpdump memory corruption [CVE-2017-12988]🔒🔒
108998Apple macOS tcpdump memory corruption [CVE-2017-12987]🔒🔒
108997Apple macOS tcpdump memory corruption [CVE-2017-12986]🔒🔒
108996Apple macOS tcpdump memory corruption [CVE-2017-12985]🔒🔒
108995Apple macOS tcpdump memory corruption [CVE-2017-12902]🔒🔒
108994Apple macOS tcpdump memory corruption [CVE-2017-12901]🔒🔒
108993Apple macOS tcpdump memory corruption [CVE-2017-12900]🔒🔒
108992Apple macOS tcpdump memory corruption [CVE-2017-12899]🔒🔒
108991Apple macOS tcpdump memory corruption [CVE-2017-12898]🔒🔒
108990Apple macOS tcpdump memory corruption [CVE-2017-12897]🔒🔒
108989Apple macOS tcpdump memory corruption [CVE-2017-12896]🔒🔒
108988Apple macOS tcpdump memory corruption [CVE-2017-12895]🔒🔒
108987Apple macOS tcpdump memory corruption [CVE-2017-12894]🔒🔒
108986Apple macOS tcpdump memory corruption [CVE-2017-12893]🔒🔒
108985Apple macOS tcpdump memory corruption [CVE-2017-11543]🔒🔒
108984Apple macOS tcpdump memory corruption [CVE-2017-11542]🔒🔒
108983Apple macOS tcpdump memory corruption [CVE-2017-11541]🔒🔒
108982Apple macOS tcpdump memory corruption [CVE-2017-11108]🔒🔒
108981Apple macOS StreamingZip input validation [CVE-2017-13804]🔒🔒
108980Apple macOS Sandbox memory corruption [CVE-2017-13838]🔒🔒
108979Apple macOS Remote Management memory corruption [CVE-2017-13808]🔒🔒
108978Apple macOS QuickTime Memory information disclosure🔒🔒
108977Apple macOS Quick Look resource consumption [CVE-2017-7132]🔒🔒
108976Apple macOS Quick Look Memory information disclosure🔒🔒
108975Apple macOS Postfix Remote Code Execution [CVE-2017-13826]🔒🔒
108974Apple macOS PCRE denial of service [CVE-2017-13846]🔒🔒
108973Apple macOS Open Scripting Architecture memory corruption [CVE-2017-13824]🔒🔒
108972Apple macOS libarchive memory corruption [CVE-2016-4736]🔒🔒
108971Apple macOS libarchive memory corruption [CVE-2017-13812]🔒🔒
108970Apple macOS libarchive memory corruption [CVE-2017-13816]🔒🔒
108969Apple macOS libarchive memory corruption [CVE-2017-13813]🔒🔒
108968Apple macOS Kernel memory corruption [CVE-2017-13799]🔒🔒
108967Apple macOS Kernel memory corruption [CVE-2017-13834]🔒🔒
108966Apple macOS Kernel memory corruption [CVE-2017-13843]🔒🔒
108965Apple macOS Kernel information disclosure [CVE-2017-13782]🔒🔒
108964Apple macOS Kernel information disclosure [CVE-2017-13842]🔒🔒
108963Apple macOS Kernel information disclosure [CVE-2017-13840]🔒🔒
108962Apple macOS Kernel information disclosure [CVE-2017-13841]🔒🔒
108961Apple macOS Kernel information disclosure [CVE-2017-13836]🔒🔒
108960Apple macOS Kernel information disclosure [CVE-2017-13818]🔒🔒
108959Apple macOS Kernel out-of-bounds read [CVE-2017-13817]🔒🔒
108958Apple macOS Kernel information disclosure [CVE-2017-13810]🔒🔒
108957Apple macOS ImageIO information disclosure [CVE-2017-13831]🔒🔒
108956Apple macOS ImageIO memory corruption [CVE-2017-13814]🔒🔒
108955Apple macOS HelpViewer cross site scripting [CVE-2017-13819]🔒🔒
108954Apple macOS Heimdal insufficient verification of data authenticity🔒🔒
108953Apple macOS HFS memory corruption [CVE-2017-13830]🔒🔒
108952Apple macOS fsck_msdos memory corruption [CVE-2017-13811]🔒🔒
108951Apple macOS Fonts state issue [CVE-2017-13828]🔒🔒
108950Apple macOS file denial of service [CVE-2017-13815]🔒🔒
108949Apple macOS Dictionary Widget information disclosure [CVE-2017-13801]🔒🔒
108948Apple macOS curl memory corruption [CVE-2017-1000101]🔒🔒
108947Apple macOS curl information disclosure [CVE-2017-1000100]🔒🔒
108946Apple macOS CoreText resource consumption [CVE-2017-13825]🔒🔒
108945Apple macOS CFString Memory information disclosure🔒🔒
108944Apple macOS Audio input validation [CVE-2017-13807]🔒🔒
108943Apple macOS ATS memory corruption [CVE-2017-13820]🔒🔒
108942Apple macOS AppleScript input validation [CVE-2017-13809]🔒🔒
108941Apple macOS APFS memory corruption [CVE-2017-13800]🔒🔒
108940Apple macOS APFS information disclosure [CVE-2017-13786]🔒🔒
108939Apple macOS apache use after free [CVE-2017-9789]🔒🔒
108938Apple macOS apache input validation [CVE-2017-9788]🔒🔒
108937Apple macOS apache memory corruption [CVE-2017-7679]🔒🔒
108936Apple macOS apache input validation [CVE-2017-7668]🔒🔒
108935Apple macOS apache null pointer dereference [CVE-2017-7659]🔒🔒
108934Apple macOS apache null pointer dereference [CVE-2017-3169]🔒🔒
108933Apple macOS apache improper authentication [CVE-2017-3167]🔒🔒
108932Apple macOS apache data processing [CVE-2016-8743]🔒🔒
108931Apple macOS apache input validation [CVE-2016-8740]🔒🔒
108930Apple macOS apache access control [CVE-2016-5387]🔒🔒🔒
108929Apple macOS apache input validation [CVE-2016-2161]🔒🔒
108928Apple macOS apache Local Privilege Escalation
108927Apple macOS 802.1X sql injection [CVE-2017-13832]🔒🔒
108926Apple Safari WebKit memory corruption [CVE-2017-13803]🔒🔒
108925Apple Safari WebKit memory corruption [CVE-2017-13802]🔒🔒
108924Apple Safari WebKit memory corruption [CVE-2017-13798]🔒🔒
108923Apple Safari WebKit memory corruption [CVE-2017-13797]🔒
108922Apple Safari WebKit memory corruption [CVE-2017-13796]🔒🔒
108921Apple Safari WebKit memory corruption [CVE-2017-13795]🔒🔒
108920Apple Safari WebKit memory corruption [CVE-2017-13794]🔒🔒
108919Apple Safari WebKit memory corruption [CVE-2017-13793]🔒🔒
108918Apple Safari WebKit memory corruption [CVE-2017-13792]🔒🔒
108917Apple Safari WebKit memory corruption [CVE-2017-13791]🔒🔒
108916Apple Safari WebKit memory corruption [CVE-2017-13788]🔒🔒
108915Apple Safari WebKit memory corruption [CVE-2017-13785]🔒🔒
108914Apple Safari WebKit memory corruption [CVE-2017-13784]🔒🔒
108913Apple Safari WebKit memory corruption [CVE-2017-13783]🔒🔒
108912Apple Safari Address Bar input validation [CVE-2017-13789]🔒🔒
108911Apple Safari Address Bar input validation [CVE-2017-13790]🔒🔒
108910VirIT eXplorer Anti-Virus Driver VIAGLT64.SYS input validation
108909OpenSSL x86_64 Montgomery Squaring bn_sqrx8x_internal information disclosure🔒🔒
108908WordPress wpdb->prepare sql injection🔒🔒
108907Cisco WebEx Meetings Server HTTP Header Reply information disclosure
108906Cisco WebEx Meetings Server Web Interface cross site scripting
108905Cisco Aironet PAF memory corruption [CVE-2017-12283]🔒
108904Cisco Wireless LAN Controller ANQP memory corruption [CVE-2017-12282]🔒
108903Cisco Aironet PEAP improper authentication [CVE-2017-12281]🔒
108902Cisco Wireless LAN Controller CAPWAP memory corruption [CVE-2017-12280]🔒
108901Cisco IOS Packet Memory information disclosure
108900Cisco Wireless LAN Controller SNMP resource management [CVE-2017-12278]🔒
108899Cisco Firepower 4100/Firepower 9300 Smart Licensing Manager command injection
108898Cisco Prime Collaboration Provisioning SQL Database Interface input validation🔒
108897Cisco Wireless LAN Controller 802.11v input validation [CVE-2017-12275]🔒
108896Cisco Aironet EAP input validation [CVE-2017-12274]🔒
108895Cisco Aironet RF input validation [CVE-2017-12273]🔒
108894Cisco Application Policy Infrastructure Controller Enterprise Module Firewall Configuration access control🔒
108893Cisco Identity Services Engine SSH access control [CVE-2017-12261]🔒
108892Cisco Firepower 9300 command injection [CVE-2017-12243]
108891Tenable SecurityCenter sql injection [CVE-2017-11508]🔒
108890OpenAM SAML 2.0IdP improper authentication [CVE-2017-10873]
108889Rakuraku Hagaki/Ichitaro memory corruption [CVE-2017-10870]
108888Flets Easy Setup Tool untrusted search path [CVE-2017-10825]
108887radare elf.c store_versioninfo_gnu_verdef null pointer dereference
108886radare bin.c string_scan_range out-of-bounds read
108885radare Size Validation elf.c store_versioninfo_gnu_verdef memory corruption
108884GraphicsMagick describe.c DescribeImage out-of-bounds read🔒🔒
108883GraphicsMagick describe.c DescribeImage memory corruption🔒
108882Sera access control [CVE-2017-15918]
108881SchedMD Slurm access control [CVE-2017-15566]🔒🔒
108880IBM InfoSphere BigInsights cross site scripting [CVE-2017-1554]
108879IBM InfoSphere BigInsights Web UI cross site scripting [CVE-2017-1553]
108878IBM InfoSphere BigInsights Link cross site scripting [CVE-2017-1552]
108877Docker-CE Content Verification input validation [CVE-2017-14992]🔒🔒
108876IBM Jazz Reporting Service Report Builder information disclosure
108875IBM OpenPages GRC Platform Web UI information disclosure [CVE-2017-1333]
108874IBM OpenPages GRC Platform Web UI cross-site request forgery
108873IBM OpenPages GRC Platform Web UI cross site scripting [CVE-2017-1290]
108872Apache Hive Policy Enforcement information disclosure [CVE-2017-12625]
108871IBM OpenPages GRC Platform Private API information disclosure
108870IBM OpenPages GRC Platform Web UI cross site scripting [CVE-2017-1147]
108869Pluxml Stored cross site scripting [CVE-2017-1001001]
108868SSH Plugin Configuration File Password credentials management
108867Favorite Plugin cross-site request forgery [CVE-2017-1000244]
108866Favorite Plugin Permission Check permission [CVE-2017-1000243]
108865Git Client Plugin Temp File information disclosure [CVE-2017-1000242]
108864WebKit/WebkitGTK+ UNIX IPC Layer input validation [CVE-2017-1000122]🔒
108863WebKit/WebkitGTK+ UNIX IPC Layer integer overflow [CVE-2017-1000121]🔒
108862IBM OpenPages GRC Platform Web UI cross site scripting [CVE-2016-3048]
108861Intel McAfee Network Data Loss Prevention Response Body information disclosure
108860Intel McAfee Network Data Loss Prevention Webserver information disclosure
108859Intel McAfee Network Data Loss Prevention XSS cross site scripting
108858Catalyst-Plugin-Static-Simple Module information disclosure [CVE-2017-16248]🔒🔒
108857October CMS cross-site request forgery [CVE-2017-16244]
108856Flexense SyncBreeze Enterprise memory corruption [CVE-2017-15950]
108855Hashicorp Vagrant VMware Fusion Plugin Update Process access control
108854MongoDB networkMessageCompressors memory corruption🔒🔒
108853Mahara cross site scripting [CVE-2017-15273]
108852Mahara cross site scripting [CVE-2017-14752]
108851EMC AppSync Server hard-coded credentials [CVE-2017-14376]
108850EMC Unisphere for VMAX Virtual Appliance access control [CVE-2017-14375]🔒
108849HP ArcSight ESM/ArcSight ESM Express redirect [CVE-2017-14358]🔒
108848HP ArcSight ESM/ArcSight ESM Express Reflected cross site scripting🔒
108847HP ArcSight ESM/ArcSight ESM Express sql injection [CVE-2017-14356]🔒
108846TP-LINK TL-WR741N/TL-WR741ND input validation [CVE-2017-14250]
108845Mahara Reuse access control [CVE-2017-14163]
108844Korenix JetNet hard-coded credentials [CVE-2017-14027]
108843Korenix JetNet hard-coded credentials [CVE-2017-14021]
108842BitDefender Internet Security 2018 pdf.xmd integer overflow
108841Foxit Reader gotoURL command injection🔒
108840Foxit Reader app.execMenuItem use after free🔒🔒
108839Foxit Reader print use after free🔒🔒
108838Foxit Reader setItem use after free🔒🔒
108837Foxit Reader app.alert use after free🔒🔒
108836Foxit Reader ObjStm Object Parser information disclosure [CVE-2017-10944]🔒🔒
108835Foxit Reader PDF File information disclosure [CVE-2017-10943]🔒🔒
108834Foxit Reader PDF File information disclosure [CVE-2017-10942]🔒🔒
108833Foxit Reader AFParseDateEx use after free🔒🔒
108832Joyent Smart Data Center Docker API unrestricted upload [CVE-2017-10940]
108831GNU Emacs Backup Save File Permission information disclosure
108830VIM Swap File Permission information disclosure🔒
108829libvirt SSL/TLS Certificate Validator certificate validation🔒🔒
108828Blue Coat ProxySG access control [CVE-2016-9097]🔒
108827Zomato Clone Script restaurant-menu.php sql injection
108826Website Broker Script status_list.php sql injection
108825Vastal I-tech Agent Zone searchCommercial.php sql injection
108824Php Inventory / Invoice Management System unrestricted upload
108823Online Exam Test Application resources.php sql injection
108822Nice PHP FAQ Script index.php sql injection
108821Fake Magazine Cover Script rate.php sql injection
108820CPA Lead Reward Script sql injection [CVE-2017-15986]
108819Basic B2B Script product_view1.php sql injection
108818Creative Management System CMS index.php sql injection
108817MyMagazine Magazine / Blog CMS admin_process.php sql injection
108816Dynamic News Magazine / Blog CMS admin_process.php sql injection
108815Responsive Newspaper Magazine / Blog CMS admin_process.php sql injection
108814US Zip Codes Database Script sql injection [CVE-2017-15980]
108813Shareet Photo Sharing Social Network sql injection [CVE-2017-15979]
108812AROX School ERP PHP Script sql injection [CVE-2017-15978]
108811Protected Links Expiring Download Links sql injection [CVE-2017-15977]
108810D-Link DSL-2740E Persistent cross site scripting [CVE-2016-10699]
108809Progress OpenEdge Service Port 20931 access control [CVE-2015-9245]
108808Amazon AWS CloudFormation Bootstrap Tools access control [CVE-2017-9450]🔒
108807Barco ClickShare Base Unit Web API command injection [CVE-2017-9377]
108806Enalean Tuleap REST API getRecentElements code injection🔒
108805Typecho write-post.php cross site scripting
108804Watchdog Anti-Malware/Online Security Pro Driver zam32.sys null pointer dereference
108803Watchdog Anti-Malware/Online Security Pro Driver zam32.sys null pointer dereference
108802Synology Audio Station Custom Internet Radio List cross site scripting
108801Node.js zlib input validation [CVE-2017-14919]🔒🔒
108800Barco ClickShare CSM-1 cross site scripting [CVE-2017-12460]
108799Oracle Fusion Middleware access control [CVE-2017-10151]🔒🔒
108798Linux Kernel out-of-bounds write [CVE-2017-1000255]🔒🔒
108797Apache Struts TextParseUtiltranslateVariables input validation🔒🔒
108796QEMU MSI-X MMIO msix.c write null pointer dereference🔒🔒
108795Apache Traffic Server HTTP2 set_dynamic_table_size memory corruption🔒🔒
108794Apache WSS4J Incomplete Fix Leak risky encryption🔒
108793Apache Qpid qpidd data processing [CVE-2015-0224]🔒🔒
108792Apache Traffic Server Access Restriction access control [CVE-2014-3624]🔒
108791Apache Wicket Session information disclosure [CVE-2014-3526]🔒
108790Apache Storm Log Viewer path traversal [CVE-2014-0115]
108789Apache Cordova In-App-Browser Standalone Plugin CDVInAppBrowser access control
108788Apache Cordova File-Transfer Standalone Plugin CDVFileTransfer.m input validation
108787Apache HttpClient input validation
108786Apache Wicket script Tag cross site scripting [CVE-2012-5636]🔒
108785EPiServer Ektron CMS XSLTCompiledTransform data processing
108784EPiServer Ektron CMS XSL Data ekajaxtransform.aspx XslCompiledTransform data processing🔒🔒
108783Apache Hadoop Kerberos Security Feature Key risky encryption🔒
108782Apache Xerces2 XML Service resource management [CVE-2012-0881]🔒
108781Apache jUDDI happyjuddi.jsp cross site scripting
108780Apache jUDDI Log File uddiget.jsp input validation
108779Dulwich SSH Subprocess command injection [CVE-2017-16228]🔒🔒
108778Quagga bgp_aspath.c aspath_put input validation🔒🔒
108777EyesOfNetwork Web Interface index.php sql injection
108776NQ Contacts Backup / Restore SHA-1 Hash information disclosure
108775NQ Contacts Backup / Restore DES Encryption key management [CVE-2017-15998]
108774NQ Contacts Backup / Restore RC4 Encryption Stored key management
108773GNU binutils readelf elfcomm.c memory corruption🔒
108772Linux Kernel waitid privileges management🔒🔒
108771rsync Checksum access control [CVE-2017-15994]
108770ZeeBuddy editadgroup.php sql injection
108769Vastal I-tech Dating Zone add_to_cart.php sql injection
108768tPanel login.php sql injection
108767Sokial Social Network Script members_view.php sql injection
108766SoftDatepro Dating Social Network viewprofile.php sql injection
108765Same Sex Dating Software Pro viewprofile.php sql injection
108764PHP CityPortal index.php sql injection
108763PG All Share Video tag sql injection
108762MyBuilder Clone phpsqlsearch_genxml.php sql injection
108761Mailing List Manager Pro users sql injection
108760Zh YandexMap index.php sql injection
108759NS Download Shop invoice.create sql injection
108758Job Board Script Softwar job-details sql injection
108757Itech Gigs Script browse-scategory.php sql injection
108756iStock Management System profile unrestricted upload
108755iProject Management System index.php sql injection
108754Article Directory Script author.php sql injection
108753Adult Script Pro download sql injection
108752D-Park Pro Domain Parking Script loginform.php sql injection
108751Ingenious School Management System my_profile.php unrestricted upload
108750ConverTo Video Downloader / Converter download.php input validation
108749bchunk CUE File null pointer dereference [CVE-2017-15955]🔒🔒
108748bchunk CUE File memory corruption [CVE-2017-15954]🔒🔒
108747bchunk CUE File memory corruption [CVE-2017-15953]🔒🔒
108746Linux Kernel traps.c altivec_unavailable_exception data processing
108745HPE RSA Authentication Manager cross site scripting [CVE-2017-14373]🔒
108744HPE Intelligent Management Center PLAT deserialization [CVE-2017-8967]🔒
108743HPE Intelligent Management Center PLAT deserialization [CVE-2017-8966]🔒
108742HPE Intelligent Management Center PLAT deserialization [CVE-2017-8965]🔒
108741HPE Intelligent Management Center PLAT deserialization [CVE-2017-8964]🔒
108740HPE Intelligent Management Center PLAT deserialization [CVE-2017-8963]🔒
108739HPE Intelligent Management Center PLAT deserialization [CVE-2017-8962]🔒
108738Fortinet FortiOS WebUI cross site scripting [CVE-2017-7733]🔒
108737F5 BIG-IP Traffic Management Microkernel memory corruption [CVE-2017-6163]🔒
108736F5 BIG-IP Traffic Management Microkernel memory corruption [CVE-2017-6162]🔒
108735F5 BIG-IP TLS Protection resource consumption [CVE-2017-6161]🔒
108734F5 BIG-IP Traffic Management Microkernel resource management🔒
108733F5 BIG-IP MPTCP resource management [CVE-2017-6159]🔒
108732F5 BIG-IP HTTP Proxy/SOCKS command injection [CVE-2017-6157]🔒
108731Linux Kernel KEYS Subsystem input validation [CVE-2017-15951]🔒🔒
108730Xavier PHP Management Panel adminuseredit.php sql injection
108729Perch Content Management System cross site scripting [CVE-2017-15948]
108728Simple ASC Content Management System guestbook.asp sign cross site scripting
108727com_tag index.php request sql injection
108726Gentoo dev-db Installation access control [CVE-2017-15945]🔒
108725GNU binutils Incomplete Fix dwarf2.c null pointer dereference🔒
108724GNU binutils libbfd dwarf2.c memory corruption🔒
108723Artica Pandora FMS information disclosure [CVE-2017-15937]
108722Artica Pandora FMS cross site scripting [CVE-2017-15936]
108721Artica Pandora FMS Manager Files code injection [CVE-2017-15935]
108720Artica Pandora FMS Stored cross site scripting [CVE-2017-15934]
108719EyesOfNetwork Web Interface index.php sql injection
108718radare2 elf.c store_versioninfo_gnu_verdef out-of-bounds read
108717radare2 elf.c store_versioninfo_gnu_verneed out-of-bounds read
108716GraphicsMagick png.c ReadOneJNGImage null pointer dereference🔒🔒
108715Ox Gem parse_obj input validation🔒🔒
108714shadowsocks-libev ss-manager manager.c command injection🔒🔒
108713Diary with Lock net.MCrypt information disclosure [CVE-2017-15582]
108712Diary with Lock cryptographic issues [CVE-2017-15581]
108711Fortinet FortiOS Web API input validation [CVE-2017-14182]🔒
108710F5 BIG-IP Virtual Server resource management [CVE-2017-0303]🔒
108709Apache Cordova Android intent URL input validation [CVE-2015-1835]
108708Apache ActiveMQ XML Data xml external entity reference [CVE-2014-3600]🔒🔒
108707Apache ActiveMQ XML Data xml external entity reference [CVE-2014-3579]
108706Google Chrome v8 memory corruption [CVE-2017-5122]🔒🔒
108705Google Chrome v8 input validation [CVE-2017-5121]🔒🔒
108704Google Chrome Payment API input validation [CVE-2017-5110]🔒🔒
108703Google Chrome LOAD input validation [CVE-2017-5109]🔒🔒
108702Google Chrome PDFium type conversion [CVE-2017-5108]🔒🔒
108701Google Chrome SVG Rendering information disclosure [CVE-2017-5107]🔒🔒
108700Google Chrome Policy Enforcement Domain Name input validation🔒🔒
108699Google Chrome Policy Enforcement Domain Name input validation🔒🔒
108698Google Chrome Omnibox input validation [CVE-2017-5104]🔒🔒
108697Google Chrome Skia information disclosure [CVE-2017-5103]🔒🔒
108696Google Chrome Skia information disclosure [CVE-2017-5102]🔒🔒
108695Google Chrome Omnibox input validation [CVE-2017-5101]🔒🔒
108694Google Chrome Apps use after free [CVE-2017-5100]🔒🔒
108693Google Chrome PPAPI Plugins input validation [CVE-2017-5099]🔒🔒
108692Google Chrome v8 use after free [CVE-2017-5098]🔒🔒
108691Google Chrome Skia input validation [CVE-2017-5097]🔒🔒
108690Google Chrome Policy Enforcement information disclosure [CVE-2017-5096]🔒🔒
108689Google Chrome PDFium memory corruption [CVE-2017-5095]🔒🔒
108688Google Chrome Extensions type conversion [CVE-2017-5094]🔒🔒
108687Google Chrome Blink input validation [CVE-2017-5093]🔒🔒
108686Google Chrome PPAPI Plugin input validation [CVE-2017-5092]🔒🔒
108685Google Chrome IndexedDB use after free [CVE-2017-5091]🔒🔒
108684Google Chrome Policy Enforcement Domain Name input validation🔒
108683Google Chrome Policy Enforcement Domain Name input validation🔒🔒
108682Google Chrome v8 out-of-bounds read [CVE-2017-5088]🔒🔒
108681Google Chrome Blink use after free [CVE-2017-5087]🔒🔒
108680Google Chrome Policy Enforcement Domain Name input validation🔒🔒
108679Google Chrome Bookmark cross site scripting [CVE-2017-5085]🔒🔒
108678Google Chrome OS image-burner access control [CVE-2017-5084]🔒
108677Google Chrome Blink input validation [CVE-2017-5083]🔒🔒
108676Google Chrome Autofill information disclosure [CVE-2017-5082]🔒🔒
108675Google Chrome Extensions input validation [CVE-2017-5081]🔒🔒
108674Google Chrome Autofill use after free [CVE-2017-5080]🔒🔒
108673Google Chrome Blink input validation [CVE-2017-5079]🔒🔒
108672Google Chrome Blink command injection [CVE-2017-5078]🔒🔒
108671Google Chrome Skia out-of-bounds read [CVE-2017-5077]🔒🔒
108670Google Chrome Policy Enforcement input validation [CVE-2017-5076]🔒🔒
108669Google Chrome Blink information disclosure [CVE-2017-5075]🔒🔒
108668Google Chrome Chrome Apps use after free [CVE-2017-5074]🔒🔒
108667Google Chrome Print Preview use after free [CVE-2017-5073]🔒🔒
108666Google Chrome Omnibox Domain Name input validation🔒🔒
108665Google Chrome v8 out-of-bounds read [CVE-2017-5071]🔒🔒
108664Google Chrome v8 type conversion [CVE-2017-5070]🔒🔒
108663Google Chrome WebRTC race condition [CVE-2017-5068]🔒🔒
108662Google Chrome Blink out-of-bounds read [CVE-2017-5056]🔒🔒
108661Google Chrome Printing out-of-bounds read [CVE-2017-5055]🔒🔒
108660Google Chrome v8 memory corruption [CVE-2017-5054]🔒🔒
108659Google Chrome v8 access control [CVE-2017-5053]🔒🔒
108658Google Chrome Blink memory corruption [CVE-2017-5052]🔒🔒
108657GNU wget HTTP Chunk Size retr.c fd_read_body memory corruption🔒🔒
108656GNU wget HTTP Chunk Size http.c skip_short_body memory corruption🔒🔒
108655Fortinet FortiMail Webmail Login Reflected cross site scripting
108654Fortinet FortiWLC WebUI command injection [CVE-2017-7341]
108653Fortinet FortiWLC cross site scripting [CVE-2017-7335]
108652Bomgar Remote Support Agent untrusted search path [CVE-2017-5996]
108651Lenovo E95/M710s/M710t BIOS UEFI 7pk security [CVE-2017-3771]
108650GNU Libextractor dvi_extractor.c EXTRACTOR_dvi_extract_method out-of-bounds read🔒
108649ultimate-form-builder-lite Plugin admin-ajax.php sql injection🔒🔒
108648Paessler PRTG Network Monitor access control [CVE-2017-15917]🔒
108647Ignite Realtime Openfire Server Admin Console setup-host-settings.jsp cross site scripting
108646systemd DNS Reply dns_packet_read_type_window input validation🔒🔒
108645phpCollab newsdesk.php sql injection
108644London Trust Media Private Internet Access VPN Server List File resource consumption
108643Thornberry NDoc Log File access control [CVE-2017-15366]
108642IBM Tivoli Endpoint Manager Web UI cross site scripting [CVE-2017-1521]🔒
108641GlusterFS gf_attach.c send_brick_req null pointer dereference🔒🔒
108640IBM Tivoli Endpoint Manager information disclosure [CVE-2017-1232]🔒
108639IBM Tivoli Endpoint Manager Random Number Generator information disclosure🔒
108638IBM Tivoli Endpoint Manager Secure Cookie information disclosure🔒
108637IBM Tivoli Endpoint Manager Error Log information disclosure🔒
108636IBM Tivoli Endpoint Manager URL History information disclosure🔒
108635IBM Tivoli Endpoint Manager improper authentication [CVE-2017-1222]🔒
108634IBM Tivoli Endpoint Manager information disclosure [CVE-2017-1220]🔒
108633KeyCloak Oauth improper authentication [CVE-2017-12160]🔒
108632KeyCloak CSRF Prevention session expiration [CVE-2017-12159]🔒
108631KeyCloak Admin Console Reflected cross site scripting🔒
108630Tapatalk Plugin XMLRPC API unsubscribe_forum.php sql injection🔒
108629Apache OFBiz privileges management [CVE-2012-1622]🔒
108628D-Link DGS-1500 Ax hard-coded credentials [CVE-2017-15909]🔒
108627OpenSSH Readonly Mode sftp-server.c process_open permission🔒🔒
108626Xen Grant Copy access control [CVE-2017-15597]🔒🔒
108625AXIS 2100 Network Camera Administration Portal view.shtml Reflected cross site scripting
108624IBM Team Concert Web UI cross site scripting [CVE-2017-1363]
108623IBM ESA DM CLM Application information disclosure [CVE-2017-1295]
108622Advantech WebOP Project File memory corruption [CVE-2017-12705]
108621IBM Jazz Foundation information disclosure [CVE-2017-1241]
108620IBM DOORS Next Generation Web UI cross site scripting [CVE-2017-1169]
108619IBM Jazz Foundation Web UI cross site scripting [CVE-2017-1164]
108618cURL IMAP FETCH Response memory corruption [CVE-2017-1000257]🔒🔒
108617KeystoneJS cross site scripting [CVE-2017-15881]
108616EyesOfNetwork Web Interface add_modify_group.php sql injection🔒
108615KeystoneJS CSV Export download.js input validation
108614KeystoneJS MarkdownType.js cross site scripting
108613BusyBox decompress_unlzma.c integer underflow [CVE-2017-15874]🔒
108612BusyBox decompress_bunzip2.c get_next_block integer overflow🔒
108611phpwcms admin.edituser.tmpl.php cross site scripting
108610serialize-to-js Package Access Restriction function resource consumption [Disputed]
108609user-login-history Plugin listing.php cross site scripting
108608wp-noexternallinks Plugin options-general.php cross site scripting🔒
108607IBM WebSphere Application Server JSF information disclosure [CVE-2017-1583]
108606IBM InfoSphere Master Data Management access control [CVE-2017-1523]
108605ArGoSoft Mini Mail Server resource management [CVE-2017-15223]
108604Ayukov NFTPD memory corruption [CVE-2017-15222]
108603FFmpeg AVI File double free [CVE-2017-15186]🔒🔒
108602Phpsugar PHP Melody playlists.php sql injection
108601SaltStack Salt input validation [CVE-2017-14696]🔒
108600SaltStack Salt Incomplete Fix path traversal [CVE-2017-14695]🔒
108599IBM Storwize V7000 inadequate encryption [CVE-2017-1375]🔒
108598IBM Daeja ViewONE data processing [CVE-2017-1212]
108597IBM Daeja ViewONE Logging information disclosure [CVE-2017-1211]
108596IBM Daeja ViewONE Log File input validation [CVE-2017-1210]
108595IBM Daeja ViewONE Web UI cross site scripting [CVE-2017-1209]
108594IBM OpenPages GRC Platform cross site scripting [CVE-2016-3049]
108593Redis networking.c 7pk security🔒🔒
108592Cloud Foundry Runtime Password Recovery information disclosure
108591Cloud Foundry Runtime Password Reset Link password recovery [CVE-2015-5172]
108590Cloud Foundry Runtime Password Change session expiration [CVE-2015-5171]
108589Cloud Foundry Runtime cross-site request forgery [CVE-2015-5170]
108588Eyou Mail System d_ip_login_get.php get_login_ip_config_file command injection
108587Cisco WebEx Meetings Server Entropy entropy [CVE-2014-0691]🔒🔒
108586Siemens APOGEE PXC/TALON TC BACnet Integrated Web Server path traversal
108585Siemens APOGEE PXC/TALON TC BACnet Integrated Web Server improper authentication
108584Easy Appointments Plugin Admin Panel cross site scripting [CVE-2017-15812]🔒
108583Pootle Button Plugin dialog.php cross site scripting
108582PopCash.Net Code Integration Tool Plugin admin.php cross site scripting
108581phpMyFAQ Tag tags.main.php cross site scripting🔒
108580phpMyFAQ ajax.config.php cross-site request forgery🔒
108579Cisco Small Business SA520/Small Business SA540 platform.cgi path traversal
108578Logitech Media Server URI DOM-Based cross site scripting🔒
108577osTicket HTML File tickets.php unrestricted upload
108576IDEMIA MorphoSmart 1300 Certificate Import access control [CVE-2017-15567]
108575E-Sic buscacep.php sql injection
108574E-Sic Registration index.php cross site scripting
108573E-Sic index access control
108572E-Sic Password Reset reset sql injection
108571Suricata Check detect-engine-content-inspection.c DetectEngineContentInspection 7pk security🔒
108570Extreme EXOS Session access control [CVE-2017-14332]
108569Extreme EXOS exsh Restricted Shell Protection access control
108568Extreme EXOS access control [CVE-2017-14330]
108567Extreme EXOS exsh Debug Shell access control [CVE-2017-14329]
108566Extreme EXOS memory corruption [CVE-2017-14328]
108565Extreme EXOS File information disclosure [CVE-2017-14327]
108564Symantec Endpoint Encryption memory corruption [CVE-2017-13683]🔒
108563Symantec Encryption Desktop memory corruption [CVE-2017-13682]🔒🔒
108562Apache Portable Runtime Utility SDBM Database File apr_sdbm* out-of-bounds read🔒🔒
108561Apache Portable Runtime APR apr_os_exp_time* memory corruption🔒🔒
108560Pallets Werkzeug Debugger render_full cross site scripting🔒🔒
108559MSA vot.Ar parse input validation
108558Count Per Day Plugin counter-options.php sql injection🔒
108557Paid Memberships Pro Plugin membershiplevels.php cross site scripting🔒
108556Axigen Mail Server Webmail Interface actions.hsp cross site scripting
108555Hexis HawkEye json cross-site request forgery
108554st Module passwd path traversal🔒
108553node-printer Module printer.js printDirect command injection
108552codem-transcode Module probe command injection
108551LetoDMS inc.ClassDMS.php sql injection
108550LetoDMS out.UsrMgr.php cross site scripting
108549LetoDMS cross-site request forgery [CVE-2012-4568]
108548LetoDMS inc.ClassUI.php cross site scripting
108547LabWiki edit.php unrestricted upload
108546LabWiki cross site scripting [CVE-2011-4333]
108545foo2zjs Temp File link following
108544reseed Installation 7pk security [CVE-2011-2683]
108543Apache Derby Export File access control
108542Apple iOS Location Framework information disclosure [CVE-2017-7148]
108541Apple Support App Analytics information disclosure [CVE-2017-7147]
108540Apple iOS Setting Time Zone permission [CVE-2017-7145]
108539Apple iOS Private Browsing permission [CVE-2017-7144]🔒🔒
108538Apple macOS Captive Network Assistant Password information disclosure🔒🔒
108537Apple macOS Mail IP Address information disclosure🔒🔒
108536Apple iOS Keyboard Suggestions information disclosure [CVE-2017-7140]
108535Apple macOS Directory Utility User information disclosure🔒🔒
108534Apple iOS Bluetooth information disclosure [CVE-2017-7131]
108533Apple macOS file input validation [CVE-2017-7125]🔒🔒
108532Apple macOS file input validation [CVE-2017-7124]🔒🔒
108531Apple macOS file input validation [CVE-2017-7123]🔒🔒
108530Apple macOS file input validation [CVE-2017-7122]🔒🔒
108529Apple macOS file input validation [CVE-2017-7121]🔒🔒
108528Apple macOS IOFireWireFamily input validation [CVE-2017-7119]🔒🔒
108527Apple macOS Application Firewall access control [CVE-2017-7084]🔒🔒
108526Apple macOS Screen Lock information disclosure [CVE-2017-7082]🔒🔒
108525Apple iTunes Data Sync access control [CVE-2017-7079]🔒
108524Apple macOS Mail Drafts information disclosure [CVE-2017-7078]🔒🔒
108523Apple macOS IOFireWireFamily memory corruption [CVE-2017-7077]🔒🔒
108522Apple macOS AppSandbox input validation [CVE-2017-7074]🔒🔒
108521OpenMRS Reporting Compatibility Add On deserialization [CVE-2017-12796]
108520Apple tvOS zlib numeric error [CVE-2016-9843]🔒🔒
108519Apple tvOS zlib numeric error [CVE-2016-9842]🔒🔒
108518Apple tvOS zlib numeric error [CVE-2016-9841]🔒🔒
108517Apple tvOS zlib numeric error [CVE-2016-9840]🔒🔒
108516Apple tvOS Wi-Fi Memory information disclosure
108515Apple tvOS Wi-Fi memory corruption [CVE-2017-11121]🔒
108514Apple tvOS Wi-Fi memory corruption [CVE-2017-11120]🔒
108513Apple tvOS WebKit cross site scripting [CVE-2017-7109]🔒🔒
108512Apple tvOS WebKit information disclosure [CVE-2017-7090]🔒🔒
108511Apple tvOS WebKit memory corruption [CVE-2017-7120]🔒🔒
108510Apple tvOS WebKit memory corruption [CVE-2017-7117]🔒🔒
108509Apple tvOS WebKit memory corruption [CVE-2017-7111]🔒🔒
108508Apple tvOS WebKit memory corruption [CVE-2017-7107]🔒🔒
108507Apple tvOS WebKit memory corruption [CVE-2017-7104]🔒🔒
108506Apple tvOS WebKit memory corruption [CVE-2017-7102]🔒🔒
108505Apple tvOS WebKit memory corruption [CVE-2017-7100]🔒🔒
108504Apple tvOS WebKit memory corruption [CVE-2017-7099]🔒🔒
108503Apple tvOS WebKit memory corruption [CVE-2017-7098]🔒🔒
108502Apple tvOS WebKit memory corruption [CVE-2017-7096]🔒🔒
108501Apple tvOS WebKit memory corruption [CVE-2017-7095]🔒🔒
108500Apple tvOS WebKit memory corruption [CVE-2017-7094]🔒🔒
108499Apple tvOS WebKit memory corruption [CVE-2017-7093]🔒🔒
108498Apple tvOS WebKit memory corruption [CVE-2017-7092]🔒🔒
108497Apple tvOS WebKit memory corruption [CVE-2017-7091]🔒🔒
108496Apple tvOS WebKit memory corruption [CVE-2017-7087]🔒🔒
108495Apple tvOS WebKit memory corruption [CVE-2017-7081]🔒🔒
108494Apple tvOS SQLite memory corruption [CVE-2017-7127]🔒🔒
108493Apple tvOS SQLite memory corruption [CVE-2017-7130]🔒🔒
108492Apple tvOS SQLite memory corruption [CVE-2017-7129]🔒🔒
108491Apple tvOS SQLite memory corruption [CVE-2017-7128]🔒🔒
108490Apple tvOS SQLite out-of-bounds read [CVE-2017-10989]🔒🔒
108489Apple tvOS Security certificate validation [CVE-2017-7080]🔒🔒
108488Apple tvOS libexpat xml external entity reference [CVE-2017-9233]🔒🔒
108487Apple tvOS libexpat integer overflow [CVE-2016-9063]🔒🔒
108486Apple tvOS libc resource consumption [CVE-2017-1000373]🔒🔒
108485Apple tvOS libc resource management [CVE-2017-7086]🔒🔒
108484Apple tvOS Kernel memory corruption [CVE-2017-7114]🔒🔒
108483Apple tvOS CoreAudio integer overflow [CVE-2017-0381]🔒🔒
108482Apple tvOS CFNetwork Proxies input validation [CVE-2017-7083]🔒🔒
108481Apple watchOS zlib numeric error [CVE-2016-9843]🔒🔒
108480Apple watchOS zlib numeric error [CVE-2016-9842]🔒🔒
108479Apple watchOS zlib numeric error [CVE-2016-9841]🔒🔒
108478Apple watchOS zlib numeric error [CVE-2016-9840]🔒🔒
108477Apple watchOS SQLite memory corruption [CVE-2017-7127]🔒🔒
108476Apple watchOS SQLite memory corruption [CVE-2017-7130]🔒🔒
108475Apple watchOS SQLite memory corruption [CVE-2017-7129]🔒🔒
108474Apple watchOS SQLite memory corruption [CVE-2017-7128]🔒🔒
108473Apple watchOS SQLite memory corruption [CVE-2017-10989]🔒🔒
108472Apple watchOS Security certificate validation [CVE-2017-7080]🔒🔒
108471Apple watchOS libexpat xml external entity reference [CVE-2017-9233]🔒🔒
108470Apple watchOS libexpat integer overflow [CVE-2016-9063]🔒🔒
108469Apple watchOS libc resource consumption [CVE-2017-1000373]🔒
108468Apple watchOS libc resource consumption [CVE-2017-7086]🔒🔒
108467Apple watchOS Kernel memory corruption [CVE-2017-7114]🔒🔒
108466Apple watchOS CoreAudio integer overflow [CVE-2017-0381]🔒🔒
108465Apple watchOS CFNetwork Proxies input validation [CVE-2017-7083]🔒🔒
108464Apple Safari WebKit Storage information disclosure [CVE-2017-7142]🔒🔒
108463Apple Safari WebKit cross site scripting [CVE-2017-7109]🔒🔒
108462Apple Safari WebKit information disclosure [CVE-2017-7090]🔒🔒
108461Apple Safari WebKit memory corruption [CVE-2017-7120]🔒🔒
108460Apple Safari WebKit memory corruption [CVE-2017-7117]🔒🔒
108459Apple Safari WebKit memory corruption [CVE-2017-7111]🔒🔒
108458Apple Safari WebKit memory corruption [CVE-2017-7107]🔒🔒
108457Apple Safari WebKit memory corruption [CVE-2017-7104]🔒🔒
108456Apple Safari WebKit memory corruption [CVE-2017-7102]🔒🔒
108455Apple Safari WebKit memory corruption [CVE-2017-7100]🔒🔒
108454Apple Safari WebKit memory corruption [CVE-2017-7099]🔒🔒
108453Apple Safari WebKit memory corruption [CVE-2017-7098]🔒🔒
108452Apple Safari WebKit memory corruption [CVE-2017-7096]🔒🔒
108451Apple Safari WebKit memory corruption [CVE-2017-7095]🔒🔒
108450Apple Safari WebKit memory corruption [CVE-2017-7094]🔒🔒
108449Apple Safari WebKit memory corruption [CVE-2017-7093]🔒🔒
108448Apple Safari WebKit memory corruption [CVE-2017-7092]🔒🔒
108447Apple Safari WebKit memory corruption [CVE-2017-7091]🔒🔒
108446Apple Safari WebKit memory corruption [CVE-2017-7087]🔒🔒
108445Apple Safari WebKit memory corruption [CVE-2017-7081]🔒🔒
108444Apple iOS zlib numeric error [CVE-2016-9843]🔒🔒
108443Apple iOS zlib numeric error [CVE-2016-9842]🔒🔒
108442Apple iOS zlib numeric error [CVE-2016-9841]🔒🔒
108441Apple iOS zlib numeric error [CVE-2016-9840]🔒🔒
108440Apple iOS Wi-Fi information disclosure [CVE-2017-11122]
108439Apple iOS Wi-Fi memory corruption [CVE-2017-11121]🔒
108438Apple iOS Wi-Fi memory corruption [CVE-2017-11120]🔒
108437Apple iOS WebKit cross site scripting [CVE-2017-7109]🔒🔒
108436Apple iOS WebKit information disclosure [CVE-2017-7090]🔒🔒
108435Apple iOS WebKit memory corruption [CVE-2017-7120]🔒🔒
108434Apple iOS WebKit memory corruption [CVE-2017-7117]🔒🔒
108433Apple iOS WebKit memory corruption [CVE-2017-7111]🔒🔒
108432Apple iOS WebKit memory corruption [CVE-2017-7107]🔒🔒
108431Apple iOS WebKit memory corruption [CVE-2017-7104]🔒🔒
108430Apple iOS WebKit memory corruption [CVE-2017-7102]🔒🔒
108429Apple iOS WebKit memory corruption [CVE-2017-7100]🔒🔒
108428Apple iOS WebKit memory corruption [CVE-2017-7099]🔒🔒
108427Apple iOS WebKit memory corruption [CVE-2017-7098]🔒🔒
108426Apple iOS WebKit memory corruption [CVE-2017-7096]🔒🔒
108425Apple iOS WebKit memory corruption [CVE-2017-7095]🔒🔒
108424Apple iOS WebKit memory corruption [CVE-2017-7094]🔒🔒
108423Apple iOS WebKit memory corruption [CVE-2017-7093]🔒🔒
108422Apple iOS WebKit memory corruption [CVE-2017-7092]🔒🔒
108421Apple iOS WebKit memory corruption [CVE-2017-7091]🔒🔒
108420Apple iOS WebKit memory corruption [CVE-2017-7087]🔒🔒
108419Apple iOS WebKit memory corruption [CVE-2017-7081]🔒🔒
108418Apple iOS SQLite memory corruption [CVE-2017-7127]🔒🔒
108417Apple iOS SQLite memory corruption [CVE-2017-7130]🔒🔒
108416Apple iOS SQLite memory corruption [CVE-2017-7129]🔒🔒
108415Apple iOS SQLite memory corruption [CVE-2017-7128]🔒🔒
108414Apple iOS SQLite out-of-bounds read [CVE-2017-10989]🔒🔒
108413Apple iOS Security Track 7pk security
108412Apple iOS Security certificate validation [CVE-2017-7080]🔒🔒
108411Apple iOS Screen information disclosure [CVE-2017-7139]
108410Apple iOS libexpat xml external entity reference [CVE-2017-9233]🔒🔒
108409Apple iOS libexpat integer overflow [CVE-2016-9063]🔒🔒
108408Apple iOS libc resource consumption [CVE-2017-1000373]🔒
108407Apple iOS libc resource management [CVE-2017-7086]🔒🔒
108406Apple iOS Kernel memory corruption [CVE-2017-7114]🔒🔒
108405Apple iOS Heimdal insufficient verification of data authenticity🔒🔒
108404Apple iOS CoreAudio memory corruption [CVE-2017-0381]🔒🔒
108403Apple iOS CFNetwork Proxies input validation [CVE-2017-7083]🔒🔒
108402GNU C Library glob.c glob memory corruption🔒🔒
108401XnView Classic DLL memory corruption [CVE-2017-15803]🔒
108400XnView Classic DLL memory corruption [CVE-2017-15802]🔒
108399XnView Classic DLL memory corruption [CVE-2017-15801]🔒
108398IrfanView DLL memory corruption [CVE-2017-15800]
108397IrfanView DLL memory corruption [CVE-2017-15799]
108396IrfanView DLL memory corruption [CVE-2017-15798]
108395IrfanView DLL memory corruption [CVE-2017-15797]
108394IrfanView DLL memory corruption [CVE-2017-15796]
108393IrfanView DLL memory corruption [CVE-2017-15795]
108392IrfanView DLL memory corruption [CVE-2017-15794]
108391IrfanView DLL memory corruption [CVE-2017-15793]
108390IrfanView DLL memory corruption [CVE-2017-15792]
108389IrfanView DLL memory corruption [CVE-2017-15791]
108388IrfanView DLL memory corruption [CVE-2017-15790]
108387XnView Classic DWG File memory corruption [CVE-2017-15789]🔒
108386XnView Classic DWG File memory corruption [CVE-2017-15788]🔒
108385XnView Classic DWG File memory corruption [CVE-2017-15787]🔒
108384XnView Classic DWG File memory corruption [CVE-2017-15786]🔒
108383XnView Classic DWG File memory corruption [CVE-2017-15785]🔒
108382XnView Classic DWG File memory corruption [CVE-2017-15784]🔒
108381XnView Classic DWG File memory corruption [CVE-2017-15783]🔒
108380XnView Classic DWG File memory corruption [CVE-2017-15782]🔒
108379XnView Classic DWG File memory corruption [CVE-2017-15781]🔒
108378XnView Classic DWG File memory corruption [CVE-2017-15780]🔒
108377XnView Classic DWG File memory corruption [CVE-2017-15779]🔒
108376XnView Classic DWG File memory corruption [CVE-2017-15778]🔒
108375XnView Classic DWG File memory corruption [CVE-2017-15777]🔒
108374XnView Classic DWG File memory corruption [CVE-2017-15776]🔒
108373XnView Classic DWG File memory corruption [CVE-2017-15775]🔒
108372XnView Classic DWG File memory corruption [CVE-2017-15774]🔒
108371XnView Classic DWG File memory corruption [CVE-2017-15773]🔒
108370XnView Classic DWG File memory corruption [CVE-2017-15772]🔒
108369Foxit Reader xps File memory corruption [CVE-2017-15771]🔒
108368Foxit Reader xps File memory corruption [CVE-2017-15770]🔒
108367IrfanView DDS File memory corruption [CVE-2017-15769]🔒
108366IrfanView tif File memory corruption [CVE-2017-15768]🔒
108365IrfanView CADImage plugin memory corruption [CVE-2017-15767]🔒
108364IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15766]🔒
108363IrfanView CADImage Plugin memory corruption [CVE-2017-15765]🔒
108362IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15764]🔒
108361IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15763]🔒
108360IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15762]🔒
108359IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15761]🔒
108358IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15760]🔒
108357IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15759]🔒
108356IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15758]🔒
108355IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15757]🔒
108354IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15756]🔒
108353IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15755]🔒
108352IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15754]🔒
108351IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15753]🔒
108350IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15752]🔒
108349IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15751]🔒
108348IrfanView BabaCAD4Image Plugin memory corruption [CVE-2017-15750]🔒
108347IrfanView CADImage Plugin memory corruption [CVE-2017-15749]🔒
108346IrfanView CADImage Plugin memory corruption [CVE-2017-15748]🔒
108345IrfanView CADImage Plugin memory corruption [CVE-2017-15747]🔒
108344IrfanView CADImage Plugin memory corruption [CVE-2017-15746]🔒
108343IrfanView CADImage Plugin memory corruption [CVE-2017-15745]🔒
108342IrfanView CADImage Plugin memory corruption [CVE-2017-15744]🔒
108341IrfanView CADImage Plugin memory corruption [CVE-2017-15743]🔒
108340IrfanView CADImage Plugin memory corruption [CVE-2017-15742]🔒
108339IrfanView CADImage Plugin memory corruption [CVE-2017-15741]🔒
108338IrfanView CADImage Plugin memory corruption [CVE-2017-15740]🔒
108337IrfanView CADImage Plugin memory corruption [CVE-2017-15739]🔒
108336IrfanView CADImage Plugin memory corruption [CVE-2017-15738]🔒
108335IrfanView CADImage Plugin memory corruption [CVE-2017-15737]🔒
108334SPIP auteur.html Stored cross site scripting🔒
108333phpMyFAQ Glossary cross-site request forgery [CVE-2017-15735]🔒
108332phpMyFAQ stat.main.php cross-site request forgery🔒
108331phpMyFAQ ajax.attachment.php cross-site request forgery🔒
108330phpMyFAQ news.php cross-site request forgery🔒
108329phpMyFAQ stat.adminlog.php cross-site request forgery🔒
108328phpMyFAQ Rating stat.ratings.php cross-site request forgery🔒
108327phpMyFAQ Glossary cross-site request forgery [CVE-2017-15729]🔒
108326phpMyFAQ metaKeywords Stored cross site scripting🔒
108325phpMyFAQ Stored cross site scripting [CVE-2017-15727]🔒
108324irssi Nick null pointer dereference [CVE-2017-15723]🔒🔒
108323irssi Safe Channel ID out-of-bounds read [CVE-2017-15722]🔒🔒
108322irssi DCC CTCP Message null pointer dereference [CVE-2017-15721]🔒🔒
108321irssi Theme Install out-of-bounds read [CVE-2017-15228]🔒🔒
108320irssi Channel Sync use after free [CVE-2017-15227]🔒🔒 App information disclosure [CVE-2017-13127]
108318Cisco AMP Key hard-coded credentials [CVE-2017-12317]
108317Cumulus Linux Switch Configuration Tool Backend access control
108316apt-listbug Temp File input validation [CVE-2013-6049]
108315libpcap pcap-linux.c data processing
108314TYPO3 CMS Extension Manager cross site scripting [CVE-2010-3659]🔒
108313TP-LINK WR940N memory corruption [CVE-2017-13772]
108312Apache HTTP Server IP Address Filter input validation [CVE-2017-12171]🔒🔒
108311F5 BIG-IP Log ltm log file🔒
108310F5 BIG-IP iControl REST session expiration [CVE-2017-6145]🔒
108309F5 BIG-IP PEM Type Allocation Code Database certificate validation
108308F5 BIG-IP TLS Handshake input validation [CVE-2017-6141]🔒
108307Panasonic KX-HJB1000 sql injection [CVE-2017-2133]
108306Panasonic KX-HJB1000 File input validation [CVE-2017-2132]
108305Panasonic KX-HJB1000 Access Restriction information disclosure
108304GNU C Library glob.c glob memory corruption🔒🔒
108303GNU C Library glob.c glob memory corruption🔒🔒
108302PRTG Network Monitor EXE File input validation [CVE-2017-15651]🔒
108301TP-LINK TL-MR3220 Wireless MAC Filter cross site scripting [CVE-2017-15291]🔒
108300Car Pyrotechnical Control risky encryption [CVE-2017-14937]
108299Apache James JMX Server deserialization [CVE-2017-12628]
108298Adobe Flash Player array index [CVE-2017-11292]🔒🔒
108297Apache NiFi Proxy Chain injection [CVE-2017-5636]
108296Apache NiFi Cluster access control [CVE-2017-5635]
108295Cisco Firepower Extensible Operating System/NX-OS AAA resource management🔒
108294musl Libc DNS Reply lookup_name.c memory corruption
108293Linux Kernel af_packet.c race condition🔒🔒
108292Phpsugar PHP Melody page_manager.php cross site scripting
108291FiberHome Router webproc path traversal🔒
108290Webmin File Manager cross site scripting [CVE-2017-15646]🔒🔒
108289Webmin create_job.cgi cross-site request forgery🔒🔒
108288Webmin link.cgi server-side request forgery🔒🔒
108287Ikarus Anti Virus guardxup.exe request smuggling
108286Sound eXchange AIFF File aiff.c lsx_aiffstartread use after free🔒🔒
108285Mura CMS Draggable Feeds readRSS.cfm xml external entity reference
108284Mistune cross site scripting🔒🔒
108283Octopus Privileges access control [CVE-2017-15611]🔒
108282Octopus Guest Account information disclosure [CVE-2017-15610]🔒
108281Octopus JSON File information disclosure [CVE-2017-15609]🔒
108280Progea Movicon Unquoted Search Path unquoted search path [CVE-2017-14019]🔒
108279Progea Movicon uncontrolled search path [CVE-2017-14017]
108278Hashicorp vagrant-vmware-fusion suid Wrapper access control [CVE-2017-12579]
108277Cisco NX-OS Python Script input validation [CVE-2017-12301]🔒
108276Cisco WebEx Meeting Center Web Interface cross site scripting
108275Cisco WebEx Meetings Server Web Interface cross site scripting
108274Cisco WebEx Meetings Server resource consumption [CVE-2017-12293]
108273Cisco IOS XE Debug Logging information disclosure [CVE-2017-12289]
108272Cisco Unified Contact Center Express Web-based Management Interface cross site scripting
108271Cisco Expressway Series Software CDB Management resource management
108270Cisco Jabber Web Interface input validation [CVE-2017-12286]
108269Cisco Network Analysis Module Web Interface path traversal [CVE-2017-12285]🔒
108268Cisco Jabber Web Interface information disclosure [CVE-2017-12284]
108267Cisco IOS XE Web Interface cross site scripting [CVE-2017-12272]
108266Cisco SPA300/SPA500 cross-site request forgery [CVE-2017-12271]
108265Cisco Small Business SPA50x Session Initiation Protocol memory corruption
108264Cisco Small Business SPA51x Series IP Session Initiation Protocol memory corruption
108263Cisco Cloud Services Platform 2100 Web Console access control
108262EMC Data Protection Advisor DPA Application Service input validation
108261ZTE ZXDT22 SF01 path traversal [CVE-2017-10933]
108260Job Manager Plugin CV File Manager information disclosure [CVE-2015-6668]
108259Huawei Mate 7 TEEOS memory corruption [CVE-2015-4422]
108258Huawei Mate 7 tzdriver memory corruption [CVE-2015-4421]
108257WordPress Password Hash pluggable.php MD5 inadequate encryption🔒🔒
108256MediaWiki X-Frame-Options access control [CVE-2012-4379]🔒🔒
108255Oracle VM VirtualBox access control [CVE-2017-10428]🔒🔒
108254Oracle VM VirtualBox OpenSSL input validation [CVE-2017-3733]🔒🔒
108253Oracle VM VirtualBox access control [CVE-2017-10408]🔒🔒
108252Oracle VM VirtualBox access control [CVE-2017-10407]🔒🔒
108251Oracle VM VirtualBox access control [CVE-2017-10392]🔒🔒
108250Oracle Secure Global Desktop Apache HTTP Server improper authentication🔒🔒
108249Oracle Agile PLM Performance access control [CVE-2017-10308]
108248Oracle Agile PLM Security information disclosure [CVE-2017-10299]
108247Oracle Engineering Data Management Web Services Security access control
108246Oracle Agile Engineering Data Management OpenSSL information disclosure🔒🔒
108245Oracle Transportation Management Apache Tomcat 7pk security [CVE-2017-5664]🔒🔒
108244Oracle Transportation Management Apache Commons FileUpload input validation🔒🔒
108243Oracle Agile Engineering Data Management Apache Commons Collections deserialization🔒🔒
108242Oracle Integrated Lights Out Manager System Management information disclosure🔒
108241Oracle M7/T7/S7 Firmware access control [CVE-2017-10099]🔒
108240Oracle Sun ZFS Storage Appliance Kit Filesystem denial of service🔒
108239Oracle M3000/M4000/M5000/M8000/M9000 XCP Firmware input validation🔒🔒
108238Oracle M10-1/M10-4/M10-4S/M12-1/M12-2/M12-2S XCP Firmware input validation🔒🔒
108237Oracle Solaris Cluster HA for MySQL access control [CVE-2017-3588]🔒
108236Oracle Integrated Lights Out Manager (ILOM) System Management access control🔒
108235Oracle SPARC Enterprise M3000 XCP Firmware resource management🔒🔒
108234Oracle Integrated Lights Out Manager (ILOM) System Management denial of service🔒
108233Oracle M10-1/M10-4/M10-4S/M12-1/M12-2/M12-2S XCP Firmware resource management🔒🔒
108232Oracle Siebel UI Framework UIF Open UI denial of service [CVE-2017-10264]
108231Oracle Siebel CRM Desktop Siebel Business Service Issues information disclosure
108230Oracle Siebel Core - Server Framework Services access control
108229Oracle Siebel UI Framework UIF Open UI access control [CVE-2017-10315]
108228Oracle Siebel UI Framework UIF Open UI access control [CVE-2017-10302]
108227Oracle Siebel UI Framework EAI access control [CVE-2017-10333]
108226Oracle Siebel UI Framework UIF Open UI access control [CVE-2017-10263]
108225Oracle Siebel Apps Python access control [CVE-2013-1903]🔒
108224Oracle Retail Back Office Security access control [CVE-2017-10423]
108223Oracle Retail Xstore Point of Service Point of Sale access control
108222Oracle MICROS Retail XBRi Loss Prevention Apache Batik xml external entity reference🔒🔒
108221Oracle Retail Markdown Optimization Installation memory corruption🔒🔒
108220Oracle Retail Clearance Optimization Engine Installation memory corruption🔒🔒
108219Oracle MICROS Retail XBRi Loss Prevention Apache Tomcat 7pk security🔒🔒
108218Oracle Retail Point-of-Service Security access control [CVE-2017-10065]
108217Oracle Retail Store Inventory Management Apache Groovy deserialization🔒🔒
108216Oracle Retail Convenience/Fuel POS Software Apache Groovy deserialization🔒🔒
108215Oracle PeopleSoft Enterprise FSCM Staffing Front Office access control
108214Oracle PeopleSoft Enterprise FSCM Strategic Sourcing information disclosure
108213Oracle PeopleSoft Enterprise FSCM Staffing Front Office information disclosure
108212Oracle PeopleSoft Enterprise HCM Security access control [CVE-2017-10306]
108211Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
108210Oracle PeopleSoft Enterprise PeopleTools Security access control
108209Oracle PeopleSoft Enterprise HCM Security access control [CVE-2017-10304]
108208Oracle PeopleSoft Enterprise PeopleTools Updates Change Assistant information disclosure
108207Oracle PeopleSoft Enterprise SCM eProcurement Manage Requisition Status access control
108206Oracle PeopleSoft Enterprise PeopleTools Query access control
108205Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
108204Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
108203Oracle PeopleSoft Enterprise PeopleTools Core access control
108202Oracle PeopleSoft Enterprise PT PeopleTools Application Server information disclosure
108201Oracle PeopleSoft Enterprise PT PeopleTools PeopleSoft CDA access control
108200Oracle PeopleSoft Enterprise PeopleTools Test Framework information disclosure
108199Oracle PeopleSoft Enterprise PeopleTools Sawbridge access control
108198Oracle PeopleSoft Enterprise PT PeopleTools Health Center information disclosure
108197Oracle PeopleSoft Enterprise PT PeopleTools Elastic Search information disclosure
108196Oracle PeopleSoft Enterprise PeopleTools Updates Environment Mgmt access control
108195Oracle PeopleSoft Enterprise PRTL Interaction Hub Enterprise Portal access control
108194Oracle PeopleSoft Enterprise PRTL Interaction Hub Enterprise Portal access control
108193Oracle PeopleSoft Enterprise PT PeopleTools Performance Monitor access control
108192Oracle MySQL Server InnoDB access control [CVE-2017-10365]🔒🔒
108191Oracle MySQL Server Replication information disclosure [CVE-2017-10268]🔒🔒
108190Oracle MySQL Server InnoDB denial of service [CVE-2017-10286]🔒🔒
108189Oracle MySQL Server Stored Procedure denial of service [CVE-2017-10284]🔒🔒
108188Oracle MySQL Server Replication access control [CVE-2017-10165]🔒🔒
108187Oracle MySQL Server Optimizer denial of service [CVE-2017-10294]🔒🔒
108186Oracle MySQL Server Optimizer denial of service [CVE-2017-10279]🔒🔒
108185Oracle MySQL Server Optimizer denial of service [CVE-2017-10227]🔒🔒
108184Oracle MySQL Server Memcached denial of service [CVE-2017-10314]🔒🔒
108183Oracle MySQL Server InnoDB denial of service [CVE-2017-10320]🔒🔒
108182Oracle MySQL Server FTS denial of service [CVE-2017-10311]🔒🔒
108181Oracle MySQL Server DML denial of service [CVE-2017-10296]🔒🔒
108180Oracle MySQL Server Group Replication GCS denial of service [CVE-2017-10313]🔒🔒
108179Oracle MySQL Server Performance Schema denial of service [CVE-2017-10283]🔒🔒
108178Oracle MySQL Connectors Connector/Net access control [CVE-2017-10203]🔒
108177Oracle MySQL Connectors Connector/Net access control [CVE-2017-10277]🔒
108176Oracle MySQL Server Optimizer denial of service [CVE-2017-10378]🔒🔒
108175Oracle MySQL Server Optimizer access control [CVE-2017-10167]🔒🔒
108174Oracle MySQL Server FTS denial of service [CVE-2017-10276]🔒🔒
108173Oracle MySQL Server DDL denial of service [CVE-2017-10384]🔒🔒
108172Oracle MySQL Server Client programs information disclosure [CVE-2017-10379]🔒🔒
108171Oracle MySQL Server OpenSSL out-of-bounds read [CVE-2017-3731]🔒🔒
108170Oracle MySQL Server Pluggable Auth denial of service [CVE-2017-10155]🔒🔒
108169Oracle MySQL Enterprise Monitor Apache Tomcat 7pk security [CVE-2017-5664]🔒🔒
108168Oracle MySQL Enterprise Monitor Web access control [CVE-2017-10424]🔒
108167Oracle JD Edwards World Security OpenSSL information disclosure🔒🔒
108166Oracle JD Edwards EnterpriseOne Tools OpenSSL information disclosure🔒🔒
108165Oracle Java SE Serialization denial of service [CVE-2017-10345]🔒🔒
108164Oracle Java Advanced Management Console Server access control
108163Oracle Java SE Networking access control [CVE-2017-10295]🔒🔒
108162Oracle Java Advanced Management Console Server access control
108161Oracle Java Advanced Management Console Sever access control
108160Oracle Java SE Serialization denial of service [CVE-2017-10347]🔒🔒
108159Oracle Java SE Serialization denial of service [CVE-2017-10281]🔒🔒
108158Oracle Java SE Networking denial of service [CVE-2017-10355]🔒🔒
108157Oracle Java SE Little CMS 2 out-of-bounds read [CVE-2016-10165]🔒🔒
108156Oracle Java SE zlib numeric error [CVE-2016-9841]🔒🔒
108155Oracle Java SE Serialization denial of service [CVE-2017-10357]🔒🔒
108154Oracle Java SE Libraries denial of service [CVE-2017-10348]🔒🔒
108153Oracle Java SE JAXP denial of service [CVE-2017-10349]🔒🔒
108152Oracle Java SE JAX-WS denial of service [CVE-2017-10350]🔒🔒
108151Oracle Java Advanced Management Console Server denial of service
108150Oracle Java SE Javadoc access control [CVE-2017-10293]🔒🔒
108149Oracle Java SE Security information disclosure [CVE-2017-10356]🔒🔒
108148Oracle Java SE Smart Card IO access control [CVE-2017-10274]🔒🔒
108147Oracle Java SE Deployment access control [CVE-2017-10309]🔒🔒
108146Oracle Java SE Libraries access control [CVE-2017-10388]🔒🔒
108145Oracle Java SE RMI access control [CVE-2017-10285]🔒🔒
108144Oracle Java SE Hotspot access control [CVE-2017-10346]🔒🔒
108143Oracle Hyperion BI+ UI/Visualization access control [CVE-2017-10359]
108142Oracle Hyperion Financial Reporting Workspace access control
108141Oracle Hyperion BI+ UI/Visualization access control [CVE-2017-10312]
108140Oracle Hyperion Financial Reporting Security Models information disclosure
108139Oracle Hospitality Cruise Fleet Management GangwayActivityWebApp access control
108138Oracle Hospitality Hotel Mobile Suite8/RESTAPI access control
108137Oracle Hospitality Suite8 WebConnect information disclosure [CVE-2017-10317]
108136Oracle Hospitality OPERA 5 Property Services Folios information disclosure🔒🔒
108135Oracle Hospitality Guest Access Base access control [CVE-2017-10375]
108134Oracle Hospitality Suite8 WebConnect information disclosure [CVE-2017-10318]
108133Oracle Hospitality Suite8 PMS access control [CVE-2017-10419]
108132Oracle Hospitality Cruise Materials Management MMS access control
108131Oracle Hospitality Suite8 Leisure information disclosure [CVE-2017-10319]
108130Oracle Hospitality Guest Access Interface information disclosure
108129Oracle Hospitality Suite8 Leisure information disclosure [CVE-2017-10337]
108128Oracle Hospitality Simphony Service Host access control [CVE-2017-10425]
108127Oracle Hospitality Simphony Import/Export access control [CVE-2017-10340]
108126Oracle Hospitality Simphony Engagement access control [CVE-2017-10367]
108125Oracle Hospitality Cruise Fleet Management GangwayActivityWebApp access control
108124Oracle Hospitality Suite8 PMS access control [CVE-2017-10389]
108123Oracle Hospitality Suite8 WebConnect information disclosure [CVE-2017-10339]
108122Oracle Hospitality Cruise Fleet Management BaseMasterPage access control
108121Oracle Hospitality Suite8 Leisure access control [CVE-2017-10420]
108120Oracle Hospitality Cruise Shipboard Property Management System OHC DRS access control
108119Oracle Hospitality Suite8 WebConnect information disclosure [CVE-2017-10316]
108118Oracle Hospitality Suite8 Leisure information disclosure [CVE-2017-10421]
108117Oracle Hospitality Simphony Import/Export access control [CVE-2017-10344]
108116Oracle Hospitality Simphony Import/Export information disclosure
108115Oracle Hospitality Guest Access Base access control [CVE-2017-10370]
108114Oracle Hospitality Hotel Mobile Suite8/RESTAPI access control
108113Oracle Hospitality Guest Access Apache Batik xml external entity reference🔒🔒
108112Oracle Hospitality Reporting/Analytics iQuery access control
108111Oracle Hospitality Suite8 WebConnect access control [CVE-2017-10050]
108110Oracle Hospitality Cruise Fleet Management BaseMasterPage access control
108109Oracle Hospitality Guest Access Base access control [CVE-2017-10372]
108108Oracle Hospitality Cruise Materials Management MMSUpdater access control
108107Oracle Hospitality Guest Access Apache Tomcat 7pk security [CVE-2017-5664]🔒🔒
108106Oracle Hospitality Reporting/Analytics iQuery access control
108105Oracle Hospitality Cruise AffairWhere access control [CVE-2017-10396]
108104Oracle Hospitality Reporting/Analytics Report access control
108103Oracle Hospitality Reporting/Analytics Report access control
108102Oracle Healthcare Master Person Index Apache Groovy deserialization🔒🔒
108101Oracle Security Service C Oracle SSL API access control [CVE-2017-10166]
108100Oracle HTTP Server OSSL Module information disclosure [CVE-2016-2183]🔒🔒
108099Oracle WebCenter Sites Support Tools access control [CVE-2017-10033]🔒
108098Oracle WebLogic Server Web Container information disclosure [CVE-2017-10334]🔒🔒
108097Oracle WebLogic Server Web Container access control [CVE-2017-10336]🔒🔒
108096Oracle HTTP Server Web Listener information disclosure [CVE-2003-1418]🔒🔒
108095Oracle Access Manager Web Server Plugin information disclosure
108094Oracle GlassFish Server Administration Graphical User Interface access control🔒🔒
108093Oracle Outside In Technology Outside In Filters access control
108092Oracle WebLogic Server WLS-WebServices access control [CVE-2017-10352]🔒🔒
108091Oracle HTTP Server Web Listener cryptographic issues [CVE-2015-2808]🔒🔒
108090Oracle iPlanet Web Server Admin Graphical User Interface access control
108089Oracle GlassFish Server Web Container access control [CVE-2017-10393]🔒🔒
108088Oracle GlassFish Server Web Container access control [CVE-2017-10385]🔒🔒
108087Oracle Business Intelligence Enterprise Edition Analytics Web General access control
108086Oracle WebLogic Server Web Container information disclosure [CVE-2017-10152]🔒🔒
108085Oracle Identity Manager Apache Struts 1 memory corruption [CVE-2016-1181]🔒🔒
108084Oracle GlassFish Server Administration access control [CVE-2017-10391]🔒🔒
108083Oracle API Gateway Apache Batik xml external entity reference🔒🔒
108082Oracle Virtual Directory Virtual Directory Server access control
108081Oracle Managed File Transfer Bouncy Castle Java Package cryptographic issues🔒🔒
108080Oracle GlassFish Server Apache Commons FileUpload input validation🔒🔒
108079Oracle Business Process Management Suite Bouncy Castle Java Package cryptographic issues🔒🔒
108078Oracle Business Process Management Suite Bouncy Castle Java Package cryptographic issues🔒🔒
108077Oracle BI Publisher Web Service API information disclosure [CVE-2017-10037]🔒🔒
108076Oracle Access Manager Web Server Plugin information disclosure
108075Oracle WebCenter Content Content Server access control [CVE-2017-10360]🔒
108074Oracle SOA Suite Fabric Layer access control [CVE-2017-10026]
108073Oracle Identity Manager Connector Microsoft Active Directory access control
108072Oracle Business Intelligence Enterprise Edition Analytics Web General access control🔒
108071Oracle BI Publisher Core Formatting API access control [CVE-2017-10034]🔒🔒
108070Oracle Endeca Information Discovery Integrator Spring Framework cross-site request forgery🔒
108069Oracle Endeca Information Discovery Integrator Apache Commons Collections deserialization🔒🔒
108068Oracle Directory Server Enterprise Edition NSS memory corruption🔒🔒
108067Oracle Business Process Management Suite Apache Commons Collections deserialization🔒🔒
108066Oracle Management Pack for GoldenGate Apache Tomcat access control🔒🔒
108065Oracle Management Pack for GoldenGate Apache Commons Collections deserialization🔒🔒
108064Oracle JDeveloper Java Business Objects deserialization [CVE-2016-6814]🔒🔒
108063Oracle WebLogic Server WLS Security access control [CVE-2017-10271]🔒🔒🔒
108062Oracle BI Publisher Apache ActiveMQ input validation [CVE-2015-5254]🔒🔒
108061Oracle FLEXCUBE Universal Banking Security access control [CVE-2017-10363]
108060Oracle Enterprise Manager Ops Center Apache Groovy deserialization🔒🔒
108059Oracle CRM Technical Foundation Preferences access control [CVE-2017-10387]🔒
108058Oracle Common Applications Calendar access control [CVE-2017-10322]🔒
108057Oracle Applications Technology Stack Oracle Forms access control🔒
108056Oracle Applications Technology Stack Oracle Forms information disclosure🔒
108055Oracle Application Object Library Diagnostics information disclosure🔒
108054Oracle Applications DBA AD Utilities access control [CVE-2017-10077]🔒
108053Oracle Universal Work Queue Administration information disclosure🔒
108052Oracle Application Object Library Diagnostics information disclosure🔒
108051Oracle Web Applications Desktop Integrator Application Service access control🔒
108050Oracle Trade Management User Interface access control [CVE-2017-3446]🔒
108049Oracle Trade Management User Interface access control [CVE-2017-3445]🔒
108048Oracle Trade Management User Interface access control [CVE-2017-3444]🔒
108047Oracle Mobile Field Service Multiplatform Based on HTML5 access control🔒
108046Oracle Knowledge Management User Interface access control [CVE-2017-10412]🔒
108045Oracle Knowledge Management User Interface access control [CVE-2017-10411]🔒
108044Oracle Knowledge Management Search access control [CVE-2017-10410]🔒
108043Oracle iSupport Others access control [CVE-2017-10415]🔒
108042Oracle iStore Merchant UI access control [CVE-2017-10409]🔒
108041Oracle iStore Checkout/Order Placement access control [CVE-2017-10414]🔒
108040Oracle Interaction Center Intelligence Setup access control [CVE-2017-10303]🔒
108039Oracle Common Applications Calendar access control [CVE-2017-10326]🔒
108038Oracle Common Applications Calendar access control [CVE-2017-10325]🔒
108037Oracle Advanced Outbound Telephony Setup/Configuration access control🔒
108036Oracle Advanced Outbound Telephony Setup/Configuration access control🔒
108035Oracle Global Order Promising Reschedule Sales Orders access control🔒
108034Oracle Common Applications Gantt Server access control [CVE-2017-10330]🔒
108033Oracle Primavera Unifier Apache Groovy deserialization [CVE-2016-6814]🔒🔒
108032Oracle Communications WebRTC Session Controller libcurl information disclosure🔒🔒
108031Oracle Communications WebRTC Session Controller Postgresql race condition🔒🔒
108030Oracle Communications WebRTC Session Controller Wireshark resource management🔒🔒
108029Oracle Communications WebRTC Session Controller file resource management🔒🔒
108028Oracle Communications EAGLE LNP Application Processor OpenSSL information disclosure🔒🔒
108027Oracle Communications Policy Management Portal/CMP access control
108026Oracle Communications WebRTC Session Controller Gson access control
108025Oracle Communications Billing/Revenue Management Perl input validation🔒🔒
108024Oracle Communications Order/Service Management Apache Commons Collections deserialization🔒🔒
108023Oracle Communications WebRTC Session Controller Kerberos numeric error🔒🔒
108022Oracle Communications WebRTC Session Controller Xalan access control🔒🔒
108021Oracle Communications WebRTC Session Controller BeanUtils input validation🔒🔒
108020Oracle Communications Unified Session Manager OpenSSL resource management🔒🔒
108019Oracle Communications Diameter Signaling Router OpenSSL null pointer dereference🔒🔒
108018Oracle Tekelec HLR Router OpenSSL cryptographic issues [CVE-2014-0224]🔒🔒
108017Oracle Communications WebRTC Session Controller OpenSSL cryptographic issues🔒🔒
108016Oracle Communications WebRTC Session Controller Spring cross-site request forgery🔒
108015Oracle Communications WebRTC Session Controller Apache Commons Collections deserialization🔒🔒
108014Oracle Communications WebRTC Session Controller glibc Ghost memory corruption
108013Oracle Communications WebRTC Session Controller Apache Groovy injection🔒🔒
108012Oracle Communications User Data Repository glibc Ghost memory corruption
108011Oracle Communications Services Gatekeeper Apache Trinidad deserialization🔒
108010Oracle Communications Messaging Server NSS out-of-bounds write🔒🔒
108009Oracle Database Server RDBMS Security access control [CVE-2017-10292]🔒🔒
108008Oracle Database Server XML Database information disclosure [CVE-2017-10261]🔒🔒
108007Oracle Database Server WLM access control [CVE-2016-8735]🔒🔒
108006Oracle Database Server Java VM access control [CVE-2017-10190]🔒🔒
108005Oracle Database Server Spatial deserialization [CVE-2016-6814]🔒🔒
108004Oracle Database Server Core RDBMS access control [CVE-2017-10321]🔒🔒
108003GNU Libextractor nsfe_extractor.c EXTRACTOR_nsfe_extract_method memory corruption🔒
108002GNU Libextractor png_extractor.c EXTRACTOR_png_extract_method memory corruption🔒
108001GNU Libextractor nsf_extractor.c EXTRACTOR_nsf_extract_method null pointer dereference🔒
1080003CX Phone System Management Console path traversal [CVE-2017-15359]🔒
107999Alienvault USM Report wizard_email.php cross-site request forgery
107998Interspire Email Marketer Cookie init.php improper authentication🔒
107997Puppet Enterprise Whitelist Protection access control [CVE-2016-5714]🔒🔒
107996Drupal Overlay Module redirect [CVE-2015-7943]🔒🔒
107995Realtyna RPL com_rpl index.php cross-site request forgery
107994Realtyna RPL com_rpl index.php sql injection
107993Web2py Logout redirect
107992Google Go net/http transfer.go HTTP request smuggling🔒🔒
107991Google Go net/http reader.go HTTP request smuggling🔒🔒
107990GSI WiNPAT Portal Login Form sql injection [CVE-2015-5376]
107989Landing Pages Plugin injection [CVE-2015-5227]
107988EMC Isilon OneFS Reflected cross site scripting [CVE-2017-8024]
107987EMC NetWorker Server Service memory corruption [CVE-2017-8022]🔒
107986Xen resource consumption [CVE-2017-15596]🔒
107985Xen Hypervisor resource consumption [CVE-2017-15595]🔒🔒
107984Xen Hypervisor data processing [CVE-2017-15594]🔒🔒
107983Xen memory corruption [CVE-2017-15593]🔒🔒
107982Xen Hypervisor access control [CVE-2017-15592]🔒🔒
107981Xen Memory Comparison input validation [CVE-2017-15591]🔒🔒
107980Xen Hypervisor access control [CVE-2017-15590]🔒🔒
107979Xen information disclosure [CVE-2017-15589]🔒🔒
107978Xen TLB Entry race condition [CVE-2017-15588]🔒🔒
107977Artifex MuPDF pdf-xref.c pdf_read_new_xref_section integer overflow🔒🔒
107976ABB Fox515T Embedded Web Server information disclosure [CVE-2017-15583]
107975Phpsugar PHP Melody Cookie watch.php sql injection
107974Phpsugar PHP Melody edit_category.php sql injection
107973Redmine Wiki Links information disclosure [CVE-2017-15577]🔒🔒
107972Redmine Time Entry information disclosure [CVE-2017-15576]🔒🔒
107971Redmine 7pk security🔒🔒
107970Redmine Stored cross site scripting [CVE-2017-15574]🔒🔒
107969Redmine Markup cross site scripting [CVE-2017-15573]🔒🔒
107968Redmine Account Referer Log lost_password Password log file🔒🔒
107967Redmine _list.html.erb cross site scripting🔒🔒
107966Redmine _list.html.erb cross site scripting🔒🔒
107965Redmine queries_helper.rb cross site scripting🔒🔒
107964Redmine application_helper.rb cross site scripting🔒🔒
107963Akeo Rufus Update Download Validator 7pk security [CVE-2017-13083]🔒
107962Redmine Textile/Markdown Stored cross site scripting
107961Red Hat Satellite Qpid Server deserialization [CVE-2015-5164]
107960sharenfs ZFS File system nfs.c information disclosure
107959Netty Cookie input validation [CVE-2015-2156]🔒🔒
107958OpenJPEG j2k_read_ppm_v3 double free🔒🔒
107957Flash-album-gallery gallery.php Path information disclosure
107956Red Hat CloudForms resource consumption [CVE-2014-7813]
107955SumaHo certificate validation [CVE-2014-7242]
107954JBoss KeyCloak CSRF Protection cross-site request forgery [CVE-2014-3709]
107953ovirt-engine X.509 Certificate Validation certificate validation
107952Foreman cross site scripting [CVE-2014-3531]
107951Google Android ServiceManager service_manager.c null pointer dereference
107950GNU C Library memory corruption [CVE-2011-5320]
107949Envitech EnviDAS Ultimate improper authentication [CVE-2017-9625]
107948Debian ftpsync Option path traversal [CVE-2017-8805]
107947NVIDIA ADSP Loader memory corruption [CVE-2017-6273]
107946TIBCO Managed File Transfer Command Center access control [CVE-2017-5531]
107945Lenovo Service Framework command injection [CVE-2017-3761]
107944Lenovo Service Framework Integrity Verification credentials management
107943Lenovo Service Framework Response input validation [CVE-2017-3759]
107942Lenovo Service Framework Access Control access control [CVE-2017-3758]
107941Poppler PDF Document getGrayLine null pointer dereference🔒🔒
107940zorovavi Blog recept.php sql injection
107939ILIAS Media Objects class.ilMediaItem.php setParameter Stored cross site scripting🔒
107938Linux Kernel x86 FPU Subsystem regset.c ptrace information disclosure🔒🔒
107937ProMinent MultiFLEX M10a Controller Web Interface access control
107936ProMinent MultiFLEX M10a Controller Web Interface cross-site request forgery
107935ProMinent MultiFLEX M10a Controller Web Interface information disclosure
107934ProMinent MultiFLEX M10a Controller Web Interface session expiration
107933ProMinent MultiFLEX M10a Controller Web Interface Password password recovery
107932WECON LEVI Studio HMI Editor memory corruption [CVE-2017-13999]
107931Form Manager Plugin ajax.php fm_saveHelperGatherItems command injection
107930nw.js input validation [CVE-2014-9733]
107929Huawei USG9560/9520/9580 Website resource consumption [CVE-2014-9697]
107928Flexpaper FlexPaperViewer.swf Content input validation
107927Flexpaper FlexPaperViewer.swf cross site scripting
107926gollum Dependency access control [CVE-2014-9489]
107925MediaWiki GetID3 Library xml external entity reference [CVE-2014-9487]🔒🔒
107924Zhone zNID GPON 2426A Web Admin Portal zhnping.cmd command injection
107923Zhone zNID GPON 2426A Web Admin Portal backupsettings.html credentials management
107922X2Engine X2CRM File Upload ProfileController.php actionUploadPhoto unrestricted upload🔒
107921perltidy make_temporary_filename access control🔒🔒
107919BlackBerry Workspaces Server Source information disclosure [CVE-2017-9368]
107918BlackBerry Workspaces Server path traversal [CVE-2017-9367]
107917radare2 ELF File elf.c store_versioninfo_gnu_verdef memory corruption
107916Rate Me rate-me.php cross site scripting
107915Nero Nero.exe unquoted search path🔒
107914Infineon RSA Library RSA Key Generation cryptographic issues🔒
107913SAP Hostcontrol SOAP SAPControl Endpoint improper authentication
107912SAP CRM Java cross-site request forgery [CVE-2017-15296]
107911SAP POS Xpress Server access control [CVE-2017-15295]
107910SAP CRM Java Administration Console cross site scripting [CVE-2017-15294]
107909SAP POS Xpress Server access control [CVE-2017-15293]
107908QEMU cirrus_vga.c mode4and5 out-of-bounds write🔒🔒
107907ASX to MP3 Converter m3u File memory corruption [CVE-2017-15221]
107906International Components for Unicode zonemeta.cpp up double free🔒🔒
107905NVIDIA GeForce Experience Installer Framework NVISystemService64 access control
107904Apache Struts Double OGNL Evaluation input validation [CVE-2016-4461]
107903OpenSMTPD master.passwd req_ca_vrfy_mta use after free🔒
107902Aruba Networks ClearPass Policy Manager access control [CVE-2015-4650]
107901spin-kickstarts fedora-cloud-atomic.ks access control
107900Berta CMS File Upload unrestricted upload [CVE-2015-2780]🔒
107899Fiyo CMS Access Restriction dapur administrator access control
107898Fiyo CMS Database Backup information disclosure [CVE-2014-9147]
107897Store Locator Plugin sl-xml.php sql injection
107896Post Highlights Plugin ph_save.php cross site scripting
107895oVirt restapi Session access control [CVE-2014-7851]
107894eNovance eDeploy path traversal [CVE-2014-3702]
107893Foreman auto-completion cross site scripting [CVE-2014-0208]
107892Red Hat katello-headpin SAM Web Application cross site scripting
107891WPA2 Integrity Group Key KRACK nonce re-use🔒🔒
107890WPA2 Group Key KRACK nonce re-use🔒🔒
107889WPA2 Tunneled Direct-Link Setup KRACK nonce re-use🔒🔒
107888WPA2 STK Key KRACK nonce re-use🔒🔒
107887WPA2 Fast BSS Transition Request KRACK nonce re-use🔒🔒
107886WPA2 Integrity Group Key KRACK nonce re-use🔒🔒
107885WPA2 Group Key KRACK nonce re-use🔒🔒
107884WPA2 Integrity Group Key KRACK nonce re-use🔒🔒
107883WPA2 Group Key KRACK nonce re-use🔒🔒
107882WPA2 PTK-TK Handshake KRACK nonce re-use🔒🔒
107881Mobatek MobaXterm Telnet Service code injection [CVE-2017-15376]
107880WpJobBoard User Account request Persistent cross site scripting
107879Shopware Persistent cross site scripting [CVE-2017-15374]
107878E-Sic Search lkpcep.php sql injection
107877Sound eXchange adpcm.c lsx_ms_adpcm_block_expand_i memory corruption🔒🔒
107876Sound eXchange formats.c sox_append_comment memory corruption🔒🔒
107875Sound eXchange ima_rw.c ImaExpandS memory corruption🔒🔒
107874Artifex MuPDF pdf-stream.c build_filter_chain use after free🔒🔒
107873radare2 wasm.c wasm_dis memory corruption
107872osTicket CSRF Protection cross site scripting [CVE-2017-15362]
107871CPUID CPU-Z Kernel-Mode Driver out-of-bounds write [CVE-2017-15303]
107870CPUID CPU-Z Kernel-Mode Driver access control [CVE-2017-15302]
107869IBM Notes XStream input validation [CVE-2017-7957]🔒🔒
107868Ccsv ccsv.c foreach double free
107867Luracast Restler getsource.php path traversal
107866PRTG Network Monitor Stored cross site scripting [CVE-2017-15360]🔒
107865EWBF Cuda Zcash Miner HTTP API data processing [CVE-2017-15300]
107864NexusPHP messages.php cross site scripting
107863AIRTAME HDMI Dongle Admin Panel login.php Persistent session fixiation
107862Linux Kernel KEYS Subsystem add_key null pointer dereference🔒🔒
107861Git Tree Object resource consumption [CVE-2017-15298]🔒🔒
107860Apache Solr Apache Lucene RunExecutableListener xml external entity reference🔒🔒🔒
107859Linux Kernel ALSA Sequencer Interface seq use after free🔒🔒
107858Ruckus Wireless Zone Director Controller command injection [CVE-2017-6224]
107857Ruckus Wireless Zone Director Controller ping os command injection
107856EMC OpenText Documentum Content Server TAR File path traversal
107855EMC OpenText Documentum Content Server File access control [CVE-2017-15014]
107854EMC OpenText Documentum Content Server access control [CVE-2017-15013]
107853EMC OpenText Documentum Content Server RPC Command input validation
107852Juniper Junos Space Node Certificate Verification insufficient verification of data authenticity🔒
107851Juniper Junos Space improper authentication [CVE-2017-10623]🔒
107850Juniper Management Platform access control [CVE-2017-10622]🔒
107849Juniper Junos resource consumption [CVE-2017-10621]🔒
107848Juniper Junos HTTPS Certificate Validator certificate validation🔒
107847Juniper Junos Express Path data processing [CVE-2017-10619]🔒
107846Juniper Junos RPD 7pk security [CVE-2017-10618]🔒
107845Juniper Networks Contrail ifmap File xml external entity reference
107844Juniper Networks Contrail ifmap hard-coded credentials [CVE-2017-10616]
107843Juniper Junos Pluggable Authentication input validation [CVE-2017-10615]🔒
107842Juniper Junos telnetd resource consumption [CVE-2017-10614]🔒
107841Juniper Junos Loopback Filter resource consumption🔒
107840Juniper Junos Space Persistent cross site scripting [CVE-2017-10612]🔒
107839Juniper Junos Statistics data processing [CVE-2017-10611]🔒
107838Juniper Junos flowd input validation [CVE-2017-10610]🔒
107837Juniper Junos Sun/MS-RPC ALG resource consumption [CVE-2017-10608]🔒
107836Juniper Junos rpd Daemon resource management [CVE-2017-10607]🔒
107835Juniper Junos TPM cryptographic issues [CVE-2017-10606]
107834Apache Ranger Change Password credentials management [CVE-2016-6815]
107833JanTek JTC-200 Busybox improper authentication [CVE-2016-5791]
107832JanTek JTC-200 cross-site request forgery [CVE-2016-5789]
107831Juniper Junos permission [CVE-2016-4924]🔒🔒
107830Juniper Junos Cross Site Scripting Protection cross site scripting🔒🔒
107829Juniper Junos Space cross-site request forgery [CVE-2016-1265]🔒🔒
107828J-Web Service cross-site request forgery [CVE-2016-1261]🔒
107827Bamboo REST Endpoint access control [CVE-2017-9514]🔒
107826Mirasys Video Management System Login cryptographic issues [CVE-2017-15290]
107825Dream Multimedia Dreambox file cross site scripting
107824SQLite shell.c tableColumnList null pointer dereference🔒
107823X-Cart File Extension Filter input validation [CVE-2017-15285]
107822October CMS SVG File cross site scripting [CVE-2017-15284]
107821ImageMagick psd.c ReadPSDImage memory corruption🔒🔒
107820Umbraco CMS importDocumenttype.aspx.cs xml external entity reference
107819Umbraco CMS New Page Publish.aspx.cs cross site scripting
107818TeamPass folders.queries.php cross site scripting🔒
107817ImageMagick/GraphicsMagick gif.c readgifimage information disclosure🔒🔒
107816QEMU channel-websock.c resource management🔒🔒
107815SilverStripe CMS Password Reset information disclosure [CVE-2017-12849]
107814HIBUN Confidential File Decryption untrusted search path [CVE-2017-10865]
107813HIBUN Confidential File Viewer untrusted search path [CVE-2017-10864]
107812HIBUN Confidential File Decryption untrusted search path [CVE-2017-10863]
107811jwt-scala Token Signature Verification insufficient verification of data authenticity
107810Cybozu Office Access Restriction Cabinet access control
107809WordPress Sandbox flashmediaelement.swf Cross-Domain input validation🔒
107808Cisco Embedded Device X.509 Certificate certificate validation🔒🔒
107807EMC RSA Archer GRC File Upload input validation [CVE-2017-8025]🔒
107806EMC Network Configuration Manager Reflected cross site scripting
107805EMC RSA Archer GRC Stored cross site scripting [CVE-2017-8016]🔒
107804SDL RGB Surface integer overflow [CVE-2017-2888]🔒🔒
107803SDL_image XCF Property memory corruption [CVE-2017-2887]🔒🔒
107802Linux Kernel keyctl.c null pointer dereference🔒🔒
107801GNU Libextractor flac_extractor.c null pointer dereference🔒
107800GNU Libextractor wav_extractor.c EXTRACTOR_wav_extract_method divide by zero🔒
107799IrfanView tif File memory corruption [CVE-2017-15264]
107798IrfanView PDF Plugin memory corruption [CVE-2017-15263]
107797IrfanView PDF Plugin memory corruption [CVE-2017-15262]
107796IrfanView PDF Plugin memory corruption [CVE-2017-15261]
107795IrfanView PDF Plugin memory corruption [CVE-2017-15260]
107794IrfanView PDF Plugin memory corruption [CVE-2017-15259]
107793IrfanView PDF Plugin memory corruption [CVE-2017-15258]
107792IrfanView PDF Plugin memory corruption [CVE-2017-15257]
107791IrfanView PDF Plugin memory corruption [CVE-2017-15256]
107790IrfanView PDF Plugin memory corruption [CVE-2017-15255]
107789IrfanView PDF Plugin memory corruption [CVE-2017-15254]
107788IrfanView PDF Plugin memory corruption [CVE-2017-15253]
107787IrfanView PDF Plugin memory corruption [CVE-2017-15252]
107786IrfanView PDF Plugin memory corruption [CVE-2017-15251]
107785IrfanView PDF Plugin memory corruption [CVE-2017-15250]
107784IrfanView PDF Plugin memory corruption [CVE-2017-15249]
107783IrfanView PDF Plugin memory corruption [CVE-2017-15248]
107782IrfanView PDF Plugin memory corruption [CVE-2017-15247]
107781IrfanView PDF Plugin memory corruption [CVE-2017-15246]
107780IrfanView PDF Plugin memory corruption [CVE-2017-15245]
107779IrfanView PDF Plugin memory corruption [CVE-2017-15244]
107778IrfanView PDF Plugin memory corruption [CVE-2017-15243]
107777IrfanView PDF Plugin memory corruption [CVE-2017-15242]
107776IrfanView PDF Plugin memory corruption [CVE-2017-15241]
107775IrfanView PDF Plugin memory corruption [CVE-2017-15240]
107774IrfanView PDF Plugin memory corruption [CVE-2017-15239]
107773Flexense VX Search Enterprise memory corruption [CVE-2017-15220]
107772Atlassian FishEye/Crucible cross site scripting [CVE-2017-14588]
107771Atlassian FishEye/Crucible cross site scripting [CVE-2017-14587]
107770EMC RSA Archer GRC RSA Archer Help Pages Reflected cross site scripting🔒
107769EMC RSA Archer GRC Reflected cross site scripting [CVE-2017-14371]🔒
107768EMC RSA Archer GRC Stored cross site scripting [CVE-2017-14370]🔒
107767EMC RSA Archer GRC access control [CVE-2017-14369]🔒
107766LAVA Ether-Serial Link improper authentication [CVE-2017-14003]
107765libXfont pcfread.c pcfGetProperties out-of-bounds read🔒🔒
107764libXfont fontdir.c PatternMatch out-of-bounds read🔒🔒
107763Linux Kernel Key Management null pointer dereference [CVE-2017-12192]🔒🔒
107762Linux Kernel mmu.c path traversal🔒🔒
107761RubyGems YAML Deserialization bypass deserialization🔒🔒
107760Seagate BlackArmor NAS getAlias.php command injection🔒
107759Microsoft Windows SMB input validation [CVE-2017-11781]🔒🔒
107758Microsoft Windows Storage Security input validation [CVE-2017-11818]🔒🔒
107757Microsoft Windows JET Database Engine memory corruption [CVE-2017-8718]🔒🔒
107756Microsoft Windows JET Database Engine memory corruption [CVE-2017-8717]🔒🔒
107755Microsoft Windows TRIE access control [CVE-2017-11769]🔒🔒
107754Microsoft Windows GDI information disclosure [CVE-2017-11816]🔒🔒
107753Microsoft Windows SMB data processing [CVE-2017-11780]🔒🔒
107752Microsoft Windows Update Delivery Optimization access control🔒🔒
107751Microsoft Windows Kernel information disclosure [CVE-2017-11814]🔒🔒
107750Microsoft Windows Kernel information disclosure [CVE-2017-11785]🔒🔒
107749Microsoft Windows Kernel information disclosure [CVE-2017-11784]🔒🔒
107748Microsoft Windows Kernel information disclosure [CVE-2017-11765]🔒🔒
107747Microsoft Windows Graphics access control [CVE-2017-11824]🔒🔒
107746Microsoft Windows Win32k access control [CVE-2017-8694]🔒🔒
107745Microsoft Windows Win32k access control [CVE-2017-8689]🔒🔒
107744Microsoft Windows DNSAPI DNSAPI.dll access control🔒🔒
107743Microsoft Edge information disclosure [CVE-2017-11794]🔒🔒
107742Microsoft Lync/Skype for Business Authentication access control🔒🔒
107741Microsoft Outlook Secure Connection Mail information disclosure🔒🔒
107740Microsoft Windows Graphics access control [CVE-2017-11763]🔒🔒
107739Microsoft Windows Graphics access control [CVE-2017-11762]🔒🔒
107738Microsoft Windows Search information disclosure [CVE-2017-11772]🔒🔒
107737Microsoft Windows Advanced Local Procedure Call access control🔒🔒
107736Microsoft Windows Graphics information disclosure [CVE-2017-8693]🔒🔒
107735Microsoft Windows Device Guard access control [CVE-2017-8715]🔒🔒
107734Microsoft Windows SMB access control [CVE-2017-11782]🔒🔒
107733Microsoft Chakra Core Scripting Engine information disclosure
107732Microsoft Outlook memory corruption [CVE-2017-11774]🔒🔒
107731Microsoft Windows Shell memory corruption [CVE-2017-11819]🔒🔒
107730Microsoft Windows Search Remote access control [CVE-2017-11771]🔒🔒
107729Microsoft SharePoint Enterprise Server cross site scripting [CVE-2017-11820]🔒🔒
107728Microsoft SharePoint Enterprise Server cross site scripting [CVE-2017-11777]🔒🔒
107727Microsoft SharePoint Enterprise Server cross site scripting [CVE-2017-11775]🔒🔒
107726Microsoft Internet Explorer information disclosure [CVE-2017-11790]🔒🔒
107725Microsoft Windows Kernel information disclosure [CVE-2017-11817]🔒🔒
107724Microsoft Windows Text Services Framework access control [CVE-2017-8727]🔒🔒
107723Microsoft Windows SMB information disclosure [CVE-2017-11815]🔒🔒
107722Microsoft Windows Device Guard access control [CVE-2017-11823]🔒🔒
107721Microsoft Edge Scripting Engine memory corruption [CVE-2017-11812]🔒🔒
107720Microsoft Edge Scripting Engine memory corruption [CVE-2017-11811]🔒🔒
107719Microsoft Internet Explorer memory corruption [CVE-2017-11810]🔒🔒
107718Microsoft Edge Scripting Engine memory corruption [CVE-2017-11809]🔒🔒
107717Microsoft Edge Scripting Engine memory corruption [CVE-2017-11808]🔒🔒
107716Microsoft Edge Scripting Engine memory corruption [CVE-2017-11807]🔒🔒
107715Microsoft Edge memory corruption [CVE-2017-11806]🔒🔒
107714Microsoft Edge memory corruption [CVE-2017-11805]🔒🔒
107713Microsoft Edge Scripting Engine memory corruption [CVE-2017-11804]🔒🔒
107712Microsoft Edge memory corruption [CVE-2017-11802]🔒🔒
107711Microsoft Chakra Core Scripting Engine information disclosure
107710Microsoft Edge Scripting Engine memory corruption [CVE-2017-11800]🔒🔒
107709Microsoft Edge Scripting Engine memory corruption [CVE-2017-11799]🔒🔒
107708Microsoft Edge Scripting Engine memory corruption [CVE-2017-11798]🔒🔒
107707Microsoft Edge Scripting Engine memory corruption [CVE-2017-11796]🔒🔒
107706Microsoft Internet Explorer Scripting Engine JSONStringifyObject memory corruption🔒🔒
107705Microsoft Edge Scripting Engine memory corruption [CVE-2017-11792]🔒🔒
107704Microsoft Edge Scripting Engine memory corruption [CVE-2017-11821]🔒🔒
107703Microsoft Office memory corruption [CVE-2017-11826]🔒🔒
107702Microsoft Edge information disclosure [CVE-2017-8726]🔒🔒
107701Microsoft Windows Subsystem for Linux memory corruption [CVE-2017-8703]🔒🔒
107700Microsoft Internet Explorer memory corruption [CVE-2017-11813]🔒🔒
107699Microsoft Internet Explorer memory corruption [CVE-2017-11822]🔒🔒
107698Microsoft Office memory corruption [CVE-2017-11825]🔒🔒
107697Pure Storage Purity SNMP Trap Manager Site Stored cross site scripting
107696Google Android Netlink memory corruption [CVE-2017-9717]
107695Google Android memory corruption [CVE-2017-9715]
107694Google Android limCheckRxRSNIeMatch memory corruption
107693Google Android Display Driver memory corruption [CVE-2017-9706]
107692Google Android diag_dbgfs_read_table race condition
107691Google Android Thread ipc_log_context_destroy double free
107690Google Android SPS Driver double free [CVE-2017-9686]
107689Google Android integer overflow [CVE-2017-9683]
107688HPE Operations Orchestration input validation [CVE-2017-8994]🔒🔒
107687Intel NUC7i3BNK/NUC7i3BNH/NUC7i5BNK/NUC7i5BNH/NUC7i7BNH Policy Enforcement access control
107686Intel NUC7i3BNK/NUC7i3BNH/NUC7i5BNK/NUC7i5BNH/NUC7i7BNH Memory input validation
107685Intel NUC7i3BNK/NUC7i3BNH/NUC7i5BNK/NUC7i5BNH/NUC7i7BNH BIOS Recovery access control
107684Intel NUC7i3BNK/NUC7i3BNH/NUC7i5BNK/NUC7i5BNH/NUC7i7BN Password Storage credentials management
107683IBM Financial Transaction Manager information disclosure [CVE-2017-1538]
107682GraphicsMagick png.c ReadOneJNGImage use after free🔒
107681Tiandy IP Cameras Service Port 3001 information disclosure [CVE-2017-15236]🔒
107680Horde Groupware gollem access control [CVE-2017-15235]🔒
107679libjpeg-turbo JPEG File jdpostct.c null pointer dereference🔒
107678ZyXEL NBG6716 ozkerz popen command injection
107677GNU binutils libbfd dwarf2.c _bfd_dwarf2_cleanup_debug_info memory corruption
107676dotCMS Stored cross site scripting [CVE-2017-15219]🔒
107675ImageMagick png.c ReadOneJNGImage resource consumption🔒
107674ImageMagick sgi.c ReadSGIImage resource consumption🔒🔒
107673MIPS quickDeleteConfirmationForm.ctp quickDelete Reflected cross site scripting
107672Shaarli index.php Reflected cross site scripting
107671Flyspray syntax.php Stored cross site scripting
107670Flyspray common.editallusers.tpl Stored cross site scripting
107669Kanboard Form Data information disclosure [CVE-2017-15212]
107668Kanboard Form Data access control [CVE-2017-15211]
107667Kanboard Form Data information disclosure [CVE-2017-15210]
107666Kanboard Form Data access control [CVE-2017-15209]
107665Kanboard Form Data access control [CVE-2017-15208]
107664Kanboard Form Data access control [CVE-2017-15207]
107663Kanboard Form Data access control [CVE-2017-15206]
107662Kanboard Form Data information disclosure [CVE-2017-15205]
107661Kanboard Form Data access control [CVE-2017-15204]
107660Kanboard Form Data access control [CVE-2017-15203]
107659Kanboard Form Data access control [CVE-2017-15202]
107658Kanboard Form Data access control [CVE-2017-15201]
107657Kanboard Form Data access control [CVE-2017-15200]
107656Kanboard Form Data access control [CVE-2017-15199]
107655Kanboard Form Data information disclosure [CVE-2017-15198]
107654Kanboard Form Data access control [CVE-2017-15197]
107653Kanboard Form Data access control [CVE-2017-15196]
107652Kanboard Form Data access control [CVE-2017-15195]
107651Cacti global_session.php cross site scripting🔒🔒
107650Wireshark MBIM Dissector packet-mbim.c resource consumption🔒🔒
107649Wireshark BT BTATT Dissector packet-btatt.c resource management🔒🔒
107648Wireshark DMP Dissector packet-dmp.c format string🔒🔒
107647Wireshark RTSP Dissector packet-rtsp.c resource management🔒🔒
107646Wireshark DOCSIS Dissector packet-docsis.c resource management🔒🔒
107645EyesOfNetwork Web Interface index.php Persistent cross site scripting🔒
107644Lansweeper XML Data xml external entity reference [CVE-2017-13706]
107643Symantec Encryption Desktop data processing [CVE-2017-13679]🔒🔒
107642Symantec Endpoint Encryption data processing [CVE-2017-13675]🔒
107641Epson EasyMP credentials management [CVE-2017-12861]
107640Epson EasyMP credentials management [CVE-2017-12860]
107639Apache NiFi xml external entity reference [CVE-2017-12623]
107638Google Android Athdiag Out-of-Range memory corruption
107637Google Android hdd_extscan_passpoint_fill_network_list memory corruption
107636Google Android User Process race condition [CVE-2017-11063]
107635Google Android __wlan_hdd_cfg80211_do_acs memory corruption
107634Google Android memory corruption [CVE-2017-11061]
107633Google Android hdd_extscan_passpoint_fill_network_list memory corruption
107632Google Android SHA memory corruption [CVE-2017-11059]
107631Google Android Compatibility Mode flash_data Kernel Memory memory corruption
107630Google Android SHA Page Fault memory corruption
107629Google Android memory corruption [CVE-2017-11055]
107628Google Android cfg80211 memory corruption [CVE-2017-11054]
107627Google Android ConvertQosMapsetFrame memory corruption
107626Google Android cfg80211 memory corruption [CVE-2017-11052]
107625Google Android __wlan_hdd_cfg80211_testmode information disclosure
107624Google Android pktlogconf memory corruption [CVE-2017-11050]
107623Google Android Display Driver use after free [CVE-2017-11048]
107622Google Android Audio Driver out-of-bounds write [CVE-2017-11046]
107621Piwigo Access Restriction url_check_format access control🔒
107620Piwigo Search cross site scripting🔒
107619sudo sudoers lectured race condition🔒🔒
107618Gurunavi App SSL Certificate Validator certificate validation
107617Zend Framework Private Key array_rand key management🔒🔒
107616Node.js resource consumption [CVE-2015-7384]🔒
107615Salt Log Username information disclosure🔒
107614ATutor LMS cross site scripting [CVE-2015-6521]
107613Niconico App SSL Certificate Verification Service certificate validation
107612Rakuten Card App SSL Certificate Verification Service certificate validation
107611Accellion File Transfer Appliance Cookie template path traversal🔒🔒
107610libjpeg-turbo Exif Marker memory corruption [CVE-2014-9092]🔒🔒
107609UI-Dialog command injection [CVE-2008-7315]🔒
107608Trapeze TransitMaster GetSubscriber information disclosure
107607IBM WebSphere Application Server HTTP Response Splitting cross site scripting
107606Apache ZooKeper Command resource management [CVE-2017-5637]🔒🔒
107605QEMU 9p.c v9fs_xattrwalk race condition🔒🔒
107604Sync Breeze Enterprise login memory corruption
107603GridGain GUI Console path traversal [CVE-2017-14614]
107602Digium Asterisk RTCP Packet information disclosure [CVE-2017-14603]🔒🔒
107601X.Org Server Global Buffer memory corruption [CVE-2017-13723]🔒🔒
107600X.Org Server Shared Memory Segments access control [CVE-2017-13721]🔒🔒
107599Huawei FusionServer Permission permission [CVE-2015-7842]
107598GNU MPFR strtofr.c mpfr_strtofr memory corruption🔒🔒
107597Apache Roller XML-RPC Protocol Support xml external entity reference🔒
107596libmp3splt ogg.c vorbis_block_clear input validation
107595IDenticard Two-Reader Controller Configuration Manager ~user_handler Stored cross site scripting
107594InFocus Mondopad improper authentication [CVE-2017-14972]
107593InFocus Mondopad Excel Spreadsheet Credentials information disclosure
107592Apple OS X/macOS Keychain Password access control🔒🔒
107591Apple OS X/macOS Disk Utility Password information disclosure🔒🔒
107590IDM Bi-directional Driver access control [CVE-2017-9273]
107589IDM Bi-directional Driver input validation [CVE-2017-9272]
107588Rapid7 Metasploit Framework Logout cross-site request forgery
107587Smush Image Compression/Optimization Plugin path traversal [CVE-2017-15079]🔒🔒
107586Intel Puma denial of service [CVE-2017-15078]
107585Intel Puma denial of service [CVE-2017-15077]
107584Intel Puma denial of service [CVE-2017-15076] [Disputed]
107583Intel Puma denial of service [CVE-2017-15075]
107582Intel Puma denial of service [CVE-2017-15074]
107581Intel Puma denial of service [CVE-2017-15073]
107580Intel Puma denial of service [CVE-2017-15072]
107579Intel Puma denial of service [CVE-2017-15071]
107578Intel Puma denial of service [CVE-2017-15070]
107577Intel Puma denial of service [CVE-2017-15069]
107576Intel Puma denial of service [CVE-2017-15068]
107575Intel Puma denial of service [CVE-2017-15067]
107574Intel Puma denial of service [CVE-2017-15066]
107573Intel Puma denial of service [CVE-2017-15065]
107572Intel Puma denial of service [CVE-2017-15064]
107571Intelliants Subrion CMS ia.core.php cross-site request forgery
107570UPX ELF File Header p_lx_elf.cpp unpack null pointer dereference🔒🔒
107569QNAP Music Station command injection [CVE-2017-13069]
107568QNAP Helpdesk Application sql injection [CVE-2017-13068]
107567Koji SCM Path Blacklist input validation
107566libcURL FTP memory corruption [CVE-2017-1000254]🔒🔒
107565Foreman LDAP Authentication Password 7pk security
107564WP EasyCart Plugin admin_ajax_functions.php ec_ajax_clear_all_taxrates access control
107563libcsoap nanohttp null pointer dereference [CVE-2015-2297]
107562pngcrush PNG File pngcrush.c pngcrush_measure_idat numeric error
107561Issuetracker phpBugTracker cross site scripting [CVE-2015-2148]
107560Issuetracker phpBugTracker sql injection [CVE-2015-2147]
107559Issuetracker phpBugTracker project.php sql injection
107558Issuetracker phpBugTracker cross site scripting [CVE-2015-2145]
107557Issuetracker phpBugTracker project.php cross site scripting
107556Issuetracker phpBugTracker cross-site request forgery [CVE-2015-2143]
107555Issuetracker phpBugTracker project.php cross-site request forgery
107554http gem Hostname Validator information disclosure [CVE-2015-1828]
107553Cybele Thinfinity Remote Desktop Workstation path traversal [CVE-2015-1429]
107552Google Chrome MP4 File memory corruption [CVE-2015-1206]
107551texlive Pre-Installer access control [CVE-2015-0296]🔒🔒
107550Best Gallery Albums Plugin admin.php cross site scripting🔒
107549Profile Builder Plugin fallback-page.php cross site scripting🔒
107548Easy Contact Form Solution Plugin admin-ajax.php cross site scripting
107547CyaSSL Leaf Certificate cryptographic issues [CVE-2014-2903]
107546Docker tmp Local Privilege Escalation
107545LibOFX memory corruption [CVE-2017-2920]🔒🔒
107544Computerinsel PhotoLine GIF Parser memory corruption [CVE-2017-2880]
107543IBM Content Navigator / CMIS Web UI cross site scripting [CVE-2017-1522]
107542Redis cluster.c clusterLoadConfig memory corruption🔒🔒
107541LAME memory corruption [CVE-2017-15046]🔒
107540LAME memory corruption [CVE-2017-15045]🔒
107539Google Go SMTP information disclosure [CVE-2017-15042]🔒🔒
107538Google Go access control [CVE-2017-15041]🔒🔒
107537HP UCMDB Foundation cross site scripting [CVE-2017-14354]🔒
107536HP UCMDB Foundation code injection [CVE-2017-14353]🔒🔒
107535Trend Micro OfficeScan cgiShowClientAdm.exe memory corruption🔒🔒
107534Trend Micro OfficeScan tmwfp.sys memory corruption🔒🔒
107533Trend Micro OfficeScan Host Header input validation [CVE-2017-14087]🔒🔒
107532Trend Micro OfficeScan fcgiOfcDDA.exe resource management🔒🔒
107531Trend Micro OfficeScan information disclosure [CVE-2017-14085]🔒🔒
107530Trend Micro OfficeScan access control [CVE-2017-14084]🔒🔒
107529Trend Micro OfficeScan Encryption File access control [CVE-2017-14083]🔒🔒
107528LOYTEC LVIS-3ME Credentials credentials management [CVE-2017-13998]
107527LOYTEC LVIS-3ME Web User Interface path traversal [CVE-2017-13996]
107526LOYTEC LVIS-3ME Web Interface cross site scripting [CVE-2017-13994]
107525LOYTEC LVIS-3ME Random Number Generator entropy [CVE-2017-13992]
107524IBM Tivoli Storage Manager Application Trace Credentials credentials management
107523IBM Tivoli Storage Manager Password information disclosure [CVE-2017-1339]
107522IBM Spectrum Protect link following [CVE-2017-1301]
107521GE CIMPLICITY Packet Length memory corruption [CVE-2017-12732]
107520mySCADA myPRO Unquoted Search Path unquoted search path [CVE-2017-12730]🔒
107519Computerinsel PhotoLine TGA Parser memory corruption [CVE-2017-12106]
107518IBM BigFix Compliance Analytics Credentials credentials management
107517IBM Tivoli Storage Manager Authentication improper authentication
107516Saia Burgess Controls PCD Controllers Ethernet Frame information disclosure
107515FreeBSD smb_subr.c smb_strdupin out-of-bounds read
107514EmTec PyroBatchFTP memory corruption [CVE-2017-15035]
107513ImageMagick yuv.c ReadYUVImage resource management🔒
107512ImageMagick ycbcr.c ReadYCBCRImage resource consumption🔒
107511GNU binutils dwarf2.c decode_line_info divide by zero🔒
107510GNU binutils libbfd dwarf2.c find_abstract_instance_name input validation🔒
107509GNU binutils libbfd dwarf2.c concat_filename null pointer dereference🔒
107508GNU binutils libbfd dwarf2.c parse_comp_unit null pointer dereference🔒
107507GNU binutils libbfd opncls.c bfd_getl32 memory corruption🔒
107506GNU binutils libbfd dwarf1.c parse_die memory corruption🔒
107505LAME mpglib_interface.c hip_decode_init null pointer dereference🔒🔒
107504LAME vbrquantize.c k_34_4 memory corruption🔒
107503ImageMagick png.c ReadOneMNGImage null pointer dereference🔒🔒
107502ImageMagick emf.c ReadEnhMetaFile null pointer dereference🔒🔒
107501ImageMagick pdf.c PDFDelegateMessage null pointer dereference🔒
107500Ctek SkyRouter 4200/SkyRouter 4400 improper authentication [CVE-2017-14000]
107499IniNet Webserver improper authentication [CVE-2017-13995]
107498i-SENS SmartLog Diabetes Management Software uncontrolled search path
107497SpiderControl SCADA Web Server Privileges access control [CVE-2017-12728]
107496Cisco IOS XR gRPC memory corruption [CVE-2017-12270]
107495Cisco Spark Messaging Web UI Stored cross site scripting
107494Cisco AnyConnect Secure Mobility Client Network Interface access control
107493Cisco Wide Area Application Services ICA memory corruption [CVE-2017-12267]
107492Cisco Meeting App DLL Loader access control [CVE-2017-12266]
107491Cisco ASA Web-based Management Interface cross site scripting
107490Cisco Meeting Server Web Admin Interface input validation [CVE-2017-12264]
107489Cisco License Manager Web Interface path traversal [CVE-2017-12263]
107488Cisco Unified Communications Manager Web UI cross site scripting
107487Cisco WebEx Meetings Server cross site scripting [CVE-2017-12257]
107486Cisco Wide Area Application Services Akamai Connect data processing
107485Cisco ASA resource management [CVE-2017-12246]🔒
107484Cisco Threat Defense Firepower Detection Engine resource management🔒
107483Cisco Intrusion Prevention System Advanced Malware Protection input validation🔒
107482Red Hat Enterprise Application Platform JBoss Application Server doFilter deserialization🔒
107481Linux Kernel load_elf_binary memory corruption🔒🔒
107480ERPNext Frappe frappe.share.get_users sql injection
107479October CMS File Upload unrestricted upload [CVE-2017-1000119]
107478Akka http HTTP Header memory corruption [CVE-2017-1000118]🔒
107477Git SSH URL access control [CVE-2017-1000117]🔒🔒
107476Mercurial SSH command injection [CVE-2017-1000116]🔒🔒
107475Mercurial link following [CVE-2017-1000115]🔒🔒
107474Jenkin Datadog Plugin information disclosure [CVE-2017-1000114]
107473Jenkins Deploy to Container Plugin information disclosure [CVE-2017-1000113]
107472Linux Kernel __ip_append_data race condition🔒🔒
107471Jenkins Blue Ocean access control [CVE-2017-1000110]
107470Jenkins Static Analysis Utilities cross site scripting [CVE-2017-1000109]
107469Jenkins Input Step Plugin information disclosure [CVE-2017-1000108]
107468Jenkins Script Security Plugin access control [CVE-2017-1000107]
107467Jenkin Blue Ocean access control [CVE-2017-1000106]
107466Jenkin Permission permission [CVE-2017-1000105]
107465Jenkins Config File Provider Plugin access control [CVE-2017-1000104]
107464Jenkins Static Analysis Utilities cross site scripting [CVE-2017-1000103]
107463Jenkins Static Analysis Utilities Persistent cross site scripting
107462Google Go net-http RequestParseMultipartForm file descriptor consumption🔒🔒
107461Google Go Root Certificate certificate validation [CVE-2017-1000097]
107460Jenkins Sandbox access control [CVE-2017-1000096]
107459Jenkins Script Sandbox access control [CVE-2017-1000095]
107458Jenkins Docker Commons Plugin information disclosure [CVE-2017-1000094]
107457Jenkins Poll SCM Plugin cross-site request forgery [CVE-2017-1000093]
107456Jenkins Git Plugin cross-site request forgery [CVE-2017-1000092]
107455Jenkins GitHub Branch Source Plugin cross-site request forgery
107454Jenkins Role-based Authorization Strategy Plugin cross-site request forgery
107453Jenkins Build Step Plugin access control [CVE-2017-1000089]
107452Jenkins Sidebar Link Plugin cross site scripting [CVE-2017-1000088]
107451Jenkins GitHub Branch Source Plugin information disclosure [CVE-2017-1000087]
107450Jenkins Periodic Backup Plugin cross-site request forgery [CVE-2017-1000086]
107449Jenkins Subversion Plugin cross-site request forgery [CVE-2017-1000085]
107448Jenkins Parameterized Trigger Plugin access control [CVE-2017-1000084]
107447Mozilla Firefox Full Screen Mode Address input validation🔒
107446Mozilla Firefox Xray Wrapper data processing [CVE-2017-7820]🔒🔒
107445Mozilla Firefox WebCrypto API Key cryptographic issues🔒🔒
107444Mozilla Firefox WebExtensions access control [CVE-2017-7821]🔒🔒
107443Mozilla Firefox WebExtensions 7pk security [CVE-2017-7816]🔒🔒
107442Mozilla Firefox data: URI input validation [CVE-2017-7815]🔒🔒
107441Mozilla Firefox Tibetan/Arabic Charset Address input validation🔒🔒
107440Mozilla Firefox Phishing Warning input validation [CVE-2017-7814]🔒🔒
107439Mozilla Firefox CSP cross site scripting [CVE-2017-7823]🔒🔒
107438Mozilla Firefox JavaScript Parser numeric error [CVE-2017-7813]🔒🔒
107437Mozilla Firefox memory corruption [CVE-2017-7811]🔒🔒
107436Mozilla Firefox memory corruption [CVE-2017-7810]🔒🔒
107435Mozilla Firefox Drag / Drop Feature information disclosure [CVE-2017-7812]🔒🔒
107434Mozilla Firefox TLS use after free [CVE-2017-7805]🔒🔒
107433Mozilla Firefox ANGLE Graphics Library memory corruption [CVE-2017-7824]🔒🔒
107432Mozilla Firefox Design Mode use after free [CVE-2017-7819]🔒🔒
107431Mozilla Firefox ARIA Element use after free [CVE-2017-7818]🔒🔒
107430Mozilla Firefox Fetch API use after free [CVE-2017-7793]🔒🔒
107429Apache Impala Kudu Table access control [CVE-2017-9792]
107428Cloud Foundry Cloud Controller VM access control [CVE-2017-8048]
107427Cloud Foundry redirect [CVE-2017-8047]
107426IBM AIX JRE/SDK Install input validation [CVE-2017-1541]🔒
107425Qt qtsingleapp memory corruption [CVE-2017-15011]
107424Tough-Cookie Module Regular Expression resource consumption [CVE-2017-15010]🔒
107423PRTG Network Monitor Error Page error.htm Reflected cross site scripting🔒
107422PRTG Network Monitor IMG Element Stored cross site scripting🔒
107421GraphicsMagick pict.c ReadPICTImage integer underflow🔒
107420WSO2 Data Analytics Server Management Console Stored cross site scripting🔒
107419GraphicsMagick dcm.c ReadDCMImage null pointer dereference🔒🔒
107418Linux Kernel sg.c sg_ioctl information disclosure🔒🔒
107417Dnsmasq DNS Response memory corruption [CVE-2017-14491]🔒🔒
107416Gemalto HASP SRM/Sentinel HASP/Sentinel LDK Admin Interface access control
107415Gemalto HASP SRM/Sentinel HASP/Sentinel LDK memory corruption
107414Gemalto HASP SRM/Sentinel HASP/Sentinel LDK memory corruption
107413Gemalto HASP SRM/Sentinel HASP/Sentinel LDK Language Pack Update NTLM 7pk security
107412Gemalto HASP SRM/Sentinel HASP/Sentinel LDK XML Parser memory corruption
107411Apache Tomcat JSP File unrestricted upload [CVE-2017-12617]🔒🔒🔒
107410IBM WebSphere Message Broker information disclosure [CVE-2017-1126]🔒
107409Apple iOS Broadcom BCM4355C0 information disclosure [CVE-2017-11122]
107408Google Android Motorola Bootloader access control [CVE-2017-0829]
107407Google Android Huawei Bootloader access control [CVE-2017-0828]
107406Google Android MediaTek soc Driver access control [CVE-2017-0827]
107405Google Android HTC Bootloader access control [CVE-2017-0826]
107404Google Android Broadcom WiFi Driver information disclosure [CVE-2017-0825]
107403Google Android Broadcom WiFi Driver access control [CVE-2017-0824]
107402Google Android rild information disclosure [CVE-2017-0823]
107401Google Android Camera access control [CVE-2017-0822]
107400Google Android Media Framework resource management [CVE-2017-0820]
107399Google Android Media Framework resource management [CVE-2017-0819]
107398Google Android Media Framework resource management [CVE-2017-0818]
107397Google Android Media Framework information disclosure [CVE-2017-0817]
107396Google Android Media Framework information disclosure [CVE-2017-0816]
107395Google Android Media Framework information disclosure [CVE-2017-0815]
107394Google Android Media Framework access control [CVE-2017-0814]
107393Google Android Media Framework access control [CVE-2017-0813]
107392Google Android Media Framework access control [CVE-2017-0812]
107391Google Android Media Framework access control [CVE-2017-0811]
107390Google Android Media Framework access control [CVE-2017-0810]
107389Google Android Media Framework access control [CVE-2017-0809]
107388Google Android File System information disclosure [CVE-2017-0808]
107387Google Android UI Framework access control [CVE-2017-0807]
107386Google Android Gatekeeper access control [CVE-2017-0806]
107385Apache Geode Secure Mode access control [CVE-2017-9797]
107384SolarWinds Network Performance Monitor Upload Logo input validation🔒
107383SolarWinds Network Performance Monitor Add Node Persistent cross site scripting🔒
107382EMC Elastic Cloud Storage credentials management [CVE-2017-8021]
107381EMC AppSync Host Plug-In input validation [CVE-2017-8018]
107380phpCollab File Upload editclient.php unrestricted upload
107379phpCollab deletetopics.php sql injection
107378IBM WebSphere Commerce Marketing ESpot denial of service [CVE-2017-1569]
107377WordPress information disclosure [CVE-2017-14990]🔒🔒
107376ImageMagick annotate.c FT_Done_Glyph use after free🔒🔒
107375OpenEXR ImfHeader.cpp readfrom resource consumption
107374EyesOfNetwork Web Interface index.php cross site scripting🔒
107373EyesOfNetwork Web Interface add_services.php cross site scripting🔒
107372EyesOfNetwork Web Interface index.php cross site scripting🔒
107371ATutor edit_feed.php cross site scripting
107370Gxlcms index.php File access control
107369WPHRM Human Resource Management System sql injection [CVE-2017-14848]
107368Skybox Manager Client Application Debugger access control [CVE-2017-14773]
107367Skybox Manager Client Application Username information disclosure
107366Skybox Manager Client Application File Upload input validation
107365Skybox Manager Client Application Password Hash information disclosure
107364Opentext Document Sciences xPression xml external entity reference
107363Opentext Document Sciences xPression cm_doclist_view_uc.jsp sql injection
107362Opentext Document Sciences xPression downloadSupportFile.action sql injection
107361Opentext Document Sciences xPression Deployment cross site scripting
107360Opentext Document Sciences xPression XPressoDoc cross site scripting
107359Opentext Document Sciences xPression cm_datasource_group_xsd.jsp File path traversal
107358Dnsmasq DNS Request add_pseudoheader integer underflow🔒🔒
107357Dnsmasq DNS Response resource management [CVE-2017-14495]🔒🔒
107356Dnsmasq DHCPv6 Forwarded Request Memory information disclosure🔒🔒
107355Dnsmasq DHCPv6 Request memory corruption [CVE-2017-14493]🔒🔒
107354Dnsmasq IPv6 Router Advertisement memory corruption [CVE-2017-14492]🔒🔒
107353IBM RELM Web UI cross site scripting [CVE-2017-1429]
107352Schneider Electric InduSoft Web Studio/InTouch Machine Edition missing authentication🔒🔒
107351Dnsmasq DNS Packet Size input validation [CVE-2017-13704]🔒🔒
107350IBM RELM Web UI cross site scripting [CVE-2017-1369]
107349IBM RELM Web UI cross site scripting [CVE-2017-1364]
107348IBM RELM Web UI cross site scripting [CVE-2017-1359]
107347IBM Insights Foundation for Energy Web UI cross site scripting
107346IBM RELM Web UI cross site scripting [CVE-2017-1335]
107345IBM RELM Web UI cross site scripting [CVE-2017-1334]
107344IBM RELM Web UI cross site scripting [CVE-2017-1324]
107343IBM Insights Foundation for Energy Back-End Database sql injection
107342NexusPHP linksmanage.php cross site scripting
107341Ipswitch IMail Server IMmailSrv memory corruption [CVE-2017-12639]🔒
107340Ipswitch IMail Server IMmailSrv memory corruption [CVE-2017-12638]🔒
107339Apache OpenNLP XML Data xml external entity reference [CVE-2017-12620]
107338Gemalto ACC hasplms memory corruption [CVE-2017-11498]
107337Gemalto ACC hasplms memory corruption [CVE-2017-11497]
107336Gemalto ACC hasplms memory corruption [CVE-2017-11496]
107335UCOPIA Wireless Appliance chroothole_client access control
107334UCOPIA Wireless Appliance less Command access control [CVE-2017-11321]
107333Apache Wicket CSRF Prevention cross-site request forgery [CVE-2016-6806]🔒
107332Compass Rose Module Javascript Library cross site scripting [CVE-2015-7980]
107331Huawei FusionServer Management Interface 7pk security [CVE-2015-7843]
107330Huawei FusionServer Login Page command injection [CVE-2015-7841]
107329Truecrypt/VeraCrypt Ntdriver.c MountDevice access control
107328Truecrypt/VeraCrypt Symbolic Links Ntdriver.c IsDriveLetterAvailable access control
107327uDesign Theme SVG cross site scripting [CVE-2015-7357]
107326Lenovo System Update SUService.exe command injection
107325Bamboo Web Interface Java code injection🔒🔒
107324Lenovo Fingerprint Manager access control [CVE-2015-3321]
107323Apache Wicket Class information disclosure [CVE-2014-0043]🔒
107322Poppler getCFFBlock null pointer dereference🔒🔒
107321Poppler convertToType0 memory corruption🔒🔒
107320Poppler convertToType0 null pointer dereference🔒🔒
107319GNU binutils libbfd elf32-i386.c null pointer dereference🔒
107318Open vSwitch OpenFlow Group Mod Message ofp-util.c resource consumption🔒🔒
107317PivotX Upload lib.php unrestricted upload
107316BlogoText conv.php Stored cross site scripting
107315Check_MK Failed-Log Save race condition [CVE-2017-14955]🔒🔒
107314Linux Kernel KASLR exit.c information disclosure🔒🔒
107313Jaspersoft JasperReports HTML Source Code flow.html Password information disclosure
107312Philips Hue Bridge BSB002 SW 1707040932 Public API inadequate encryption
107311OpenVPN Key Method 1 read_key memory corruption🔒🔒
107310Apache Geode Command Line Utility Query information disclosure
107309Artifex GSView xps File memory corruption [CVE-2017-14947]
107308Artifex GSView PDF File memory corruption [CVE-2017-14946]
107307Artifex GSView PDF File memory corruption [CVE-2017-14945]
107306Inedo ProGet Package ID input validation [CVE-2017-14944]
107305Intelbras WRN 150 Configuration File RouterCfm.cfg access control🔒
107304GNU binutils dwarf2.c scan_unit_for_symbols null pointer dereference🔒
107303GNU binutils libbfd dwarf2.c decode_line_info memory corruption🔒
107302GNU binutils libbfd elf.c _bfd_elf_slurp_version_tables resource management🔒
107301Pulse Secure Pulse One On-Premise input validation [CVE-2017-14935]
107300GNU binutils libbfd dwarf.c process_debug_info numeric error🔒
107299GNU binutils libbfd dwarf2.c read_formatted_entries input validation🔒
107298GNU binutils libbfd dwarf2.c decode_line_info input validation🔒
107297OpenExif JPEG File ExifImageFileRead.cpp readDQT memory corruption
107296GNU binutils libbfd dwarf2.c resource management🔒
107295Poppler Object.h dictLookup memory corruption🔒🔒
107294Poppler Configuration null pointer dereference🔒🔒
107293Poppler type3D0 null pointer dereference🔒🔒
107292Poppler Content null pointer dereference🔒🔒
107291Tiki tiki-objectpermissions.php cross-site request forgery
107290Tiki tiki-assignuser.php cross-site request forgery
107289Tine CRM Stored cross site scripting
107288Tine Community Edition Profile/Calendar/Tasks/CRM Stored cross site scripting
107287Tine Community Edition Filenmanager Stored cross site scripting
107286EGroupware Community Edition HTTP Header Stored cross site scripting🔒
107285FileRun Metasearch Module sql injection [CVE-2017-14738]
107284ERS Data System com.branaghgroup.ecers.update.UpdateRequest deserialization
107283SmarterStats HTTP Header ReferringURLsWithQueries Stored cross site scripting🔒
107282Zoho Site24x7 Mobile Network Poller X.509 Certificate certificate validation
107281HP UCMDB Configuration Manager cross site scripting [CVE-2017-14352]
107280HP UCMDB Configuration Manager privileges management [CVE-2017-14351]
107279HPE Application Performance Management missing authentication
107278HPE SiteScope access control [CVE-2017-14349]
107277ArcSight ESM/ArcSight ESM Express information disclosure [CVE-2017-13991]🔒
107276ArcSight ESM/ArcSight ESM Express Apache Tomcat Version information disclosure🔒
107275ArcSight ESM/ArcSight ESM Express Access Control access control🔒
107274ArcSight ESM/ArcSight ESM Express Access Control access control🔒
107273ArcSight ESM/ArcSight ESM Express Log File access control [CVE-2017-13987]🔒
107272ArcSight ESM/ArcSight ESM Express Reflected cross site scripting🔒
107271HPE BSM Platform Application Performance Management System Health path traversal
107270HPE BSM Platform Application Performance Management System Health improper authentication
107269HPE BSM Platform Application Performance Management System Health improper authentication
107268HPE BSM Platform Application Performance Management System Health unrestricted upload
107267Unisys Libra 64xx/Libra 84xx/FS601 memory corruption [CVE-2017-13684]
107266Apache Tika XML Parser xml external entity reference [CVE-2016-4434]🔒
107265Multitech FaxFinder LDAP Configuration Page Password credentials management
107264CP Contact Form with PayPal cp_contactformpp.php sql injection
107263CP Contact Form with PayPal cross-site request forgery
107262Apache Mesos libprocess data processing [CVE-2017-9790]
107261X-Pack Alerting Permission access control [CVE-2017-8448]🔒🔒
107260X-Pack Security Permission access control [CVE-2017-8447]🔒🔒
107259Elastic Cloud Enterprise ZooKeeper Traffic cryptographic issues
107258Apache Mesos libprocess data processing [CVE-2017-7687]🔒
107257RHMAP App Studio Stored cross site scripting🔒
107256RHMAP API Call server-side request forgery [CVE-2017-7553]🔒
107255RHMAP File Editor access control [CVE-2017-7552]🔒
107254Git git-shell input validation [CVE-2017-14867]🔒🔒
107253Exiv2 types.cpp s2Data memory corruption
107252Exiv2 types.cpp us2Data memory corruption🔒
107251Exiv2 types.cpp getULong memory corruption🔒🔒
107250Exiv2 image.cpp printIFDStructure memory corruption
107249Exiv2 value.cpp read memory corruption🔒🔒
107248Exiv2 image.cpp stringFormat resource management
107247Exiv2 jp2image.cpp readMetadata memory corruption🔒
107246Exiv2 value.cpp read memory corruption🔒🔒
107245Exiv2 types.cpp l2Data memory corruption
107244Exiv2 image.cpp Image use after free
107243Content Timeline Plugin content_timeline_class.php sql injection
107242Cisco IOS/IOS XE DHCP Relay input validation [CVE-2017-12240]🔒
107241Cisco IOS XE Line Card access control [CVE-2017-12239]🔒
107240Cisco IOS VPLS resource management [CVE-2017-12238]🔒
107239Cisco IOS/IOS XE IKEv2 resource management [CVE-2017-12237]🔒
107238Cisco IOS XE LISP improper authentication [CVE-2017-12236]🔒
107237Cisco IOS PROFINET Discovery/Configuration Protoco input validation🔒
107236Cisco IOS Common Industrial Protocol input validation [CVE-2017-12234]🔒
107235Cisco IOS Common Industrial Protocol input validation [CVE-2017-12233]🔒
107234Cisco IOS resource management [CVE-2017-12232]🔒
107233Cisco IOS Network Address Translation resource management [CVE-2017-12231]🔒
107232Cisco IOS XE Administration UI access control [CVE-2017-12230]🔒
107231Cisco IOS XE REST API improper authentication [CVE-2017-12229]🔒
107230Cisco IOS/IOS XE Network Plug/Play input validation [CVE-2017-12228]🔒
107229Cisco IOS XE Wireless LAN Controller GUI access control [CVE-2017-12226]
107228Cisco IOS XE Wireless Controller Manager input validation [CVE-2017-12222]
107227Kibana Timelion cross site scripting [CVE-2017-11479]🔒
107226SAP Enterprise Portal cross site scripting [CVE-2017-10701]
107225Percona Toolkit/XtraBackup Version Check information disclosure🔒
107224Percona Toolkit Automatic Version Check information disclosure🔒🔒
107223BackWPup Plugin Backup File file access [CVE-2017-2551]🔒
107222IBM WebSphere DataPower Web UI cross site scripting [CVE-2017-1591]
107221IBM WebSphere Portal path traversal [CVE-2017-1577]🔒
107220Node.js Pathname Validator access control [CVE-2017-14849]🔒
107219Mojoomla WPAMS Apartment Management System sql injection [CVE-2017-14847]
107218Mojoomla Hospital Management System sql injection [CVE-2017-14846]
107217Mojoomla WPCHURCH Church Management System sql injection [CVE-2017-14845]
107216Mojoomla WPGYM WordPress Gym Management System sql injection
107215Mojoomla School Management System sql injection [CVE-2017-14843]
107214Mojoomla SMSmaster Multipurpose SMS Gateway sql injection [CVE-2017-14842]
107213Mojoomla Annual Maintenance Contract unrestricted upload [CVE-2017-14841]
107212TeamWork TicketPlus updateProfile unrestricted upload
107211TeamWork Photo Fusion changeCover unrestricted upload
107210TeamWork Job Links coverChange unrestricted upload
107209IBM Security Identity Manager missing authentication [CVE-2017-1483]
107208libbpg libbpg.c hevc_write_frame integer underflow
107207libbpg libbpg.c hevc_write_frame out-of-bounds read
107206Laravel DatabaseUserProvider information disclosure [CVE-2017-14775]
1072052kb Amazon Affiliates Store Plugin admin.php cross site scripting
107204Opentext Documentum Webtop GAIRConnector xml external entity reference
107203Opentext Documentum Administrator GAIRConnector xml external entity reference
107202Opentext Documentum Webtop default.htm redirect
107201Opentext Documentum Administrator default.htm redirect
107200IBM Security Identity Manager Virtual Appliance command injection
107199Norton Remove / Reinstall code injection [CVE-2017-13676]🔒
107198Perl perlhost.h Add memory corruption🔒
107197Apache Xerces Jelly Parser xml external entity reference [CVE-2017-12621]
107196FreeIPA API session fixiation [CVE-2017-11191]
107195Broadcom BCM4355C0 Fast Transition Frame memory corruption [CVE-2017-11121]🔒
107194Broadcom BCM4355C0 RRM Neighbor Report Frame memory corruption🔒
107193ZTE NR8950 Apache Commons Collections deserialization [CVE-2017-10932]
107192Zoho ManageEngine Desktop Central FileUploadServlet unrestricted upload🔒
107191VASCO DIGIPASS Authentication Plug-In cross site scripting [CVE-2015-7349]
107190ZyXEL NWA1123-NI X.509 Certificate cryptographic issues [CVE-2015-7256]🔒🔒
107189October CMS cross site scripting [CVE-2015-5613]
107188usb-creator KVMTest access control
107187tcpdump print-wb.c ah_print input validation🔒
107186Google Android Media Server IHDCP.cpp integer overflow
107185Google Android Media Server integer overflow [CVE-2015-1526]
107184man-db ManDB Cleanup man access control🔒
107183Googlemaps Plugin Incomplete Fix plugin_googlemap3_kmlprxy.php resource management
107182KDE KMail Attachment cryptographic issues [CVE-2014-8878]
107181FFmpeg SDP File rtpdec_h264.c sdp_parse_fmtp_config_h264 memory corruption🔒🔒
107180Simple Student Result Plugin functions.php fn_ssr_add_st_submit improper authentication
107179GeniXCMS index.php cross site scripting
107178GeniXCMS Upload Modules Page code injection [CVE-2017-14764]
107177GeniXCMS Install Themes Page command injection [CVE-2017-14763]
107176GeniXCMS Backend menus.control.php cross site scripting
107175GeniXCMS Backend menus.control.php cross site scripting
107174Event Espresso Lite Plugin index.php sql injection
107173EyesOfNetwork Web Interface index.php cross site scripting🔒
107172SaltStack Salt Salt-api minion command injection🔒
107171SaltStack Salt local_batch Client improper authentication [CVE-2017-5192]🔒
107170IBM Business Process Manager LDAP access control [CVE-2017-1539]
107169IBM Business Process Manager Web UI cross site scripting [CVE-2017-1531]
107168IBM Business Process Manager Web UI cross site scripting [CVE-2017-1530]
107167IBM Business Process Manager XML Data xml external entity reference
107166Intense WP Jobs Plugin cross site scripting [CVE-2017-14751]
107165JerryScript JS File jmem_heap_alloc_block_internal memory corruption
107164Blizzard Overwatch Competitive Match race condition [CVE-2017-14748]
107163GNU binutils libbfd elf32-i386.c integer overflow🔒
107162Claydip Laravel Airbnb Clone File Upload profile proof_submit unrestricted upload
107161Cash Back Comparison Script sql injection [CVE-2017-14703]
107160Citrix Netscaler Application Delivery Controller Management Interface access control🔒
107159IBM Business Process Manager Web UI cross site scripting [CVE-2017-1425]
107158ZKTeco ZKTime Web cross-site request forgery [CVE-2017-13129]
107157Support Ticket System Plugin update.php sql injection
107156TestLink tcCreatedPerUserOnTestProject.php cross site scripting
107155TestLink lnl.php sql injection
107154Battle for Wesnoth Incomplete Fix filesystem.cpp get_wml_location information disclosure🔒🔒
107153Battle for Wesnoth filesystem.cpp get_wml_location information disclosure🔒🔒
107152OpenHPI Permission Disk Consumption resource consumption🔒🔒
107151Smartphone Passbook X.509 Certificate Validation certificate validation
107150Schneider Electric ClearSCADA memory corruption [CVE-2017-9962]
107149Schneider Electric Pro-Face GP Pro EX access control [CVE-2017-9961]
107148Schneider Electric U.motion Builder information disclosure [CVE-2017-9960]
107147Schneider Electric U.motion Builder access control [CVE-2017-9959]
107146Schneider Electric U.motion Builder Access Control access control
107145Schneider Electric U.motion Builder Web Service hard-coded credentials
107144Schneider Electric U.motion Builder hard-coded credentials [CVE-2017-9956]
107143Schneider Electric U.motion Builder path traversal [CVE-2017-7974]
107142Schneider Electric U.motion Builder sql injection [CVE-2017-7973]
107141Schneider Electric PowerSCADA Anywhere access control [CVE-2017-7972]
107140Schneider Electric PowerSCADA Anywhere SSL certificate validation
107139Schneider Electric PowerSCADA Anywhere access control [CVE-2017-7970]
107138Schneider Electric PowerSCADA Anywhere Secure Gateway cross-site request forgery
107137UEditor IFRAME cross site scripting [CVE-2017-14744]
107136Faleemi FSC-880 device_service sql injection
107135ImageMagick caption.c ReadCAPTIONImage input validation🔒🔒
107134ImageMagick resample-private.h AcquireResampleFilterThreadSet null pointer dereference🔒🔒
107133Botan RSA cryptographic issues [CVE-2017-14737]🔒🔒
107132Digium Asterisk GUI os command injection [CVE-2017-14001]
107131Linux Kernel CR8 vmx.c prepare_vmcs02 access control🔒🔒
107130Linux Kernel KVM Subsystem vmx.c input validation🔒🔒
107129Magento CE/Magento EE Password Reset information disclosure [CVE-2015-8707]
107128Red Hat openshift selinux-policy information disclosure [CVE-2015-0238]
107127Red Hat Enterprise Virtualization ovirt-node format string
107126fso-gsm/fso-frameworkd/fso-usaged D-Bus Security Policy *.conf access control
107125Mahara Registration cross site scripting [CVE-2017-9551]
107124IBM API Connect input validation [CVE-2017-1555]
107123IBM API Connect input validation [CVE-2017-1551]
107122OWASP AntiSamy HTML5 Entities cross site scripting [CVE-2017-14735]
107121libbpg libbpg.c build_msps memory corruption
107120GraphicsMagick rle.c ReadRLEImage memory corruption🔒🔒
107119LibOFX ofx_preproc.cpp memory corruption🔒🔒
107118Gentoo logstash-bin Init Script access control
107117GNU binutils libbfd elf32-i386.c memory corruption🔒
107116geminabox gem Upload cross-site request forgery [CVE-2017-14683]🔒
107115geminabox .gemspec cross site scripting🔒
107114IBM Business Process Manager Web UI cross site scripting [CVE-2017-1424]
107113Image Gallery Plugin admin.php sql injection
107112IBM Security Identity Manager Credentials credentials management
107111IBM Business Process Manager Offline Install Temporary race condition
107110Vebto Pixie Image Editor Launderer.php server-side request forgery
107109IBM WebSphere MQ access control [CVE-2017-1235]
107108Google Android Qualcomm Networking Driver rndis_ipa.c access control
107107php-fusion cross site scripting [CVE-2015-8375]
107106OpenStage/OpenScape Desk Phone IP X.509 Certificate information disclosure🔒🔒
107105Huawei S7700/S9700/S9300/AR200/AR1200/AR2200/AR3200 CF Card information disclosure
107104GANMA! App SSL Certificate Validator certificate validation [CVE-2015-7785]
107103Red Hat Enterprise Virtualization Manager ) Bugtraq injection🔒
107102systemd NSS Module getgrnam memory corruption🔒
107101Plone input validation [CVE-2015-7318]
107100Kupu Settings access control [CVE-2015-7317]
107099Plone cross site scripting [CVE-2015-7316]
107098Plone User access control [CVE-2015-7315]
107097Zope/Plone Management Interface cross-site request forgery [CVE-2015-7293]
107096jsoup cross site scripting [CVE-2015-6748]🔒
107095Huawei UAP2105 VxWorks Shell 7pk security [CVE-2015-6592]
107094devscripts command injection🔒🔒
107093ANA App SSL Certificate Verification Service certificate validation
107092Linux Kernel x509_cert_parser.c x509_decode_time out-of-bounds read
107091Foreman cross site scripting [CVE-2015-5282]
107090pulp-consumer-client TLS Certificate certificate validation [CVE-2015-5263]
107089protobuf memory corruption [CVE-2015-5237]
107088Red Hat JBoss A-MQ HawtIO Console 7pk security [CVE-2015-5184]
107087Red Hat JBoss A-MQ HawtIO Console 7pk security [CVE-2015-5183]
107086Red Hat JBoss A-MQ Jolokia API cross-site request forgery [CVE-2015-5182]🔒
107085Red Hat JBoss A-MQ cross site scripting [CVE-2015-5181]
107084Apache Struts cross site scripting [CVE-2015-5169]🔒🔒
107083Xceedium Xsuite MySQL Database Empty sql injection🔒
107082Xceedium Xsuite redirect [CVE-2015-4668]🔒
107081Xceedium Xsuite hard-coded credentials [CVE-2015-4667]🔒
107080InspIRCd Incomplete Fix input validation [CVE-2012-6696]🔒🔒
107079Cisco IOS IPsec cryptographic issues [CVE-2011-4667]
107078Cisco IOS input validation [CVE-2010-3050]
107077Cisco IOS input validation [CVE-2010-3049]
107076Samba information disclosure [CVE-2017-12163]🔒🔒
107075Samba DFS cryptographic issues [CVE-2017-12151]🔒🔒
107074Samba Signing 7pk security [CVE-2017-12150]🔒🔒
107073Apple Xcode subversion input validation [CVE-2017-9800]🔒🔒
107072Apple Xcode ld64 memory corruption [CVE-2017-7137]🔒🔒
107071Apple Xcode ld64 memory corruption [CVE-2017-7136]🔒🔒
107070Apple Xcode ld64 memory corruption [CVE-2017-7135]🔒🔒
107069Apple Xcode ld64 memory corruption [CVE-2017-7134]🔒🔒
107068Apple Xcode ld64 memory corruption [CVE-2017-7076]🔒🔒
107067Apple Xcode Git privileges management [CVE-2017-1000]
107066Apple iOS Wi-Fi Memory information disclosure🔒
107065Apple iOS Wi-Fi race condition [CVE-2017-7115]🔒
107064Apple iOS Wi-Fi memory corruption [CVE-2017-7112]🔒
107063Apple iOS Wi-Fi memory corruption [CVE-2017-7110]🔒
107062Apple iOS Wi-Fi memory corruption [CVE-2017-7108]🔒
107061Apple iOS Wi-Fi memory corruption [CVE-2017-7105]🔒
107060Apple iOS Wi-Fi memory corruption [CVE-2017-7103]🔒
107059Apple iOS WebKit input validation [CVE-2017-7106]🔒🔒
107058Apple iOS WebKit Universal cross site scripting🔒🔒🔒
107057Apple iOS Safari input validation [CVE-2017-7085]🔒🔒
107056Apple iOS MobileBackup cryptographic issues [CVE-2017-7133]
107055Apple iOS Messages input validation [CVE-2017-7118]
107054Apple iOS Mail MessageUI memory corruption [CVE-2017-7097]
107053Apple iOS iBooks input validation [CVE-2017-7072]
107052Apple iOS Exchange ActiveSync permission [CVE-2017-7088]
107051Apple Safari WebKit cross site scripting [CVE-2017-7089]🔒🔒🔒
107050Apple Safari Address Bar input validation [CVE-2017-7106]🔒🔒
107049Apple Safari Address Bar input validation [CVE-2017-7085]🔒🔒
107048WeeChat Logger Plugin logger.c memory corruption🔒🔒
107047WordPress TinyMCE cross site scripting [CVE-2017-14726]🔒🔒
107046WordPress edit-tag-form.php redirect🔒🔒
107045WordPress oEmbed Discovery cross site scripting [CVE-2017-14724]🔒🔒
107044WordPress sql injection [CVE-2017-14723]🔒🔒
107043WordPress Customizer path traversal [CVE-2017-14722]🔒🔒
107042WordPress Plugin Editor cross site scripting [CVE-2017-14721]🔒🔒
107041WordPress Template List View cross site scripting [CVE-2017-14720]🔒🔒
107040WordPress ZipArchive/PclZip path traversal [CVE-2017-14719]🔒🔒
107039WordPress data URI cross site scripting [CVE-2017-14718]🔒🔒
107038CyberLink LabelPrint lpp Project File memory corruption [CVE-2017-14627]
107037CA Identity Manager Search Account information disclosure
107036NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validation🔒
107035NVIDIA GPU Display Driver Kernel Mode Layer input validation🔒🔒
107034NVIDIA Windows GPU Display Driver Kernel Mode Layer DxgkDdiCreateAllocation divide by zero🔒
107033NVIDIA Windows GPU Display Driver Kernel Mode Layer DxgkDdiCreateAllocation divide by zero🔒
107032NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validation🔒
107031NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys input validation🔒
107030NVIDIA GPU Display Driver Kernel Mode Layer memory corruption🔒🔒
107029NVIDIA GPU Display Driver Kernel Mode Layer access control [CVE-2017-6266]🔒🔒
107028LXCA command injection [CVE-2017-3770]
107027LXCA Credentials credentials management [CVE-2017-3763]
107026epesi Tasks Stored cross site scripting🔒
107025epesi Tasks Stored cross site scripting🔒
107024epesi Tasks Alerts Stored cross site scripting🔒
107023epesi Phonecalls Stored cross site scripting🔒
107022epesi Phonecalls Description Stored cross site scripting🔒
107021epesi Tasks Phonecall Notes Stored cross site scripting🔒
107020DenyAll WAF index.php Credentials improper authentication
107019DenyAll WAF tail.php tailDateFile command injection
107018Foxit Reader PDF File FinalRelease+0x000000000000002f. memory corruption🔒🔒
107017Trend Micro Mobile Security Proxy command injection [CVE-2017-14081]
107016Trend Micro Mobile Security improper authentication [CVE-2017-14080]
107015Trend Micro Mobile Security File Upload unrestricted upload [CVE-2017-14079]
107014Trend Micro Mobile Security sql injection [CVE-2017-14078]
107013Trend Micro Web Security Web Service Inspection command injection🔒
107012Trend Micro Smart Protection Server Administration UI command injection🔒
107011EMC ViPR SRM/Storage M/R/VNX M/R/M/R Java Management Extension access control
107010EMC ViPR SRM/Storage M/R/VNX M/R/M/R Webservice Gateway path traversal
107009IrfanView djvu File memory corruption [CVE-2017-14693]🔒
107008STDU Viewer JP2 File memory corruption [CVE-2017-14692]
107007STDU Viewer JB2 File memory corruption [CVE-2017-14691]
107006STDU Viewer JB2 File memory corruption [CVE-2017-14690]
107005STDU Viewer djvu File memory corruption [CVE-2017-14689]
107004STDU Viewer djvu File memory corruption [CVE-2017-14688]
107003Artifex MuPDF xps File memory corruption [CVE-2017-14687]🔒🔒
107002Artifex MuPDF User Mode unzip.c memory corruption🔒🔒
107001Artifex MuPDF xps-link.c memory corruption🔒🔒
107000ImageMagick vips.c ReadVIPSImage resource management🔒
106999ASP4CMS AspCMS Orderinfo.asp information disclosure
106998sam2p in_xpm.cpp parse_rgb memory corruption🔒🔒
106997sam2p image.cpp sortPal integer overflow🔒🔒
106996Micro Focus VisiBroker out-of-bounds read [CVE-2017-9283]
106995Micro Focus VisiBroker integer overflow [CVE-2017-9282]
106994Micro Focus VisiBroker integer overflow [CVE-2017-9281]
106993Red Hat OpenStack instack-undercloud link following [CVE-2017-7549]
106992libexif exif-data.c exif_data_save_data_entry out-of-bounds read🔒
106991ImageMagick token.c GetNextToken memory corruption🔒🔒
106990P3Scan Privileges` access control
106989ZKTeco ZKTime Web PDF Document information disclosure [CVE-2017-14680]
106988Tapatalk Plugin XML-RPC classTTForum.php sql injection
106987WSO2 Data Analytics Server add_collection_ajaxprocessor.jsp cross site scripting🔒
106986ImageMagick Convert Utility raw input validation🔒
106985GraphicsMagick png.c ReadOneJNGImage input validation🔒
106984BladeEnc loop.c iteration_loop out-of-bounds write
106983Bento4 Ap4SampleEntry.cpp ReadFields out-of-bounds write
106982Bento4 Ap4DataBuffer.cpp SetData memory corruption
106981Bento4 Ap4BitStream.cpp ReadBytes memory corruption
106980Bento4 AP4_HdlrAtom out-of-bounds write
106979Bento4 Ap4HdlrAtom.cpp AP4_HdlrAtom memory corruption
106978Bento4 Ap4StdCFileByteStream.cpp ReadPartial null pointer dereference
106977Bento4 Ap4MetaData.cpp AP4_DataAtom null pointer dereference
106976Bento4 Ap4AtomSampleTable.cpp GetSample null pointer dereference
106975Bento4 Ap4SampleEntry.cpp ReadFields memory corruption
106974Bento4 Ap4AtomFactory.cpp CreateAtomFromStream null pointer dereference
106973Mirasvit Helpdesk MX Administrative Interface cross site scripting
106972Mirasvit Helpdesk MX File Upload input validation [CVE-2017-14320]
106971TecnoVISION DLX Spot Player4 Web Admin Interface sql injection🔒
106970TecnoVISION DLX Spot Player4 File Upload resource.php unrestricted upload🔒
106969TecnoVISION DLX Spot Player4 SSH Service hard-coded credentials🔒
106968Pure-FTPd Config config [CVE-2017-12170]🔒🔒
106967ProxyChains-NG untrusted search path [CVE-2015-3887]🔒
106966Google Android Qualcomm DMA Allocation access control [CVE-2017-9725]🔒
106965Google Android Qualcomm ION Cache Kernel Memory access control
106964Google Android Qualcomm Camera Driver access control [CVE-2017-9720]
106963Google Android Qualcomm access control [CVE-2017-9677]
106962Google Android Qualcomm use after free [CVE-2017-9676]
106961Google Android Qualcomm race condition [CVE-2017-8281]
106960Google Android Qualcomm WLAN memory corruption [CVE-2017-8280]
106959Google Android Qualcomm Audio access control [CVE-2017-8278]
106958Google Android Qualcomm msm_dba_register_client access control
106957Google Android Qualcomm access control [CVE-2017-8251]
106956Google Android Qualcomm access control [CVE-2017-8250]
106955Google Android Qualcomm access control [CVE-2017-8247]
106954Cisco Stackable Managed Switch SSH Subsystem memory corruption
106953Open Ticket Request System access control [CVE-2017-14635]🔒🔒
106952libsndfile double64.c double64_init divide by zero🔒
106951Xiph.Org libvorbis mapping0.c mapping0_forward out-of-bounds read🔒🔒
106950Xiph.Org libvorbis info.c vorbis_analysis_headerout memory corruption🔒🔒
106949sam2p in_pcx.cpp pcxLoadRaster memory corruption🔒🔒
106948sam2p in_pcx.cpp pcxLoadImage24 integer overflow🔒🔒
106947sam2p in_xpm.cpp in_xpm_reader integer overflow🔒🔒
106946xloadimage in_pcx.cpp pcxLoadImage24 memory corruption🔒🔒
106945ImageMagick sixel.c sixel_decode null pointer dereference🔒
106944ImageMagick sixel.c sixel_output_create null pointer dereference🔒
106943ImageMagick ps.c PostscriptDelegateMessage null pointer dereference🔒
106942libsndfile ulaw.c d2ulaw_array out-of-bounds read🔒
106941libsndfile alaw.c d2alaw_array out-of-bounds read🔒
106940Xiph.Org libvorbis MP4 File psy.c bark_noise_hybridmp memory corruption🔒🔒
106939Centra UCS Central Software CLI input validation [CVE-2017-12255]
106938Cisco Unified Intelligence Center Web Interface DOM-Based cross site scripting
106937Cisco Unified Intelligence Center cross-site request forgery
106936Cisco FindIT Network Discovery Utility untrusted search path
106935Cisco Wide Area Application Services resource management [CVE-2017-12250]
106934Cisco Unified Intelligence Center Web Interface cross site scripting
106933Cisco Small Business SPA300 IP Fragment resource management [CVE-2017-12219]
106932Cisco Email Security Appliance Content Filter input validation🔒
106931Cisco Unified Customer Voice Portal OAMP Reset access control
106930Linux Kernel nl80211.c nl80211_set_rekey_data null pointer dereference🔒🔒
106929Google Android Qualcomm access control [CVE-2017-11041]
106928Google Android Qualcomm information disclosure [CVE-2017-11040]
106927Google Android Qualcomm information disclosure [CVE-2017-11002]
106926Google Android Qualcomm information disclosure [CVE-2017-11001]
106925Google Android Qualcomm access control [CVE-2017-11000]
106924Google Android Qualcomm access control [CVE-2017-10999]
106923Google Android Qualcomm audio_aio_ion_lookup_vaddr access control
106922Google Android Qualcomm Kernel Memory access control
106921Google Android Qualcomm c_show information disclosure
106920chef Knife Bootstrap Command messages Private Key information disclosure
106919FreeIPA ipa-kra-install kra-agent.pem information disclosure
106918IPython contents cross site scripting🔒
106917NodeBB cross site scripting [CVE-2015-3296]🔒
106916Kallithea cross-site request forgery [CVE-2015-0276]🔒
106915ldap.v2 credentials management [CVE-2017-14623]
106914Portus typeahead cross site scripting [CVE-2017-14621]
106913phpMyFAQ Config Module cross site scripting [CVE-2017-14619]🔒🔒
106912phpMyFAQ Faq.php cross site scripting🔒🔒
106911Poppler ImageStream Floating Point input validation🔒🔒
106910Watchguard Firewall XML-RPC Interface resource consumption [CVE-2017-14616]🔒
106909Watchguard Firewall XML-RPC Interface cross site scripting [CVE-2017-14615]🔒
106908Bareos bareos-dir/bareos-fd/bareos-sd/bareos-core access control
106907Kannel Server Daemon access control [CVE-2017-14609]🔒
106906Joomla CMS LDAP Authentication Password ldap injection🔒🔒
106905Joomla CMS information disclosure [CVE-2017-14595]🔒🔒
106904Good Technology Enterprise Signature Protection insufficient verification of data authenticity
106903iTerm2 DNS Query Password information disclosure
106902ZCMS JavaServer Pages Content Management System cross site scripting
106901libpgf Decoder.cpp use after free🔒
106900Joomla CMS redirect [CVE-2015-5608]🔒🔒
106899SOGo cross-site request forgery [CVE-2015-5395]
106898IPython cross site scripting [CVE-2015-4707]🔒🔒
106897Open Litespeed use after free [CVE-2015-3890]
106896node/URONode Bandwidth Consumption resource management [CVE-2015-2927]
106895Simple Ads Manager Plugin information disclosure [CVE-2015-2826]🔒
106894Ember.js cross site scripting [CVE-2015-1866]
106893Coreutils fts.c File race condition
106892IBM Security SiteProtector System access control [CVE-2015-0162]
106891Magento E-Commerce Platform cross site scripting [CVE-2014-9758]🔒
106890Mirion DMC 3000 Transmitter Module Key hard-coded credentials
106889Mirion DMC 3000 Transmitter Module inadequate encryption [CVE-2017-9645]
106888ARM Trusted Firmware BL1 FWU SMC integer overflow [CVE-2017-9607]
106887BE126 WiFI Repeater Telnet Service hard-coded credentials [CVE-2017-8772]
106886BE126 WiFI Repeater Telnet Service hard-coded credentials [CVE-2017-8771]
106885BE126 WiFI Repeater information disclosure [CVE-2017-8770]
106884Rockwell MicroLogix 1100 PCCC Packet input validation [CVE-2017-7924]
106883LibRaw dcraw.c kodak_65000_load_raw out-of-bounds read🔒🔒
106882ImageMagick tiff.c ReadTIFFImage out-of-bounds read🔒🔒
106881GNOME Nautilus trusted File input validation🔒🔒
106880YADIFA DNS Packet Parser resource consumption [CVE-2017-14339]🔒🔒
106879Perl Regular Expression memory corruption [CVE-2017-12883]🔒🔒
106878Perl Regular Expression memory corruption [CVE-2017-12837]🔒🔒
106877Apache Struts Freemarker Tag input validation [CVE-2017-12611]🔒🔒🔒
106876Linux Kernel Performance Monitor sys_regs.c access_pmu_evcntr input validation
106875Apache Struts URL Validator input validation [CVE-2016-8738]🔒🔒
106874Apache Struts Convention Plugin path traversal [CVE-2016-6795]🔒🔒
106873Huawei P8 information disclosure [CVE-2015-8224]
106872IPython REST API cross-site request forgery [CVE-2015-5607]🔒🔒
106871Red Hat Feedhenry Enterprise Mobile Application Platform File Download Reflected input validation
106870FreeIPA input validation [CVE-2015-5179]
106869Polycom RealPresence Resource Manager scripts access control
106868Polycom RealPresence Resource Manager FileDownload credentials management
106867Polycom RealPresence Resource Manager Session Identifier access control
106866Polycom RealPresence Resource Manager JConfigManager Path information disclosure
106865Polycom RealPresence Resource Manager Password credentials management
106864Helpdesk Pro Plugin ini File injection [CVE-2015-4075]
106863Helpdesk Pro Plugin ticket.download_attachment path traversal
106862Helpdesk Pro Plugin sql injection [CVE-2015-4073]
106861Helpdesk Pro Plugin cross site scripting [CVE-2015-4072]
106860Ubuntu Linux URLRequestDelegatedJob use after free🔒🔒
106859CodeIgniter mcrypt Extension cryptographic issues [CVE-2014-8686]
106858CodeIgniter/Kohana Session Cookie cryptographic issues [CVE-2014-8684]
106857Astaro Security Gateway index.plx input validation
106856Pragyan CMS admin.lib.php sql injection [CVE-2017-14601]
106855Pragyan CMS admin.lib.php sql injection [CVE-2017-14600]
106854AfterLogic Webmail/Aurora ajax.php cross site scripting🔒
106853SAP NetWeaver AS JAVA Host Control Web Service resource consumption
106852NetMechanica NetDecision Winring0x32.sys access control [CVE-2017-14311]
106851Kaltura Signature getUserzoneCookie hard-coded credentials🔒
106850Kultura bigRedButton.php cross site scripting🔒
106849Kaltura Admin Panel code injection [CVE-2017-14141]🔒
106848Ruby OpenSSL ASN1 memory corruption🔒🔒
106847Apache Tomcat VirtualDirContext Source information disclosure🔒🔒
106846Apache Tomcat HTTP PUT Method unrestricted upload [CVE-2017-12615]🔒🔒🔒
106845ZXR10 1800-2S path traversal [CVE-2017-10931]🔒
106844ZXR10 1800-2S Password access control [CVE-2017-10930]
106843Ruby WEBrick Library improper authentication [CVE-2017-10784]🔒🔒
106842QNAP NAS medialibrary command injection [CVE-2017-10700]🔒
106841Red Hat Enterprise Linux UEFI Secure Boot 7pk security [CVE-2015-7837]🔒🔒
106840WP Fastest Cache Plugin admin.php addCacheTimeout cross-site request forgery🔒
106839Pydio cross site scripting [CVE-2015-3432]🔒
106838Pydio os command injection [CVE-2015-3431]🔒
106837Dovecot ssl-proxy-openssl.c ssl-proxy-opensslc certificate validation🔒🔒
106836vBulletin Private Message input validation [CVE-2015-3419]🔒
106835Floating Social Bar Plugin Service Order cross site scripting
106834Kallithea Administration Page cross site scripting [CVE-2015-1864]🔒
106833389 Directory Server Access Restriction access control [CVE-2015-1854]🔒🔒
106832Red Hat JBoss Enterprise Application Platform AdvancedLdapLodinMogule information disclosure
106831Cisco Cloud Web Security Filter memory corruption [CVE-2015-0689]
106830Netsweeper Client Filter Admin Portal improper authentication
106829Netsweeper Deny Page information disclosure [CVE-2014-9616]
106828Netsweeper quarantine_disable.php access control🔒
106827eDeploy information disclosure [CVE-2014-8174]
106826IBM Curam Social Program Management cross site scripting [CVE-2014-6191]
106825LANDesk Management Suite Admin Interface sm_actionfrm.asp input validation
106824Solr Kerberos Plugin improper authentication [CVE-2017-9803]🔒
106823F5 BIG-IP TMM access control [CVE-2017-6147]🔒
106822XnView Classic JB2 File memory corruption [CVE-2017-14580]🔒
106821STDU Viewer JB2 File memory corruption [CVE-2017-14579]
106820IrfanView ANI File memory corruption [CVE-2017-14578]
106819STDU Viewer xps File memory corruption [CVE-2017-14577]
106818STDU Viewer xps File memory corruption [CVE-2017-14576]
106817STDU Viewer xps File memory corruption [CVE-2017-14575]
106816STDU Viewer xps File memory corruption [CVE-2017-14574]
106815STDU Viewer xps File memory corruption [CVE-2017-14573]
106814STDU Viewer xps File memory corruption [CVE-2017-14572]
106813STDU Viewer xps File memory corruption [CVE-2017-14571]
106812STDU Viewer xps File memory corruption [CVE-2017-14570]
106811STDU Viewer xps File memory corruption [CVE-2017-14569]
106810STDU Viewer xps File memory corruption [CVE-2017-14568]
106809STDU Viewer xps File memory corruption [CVE-2017-14567]
106808STDU Viewer xps File memory corruption [CVE-2017-14566]
106807STDU Viewer xps File memory corruption [CVE-2017-14565]
106806STDU Viewer xps File memory corruption [CVE-2017-14564]
106805STDU Viewer xps File memory corruption [CVE-2017-14563]
106804STDU Viewer xps File memory corruption [CVE-2017-14562]
106803STDU Viewer xps File memory corruption [CVE-2017-14561]
106802STDU Viewer xps File memory corruption [CVE-2017-14560]
106801STDU Viewer xps File memory corruption [CVE-2017-14559]
106800STDU Viewer djvu File memory corruption [CVE-2017-14558]
106799STDU Viewer djvu File memory corruption [CVE-2017-14557]
106798STDU Viewer djvu File memory corruption [CVE-2017-14556]
106797STDU Viewer djvu File memory corruption [CVE-2017-14555]
106796STDU Viewer djvu File memory corruption [CVE-2017-14554]
106795STDU Viewer djvu File memory corruption [CVE-2017-14553]
106794STDU Viewer djvu File memory corruption [CVE-2017-14552]
106793STDU Viewer djvu File memory corruption [CVE-2017-14551]
106792STDU Viewer djvu File memory corruption [CVE-2017-14550]
106791STDU Viewer djvu File memory corruption [CVE-2017-14549]
106790STDU Viewer djvu File memory corruption [CVE-2017-14548]
106789STDU Viewer Mobi File memory corruption [CVE-2017-14547]
106788STDU Viewer EPUB File memory corruption [CVE-2017-14546]
106787STDU Viewer EPUB File memory corruption [CVE-2017-14545]
106786STDU Viewer EPUB File memory corruption [CVE-2017-14544]
106785STDU Viewer EPUB File memory corruption [CVE-2017-14543]
106784STDU Viewer EPUB File memory corruption [CVE-2017-14542]
106783XnView Classic SVG File memory corruption [CVE-2017-14541]🔒
106782IrfanView SVG File memory corruption [CVE-2017-14540]🔒
106781IrfanView SVG File memory corruption [CVE-2017-14539]🔒
106780XnView Classic JB2 File memory corruption [CVE-2017-14538]🔒
106779Tor Log File rendservice.c rend_service_intro_established log file🔒🔒
106778Twitter Client Server Certificate Validator settings.json certificate validation
106777Apache HTTP Server Limit Directive ap_limit_section use after free🔒🔒🔒
106776IBM Security Identity Manager cross-site request forgery [CVE-2014-6106]
106775OpenWebif IpkgController access control
106774NexusPHP location.php cross site scripting
106773ImageMagick mat.c ReadMATImage memory corruption🔒
106772ImageMagick tiff.c TIFFIgnoreTags null pointer dereference🔒
106771ImageMagick sun.c ReadSUNImage resource management🔒🔒
106770Job Manager Plugin cross-site request forgery [CVE-2017-14530]
106769GNU binutils libbfd peXXigen.c bfd_getl16 memory corruption🔒
106768ImageMagick tiff.c TIFFSetProfiles use after free
106767Moodle Course Report information disclosure [CVE-2017-12157]🔒🔒
106766Moodle Contact Form cross site scripting [CVE-2017-12156]🔒🔒
106765Poppler PDF File scaleImageYuXd Floating Point input validation🔒🔒
106764Poppler Object.h streamGetChar memory corruption🔒🔒
106763Poppler PDF Document isImageInterpolationRequired input validation🔒🔒
106762Poppler PDF Document parseEntry null pointer dereference🔒🔒
106761Tenda W15E memory corruption [CVE-2017-14515]
106760Tenda W15E path traversal [CVE-2017-14514]
106759MetInfo physical.php path traversal
106758NexusPHP forummanage.php sql injection
106757SAP E-Recruiting Email Confirmation input validation [CVE-2017-14511]
106756SugarCRM cross site scripting [CVE-2017-14510]🔒🔒
106755SugarCRM Remote File Inclusion input validation [CVE-2017-14509]🔒🔒
106754SugarCRM Documents/Emails DetailView.php sql injection🔒🔒
106753ImageMagick drawing-wand.c DrawGetStrokeDashArray null pointer dereference🔒🔒
106752GraphicsMagick XV 332 pnm.c ReadPNMImage null pointer dereference🔒
106751libarchive LHA Archive archive_read_support_format_lha.c lha_read_data_none out-of-bounds read🔒
106750libarchive RAR Archive archive_read_support_format_rar.c out-of-bounds read🔒
106749libarchive archive_read_support_format_iso9660.c out-of-bounds read🔒
106748iBall Baton ADSL2+ Home Router info.cgi credentials management🔒
106747UStar WA3002G4 info.cgi credentials management
106746EMC Data Protection Advisor hard-coded credentials [CVE-2017-8013]🔒
106745newsbeuter pb_controller.cpp playback os command injection🔒🔒
106744Microsoft Edge Chakra Javascript Engine access control [CVE-2017-11767]
106743TerraMaster TOS GetTest.php command injection🔒
106742VMware vCenter Server Stored cross site scripting [CVE-2017-4926]🔒🔒
106741VMware ESXi/Workstation/Fusion RPC Request null pointer dereference🔒🔒
106740VMware ESXi/Workstation/Fusion SVGA Device out-of-bounds write🔒🔒
106739puppetlabs-apache 7pk security [CVE-2017-2299]
106738SilverStripe CMS SVG Document add cross site scripting
106737Linux Kernel af_packet.c tpacket_rcv memory corruption🔒🔒
106736Linux Kernel scsi_transport_iscsi.c iscsi_if_rx input validation🔒🔒
106735Gentoo sci-mathematics-gimps access control [CVE-2017-14484]🔒
106734Gentoo dev-python-flower flower.initd access control
106733Linux Kernel xfs_linux.h XFS_IS_REALTIME_INODE null pointer dereference🔒🔒
106732i-filter untrusted search path [CVE-2017-10860]
106731i-filter untrusted search path [CVE-2017-10859]
106730i-filter untrusted search path [CVE-2017-10858]
106729SEIL-X/SEIL-B1/SEIL-x86/SEIL-BPV input validation [CVE-2017-10856]
106728FENCE-Explorer untrusted search path [CVE-2017-10855]
106727Wi-Fi STATION L-02F Access Restriction access control [CVE-2017-10846]
106726Wi-Fi STATION L-02F access control [CVE-2017-10845]
106725CG-WLR300NM memory corruption [CVE-2017-10814]
106724CG-WLR300NM os command injection [CVE-2017-10813]
106723Ruby sprintf format string🔒🔒
106722Google Android IAudioPolicyService.cpp integer overflow
106721IBM Business Process Manager Access Restriction access control
106720Apache Wicket CryptoMapper cryptographic issues [CVE-2014-7808]🔒
106719Ansible Vault yaml Loader code injection [CVE-2017-2809]
106718IBM Jazz Reporting Service Lifecycle Query Engine information disclosure
106717GNU Emacs Email enriched.el command injection🔒🔒
106716Fastly CDN Module information disclosure [CVE-2017-13761]
106715QNAP QTS Media Library access control [CVE-2017-13067]🔒
106714Pagure improper authorization [CVE-2017-1002151]
106713python-fedora CSRF Protection redirect [CVE-2017-1002150]
106712Azure Kubernetes URI Persistent information disclosure
106711wordpress-gallery-transformation gallery.php sql injection
106710rk-responsive-contact-form rk_user_list.php sql injection
106709Event Expresso Free edit_event_category sql injection
106708plugin add-edit-delete-listing-for-member-module sql injection
106707Kind Editor File Upload upload_json.php access control
106706Easy Team Manager easy_team_manager_desc_edit.php sql injection
106705surveys Plugin questions.php sql injection
106704surveys Plugin individual_responses.php sql injection
106703surveys Plugin survey_form.php sql injection
106702eventr Plugin edit.php Blind sql injection
106701eventr Plugin edit.php Blind sql injection
106700gift-certificate-creator gc-list.php Stored cross site scripting
106699flickr-picture-backup Permission flickr-picture-download.php unrestricted upload
106698image-gallery-with-slideshow admin_setting.php Blind sql injection
106697image-gallery-with-slideshow admin_setting.php sql injection
106696image-gallery-with-slideshow admin_setting.php Blind sql injection
106695image-gallery-with-slideshow admin_setting.php input validation
106694image-gallery-with-slideshow images Stored cross site scripting
106693Membership Simplified Plugin updateDB.php delete_media sql injection
106692Membership Simplified Plugin Update updateDB.php delete Blind sql injection
106691membership-simplified-for-oap-members-only File Download download.php unrestricted upload
106690DTracker Plugin save_mail.php improper authorization
106689DTracker Plugin save_contact.php improper authorization
106688DTracker Plugin delete.php input validation
106687DTracker Plugin download.php input validation
106686wp2android-turn-wp-site-into-android-app Invedion CMS Unlicensed unrestricted upload
106685webapp-builder Invedion CMS Unlicensed unrestricted upload
106684mobile-app-builder-by-wappress Invedion CMS Unlicensed unrestricted upload
106683mobile-friendly-app-builder-by-easytouch images.php unrestricted upload
106682Google Android Bluetooth information disclosure [CVE-2017-0785]
106681Google Android Bluetooth information disclosure [CVE-2017-0783]
106680Google Android Bluetooth access control [CVE-2017-0782]
106679Google Android Bluetooth access control [CVE-2017-0781]
106678Red Hat Enterprise Linux nfnetlink_log Kernel race condition🔒
106677Googlemaps Plugin plugin_googlemap2_proxy.php XML xml injection🔒
106676GSTN Offline Utility Tool Permission winstart-server.vbs GSTN_offline_tool access control
106675tcpdump IPv6 Routing Header Parser print-rt6.c rt6_print memory corruption🔒🔒
106674tcpdump IKEv2 Parser print-isakmp.c memory corruption🔒🔒
106673tcpdump IKEv1 Parser print-isakmp.c ikev1_id_print memory corruption🔒🔒
106672tcpdump OLSR Parser print-olsr.c olsr_print memory corruption🔒🔒
106671tcpdump Cisco HDLC Parser print-chdlc.c chdlc_print memory corruption🔒🔒
106670tcpdump ISO IS-IS Parser print-isoclns.c isis_print_is_reach_subtlv memory corruption🔒🔒
106669tcpdump LLDP Parser print-lldp.c lldp_private_8023_print memory corruption🔒🔒
106668tcpdump BGP Parser print-bgp.c decode_rt_routing_info memory corruption🔒🔒
106667tcpdump CFM Parser print-cfm.c cfm_print memory corruption🔒🔒
106666tcpdump RSVP Parser print-rsvp.c rsvp_obj_print memory corruption🔒🔒
106665tcpdump RPKI-Router Parser print-rpki-rtr.c rpki_rtr_pdu_print memory corruption🔒🔒
106664tcpdump Rx Protocol Parser print-rx.c ubik_print memory corruption🔒🔒
106663tcpdump RSVP Parser print-rsvp.c rsvp_obj_print memory corruption🔒🔒
106662tcpdump ISO ES-IS Parser print-isoclns.c esis_print memory corruption🔒🔒
106661tcpdump BGP Parser print-bgp.c bgp_attr_print memory corruption🔒🔒
106660tcpdump VQP Parser print-vqp.c vqp_print memory corruption🔒🔒
106659tcpdump HNCP Parser print-hncp.c dhcpv4_print memory corruption🔒🔒
106658tcpdump BGP Parser print-bgp.c decode_multicast_vpn memory corruption🔒🔒
106657tcpdump HNCP Parser print-hncp.c dhcpv6_print memory corruption🔒🔒
106656tcpdump ICMPv6 Parser print-icmp6.c icmp6_nodeinfo_print memory corruption🔒🔒
106655tcpdump MPTCP Parser print-mptcp.c memory corruption🔒🔒
106654tcpdump ISAKMP Parser print-isakmp.c memory corruption🔒🔒
106653tcpdump PPP Parser print-ppp.c handle_mlppp memory corruption🔒🔒
106652tcpdump IP Parser print-ip.c ip_printts memory corruption🔒🔒
106651tcpdump OSPFv3 Parser print-ospf6.c ospf6_decode_v3 memory corruption🔒🔒
106650tcpdump ISO IS-IS Parser print-isoclns.c isis_print_id memory corruption🔒🔒
106649tcpdump PGM Parser print-pgm.c pgm_print memory corruption🔒🔒
106648tcpdump VTP Parser print-vtp.c vtp_print memory corruption🔒🔒
106647tcpdump RADIUS Parser print-radius.c print_attr_string memory corruption🔒🔒
106646tcpdump IPv6 Fragmentation Header Parser print-frag6.c frag6_print memory corruption🔒🔒
106645tcpdump PIM Parser print-pim.c memory corruption🔒🔒
106644tcpdump PPP Parser print-ppp.c print_ccp_config_options memory corruption🔒🔒
106643tcpdump BOOTP Parser print-bootp.c bootp_print memory corruption🔒🔒
106642tcpdump LLDP Parser print-lldp.c lldp_mgmt_addr_tlv_print memory corruption🔒🔒
106641tcpdump ISO IS-IS Parser print-isoclns.c memory corruption🔒🔒
106640tcpdump IPv6 Mobility Parser print-mobility.c mobility_opt_print memory corruption🔒🔒
106639tcpdump IPv6 Mobility Parser print-mobility.c mobility_opt_print memory corruption🔒🔒
106638tcpdump IPv6 Mobility Parser print-mobility.c mobility_opt_print memory corruption🔒🔒
106637tcpdump IP Parser print-ip.c ip_printroute memory corruption🔒🔒
106636tcpdump ICMPv6 Parser print-icmp6.c icmp6_print memory corruption🔒🔒
106635tcpdump VTP Parser print-vtp.c vtp_print memory corruption🔒🔒
106634tcpdump PGM Parser print-pgm.c pgm_print memory corruption🔒🔒
106633tcpdump PGM Parser print-pgm.c pgm_print memory corruption🔒🔒
106632tcpdump DHCPv6 Parser print-dhcp6.c dhcp6opt_print memory corruption🔒🔒
106631tcpdump ISO ES-IS Parser print-isoclns.c esis_print memory corruption🔒🔒
106630tcpdump EAP Parser print-eap.c eap_print memory corruption🔒🔒
106629tcpdump White Board Parser print-wb.c wb_prep memory corruption🔒🔒
106628tcpdump ARP Parser print-arp.c memory corruption🔒🔒
106627tcpdump ICMP Parser print-icmp.c icmp_print memory corruption🔒🔒
106626tcpdump Protocol Parser util-print.c bittok2str_internal memory corruption🔒🔒
106625tcpdump BEEP Parser print-beep.c l_strnstart memory corruption🔒🔒
106624tcpdump IPv6 Mobility Parser print-mobility.c mobility_print memory corruption🔒🔒
106623tcpdump IEEE 802.11 Parser print-802_11.c parse_elements memory corruption🔒🔒
106622tcpdump Apple PKTAP Parser print-pktap.c pktap_if_print memory corruption🔒🔒
106621tcpdump L2TP Parser print-l2tp.c memory corruption🔒🔒
106620tcpdump NFS Parser print-nfs.c xid_map_enter memory corruption🔒🔒
106619tcpdump Juniper Protocol Parser print-juniper.c juniper_parse_header memory corruption🔒🔒
106618tcpdump LMP Parser print-lmp.c lmp_print memory corruption🔒🔒
106617tcpdump AODV Parser print-aodv.c aodv_extension memory corruption🔒🔒
106616tcpdump NFS Parser print-nfs.c nfs_printfh memory corruption🔒🔒
106615tcpdump IEEE 802.15.4 Parser print-802_15_4.c ieee802_15_4_if_print memory corruption🔒🔒
106614tcpdump IS-IS Parser print-isoclns.c isis_print memory corruption🔒🔒
106613tcpdump IS-IS Parser print-isoclns.c isis_print_extd_ip_reach memory corruption🔒🔒
106612tcpdump LLDP Parser print-lldp.c lldp_private_8021_print resource management🔒🔒
106611tcpdump PIMv2 Parser print-pim.c pimv2_print memory corruption🔒🔒
106610tcpdump DNS Parser print-domain.c ns_print resource management🔒🔒
106609tcpdump BGP Parser print-bgp.c bgp_attr_print memory corruption🔒🔒
106608tcpdump Juniper Protocol Parser print-juniper.c memory corruption🔒🔒
106607tcpdump RIPng Parser print-ripng.c ripng_print memory corruption🔒🔒
106606tcpdump BGP Parser print-bgp.c bgp_attr_print memory corruption🔒🔒
106605tcpdump ISAKMP Parser print-isakmp.c resource management🔒🔒
106604tcpdump RESP Parser print-resp.c resp_get_length resource management🔒🔒
106603tcpdump Telnet Parser print-telnet.c telnet_parse memory corruption🔒🔒
106602tcpdump IEEE 802.11 Parser print-802_11.c parse_elements memory corruption🔒🔒
106601tcpdump IPv6 Routing Header Parser print-rt6.c rt6_print memory corruption🔒🔒
106600tcpdump IPv6 Parser print-ip6.c ip6_print memory corruption🔒🔒
106599tcpdump Zephyr Parser print-zephyr.c memory corruption🔒🔒
106598tcpdump EIGRP Parser print-eigrp.c eigrp_print memory corruption🔒🔒
106597tcpdump Protocol Parser util-print.c tok2strbuf memory corruption🔒🔒
106596tcpdump DECnet Parser print-decnet.c decnet_print memory corruption🔒🔒
106595tcpdump NFS Parser print-nfs.c interp_reply memory corruption🔒🔒
106594tcpdump ISO CLNS Parser print-isoclns.c isoclns_print memory corruption🔒🔒
106593tcpdump ISAKMP Parser print-isakmp.c isakmp_rfc3948_print memory corruption🔒🔒
106592tcpdump ICMP Parser print-icmp.c icmp_print memory corruption🔒🔒
106591tcpdump Protocol Parser addrtoname.c lookup_bytestring memory corruption🔒🔒
106590tcpdump SMB/CIFS Parser smbutil.c name_len memory corruption🔒🔒
106589Red Hat JBoss EAP JAX-RS Cache Poisoning data processing🔒
106588rhnsd PID File resource management [CVE-2017-7560]
106587Symantec Encryption Desktop resource management [CVE-2017-6330]🔒🔒
106586Apache Brooklyn REST Server cross site scripting [CVE-2017-3165]
106585LibOFX Parser memory corruption [CVE-2017-2816]🔒🔒
106584IBM API Connect Regular Expression input validation [CVE-2017-1556]
106583IBM Informix Dynamic Server access control [CVE-2017-1508]🔒
106582Xen Reboot memory corruption [CVE-2017-14431]🔒
106581D-Link DIR-850L LAN Traffic input validation [CVE-2017-14430]🔒
106580D-Link DIR-850L DHCP Client inet_ipv4.php command injection🔒
106579D-Link DIR-850L Permission hostapd access control🔒
106578D-Link DIR-850L Permission storage_account_root access control🔒
106577D-Link DIR-850L Permission shadow access control🔒
106576D-Link DIR-850L Permission hnapasswd access control🔒
106575D-Link DIR-850L Permission passwd access control🔒
106574D-Link DIR-850L bind.php CSRF 7pk security🔒
106573D-Link DIR-850L stunnel.key hard-coded credentials🔒
106572D-Link DIR-850L Telnet Service hard-coded credentials [CVE-2017-14421]🔒
106571D-Link DIR-850L X.509 Certificate Verification certificate validation🔒
106570D-Link DIR-850L mydlink Cloud Service HTTP certificate validation🔒
106569D-Link DIR-850L NAPI Extension Password credentials management🔒
106568D-Link DIR-850L mydlink Cloud Services register_send.php access control🔒🔒
106567D-Link DIR-850L wandetect.php cross site scripting🔒
106566D-Link DIR-850L sitesurvey.php cross site scripting🔒
106565D-Link DIR-850L shareport.php cross site scripting🔒
106564D-Link DIR-850L wpsacts.php cross site scripting🔒
106563eLux RP Classic Desktop Mode access control [CVE-2017-14124]
106562Apache Spark Launcher API deserialization [CVE-2017-12612]
106561Cisco Meeting Server TURN Server config [CVE-2017-12249]
106560MIT Kerberos 5 double free [CVE-2017-11462]🔒🔒
106559Apache Brooklyn SnakeYAML Java deserialization
106558Apache Brooklyn REST Server cross-site request forgery [CVE-2016-8737]
106557Entity Event Registration Module information disclosure [CVE-2015-7880]
106556Apache Traffic Server HTTP2 Remote Code Execution [CVE-2015-5206]🔒🔒
106555Apache Traffic Server HTTP2 Remote Code Execution [CVE-2015-5168]🔒🔒
106554Drupal redirect [CVE-2015-2750]🔒🔒
106553Drupal redirect [CVE-2015-2749]🔒🔒
106552Sophos SurfRight HitmanPro Driver Kernel Memory memory corruption
106551Sophos SurfRight HitmanPro Driver hitmanpro37.sys memory corruption
106550Sophos SurfRight HitmanPro Driver hitmanpro37.sys memory corruption
106549Razer Synapse rzpnk.sys memory corruption
106548Axesstel MU553S Stored cross site scripting [CVE-2017-13724]
106547Axesstel MU553S hard-coded credentials [CVE-2017-11351]
106546Axesstel MU553S ConfigSet cross-site request forgery
106545Microsoft .NET Framework input validation [CVE-2017-8759]🔒🔒🔒
106544Microsoft Exchange Server Outlook Web Access cross site scripting🔒🔒
106543Microsoft Edge memory corruption [CVE-2017-8757]🔒🔒
106542Microsoft Edge Scripting Engine memory corruption [CVE-2017-8756]🔒🔒
106541Microsoft Edge Scripting Engine ReparseAsmJsModule memory corruption🔒🔒
106540Microsoft Edge Content Security Policy 7pk security [CVE-2017-8754]🔒🔒
106539Microsoft Edge Scripting Engine memory corruption [CVE-2017-8753]🔒🔒
106538Microsoft Edge Scripting Engine memory corruption [CVE-2017-8752]🔒🔒
106537Microsoft Edge memory corruption [CVE-2017-8751]🔒🔒
106536Microsoft Internet Explorer/Edge memory corruption [CVE-2017-8750]🔒🔒
106535Microsoft Internet Explorer memory corruption [CVE-2017-8749]🔒🔒
106534Microsoft Internet Explorer Javascript Engine memory corruption🔒🔒
106533Microsoft Internet Explorer memory corruption [CVE-2017-8747]🔒🔒
106532Microsoft Windows Device Guard 7pk security [CVE-2017-8746]🔒🔒
106531Microsoft SharePoint Foundation cross site scripting [CVE-2017-8745]🔒🔒
106530Microsoft Excel memory corruption [CVE-2017-8744]🔒🔒
106529Microsoft PowerPoint memory corruption [CVE-2017-8743]🔒🔒
106528Microsoft PowerPoint memory corruption [CVE-2017-8742]🔒🔒
106527Microsoft Internet Explorer/Edge Javascript Engine memory corruption🔒🔒
106526Microsoft Edge Scripting Engine memory corruption [CVE-2017-8740]🔒🔒
106525Microsoft Edge Scripting Engine information disclosure [CVE-2017-8739]🔒🔒
106524Microsoft Edge Scripting Engine memory corruption [CVE-2017-8738]🔒🔒
106523Microsoft Windows PDF Library memory corruption [CVE-2017-8737]🔒🔒
106522Microsoft Internet Explorer Domain information disclosure [CVE-2017-8736]🔒🔒
106521Microsoft Edge access control [CVE-2017-8735]🔒🔒
106520Microsoft Edge GetAt memory corruption🔒🔒
106519Microsoft Internet Explorer access control [CVE-2017-8733]🔒🔒
106518Microsoft Edge memory corruption [CVE-2017-8731]🔒🔒
106517Microsoft Edge Scripting Engine memory corruption [CVE-2017-8729]🔒🔒
106516Microsoft Windows PDF Library memory corruption [CVE-2017-8728]🔒🔒
106515Microsoft Publisher memory corruption [CVE-2017-8725]🔒🔒
106514Microsoft Edge access control [CVE-2017-8724]🔒🔒
106513Microsoft Edge Content Security Policy 7pk security [CVE-2017-8723]🔒🔒
106512Microsoft Windows Graphics Win32k access control🔒🔒
106511Microsoft Windows Kernel information disclosure [CVE-2017-8719]🔒🔒
106510Microsoft Windows Control Flow Guard 7pk security [CVE-2017-8716]🔒🔒
106509Microsoft Windows Hyper-V input validation [CVE-2017-8714]🔒🔒
106508Microsoft Windows Hyper-V information disclosure [CVE-2017-8713]🔒🔒
106507Microsoft Windows Hyper-V information disclosure [CVE-2017-8712]🔒🔒
106506Microsoft Windows Hyper-V information disclosure [CVE-2017-8711]🔒🔒
106505Microsoft Windows MSC information disclosure [CVE-2017-8710]🔒🔒
106504Microsoft Windows Kernel information disclosure [CVE-2017-8709]🔒🔒
106503Microsoft Windows Kernel NtSetIoCompletion information disclosure🔒🔒
106502Microsoft Windows Hyper-V information disclosure [CVE-2017-8707]🔒🔒
106501Microsoft Windows Hyper-V information disclosure [CVE-2017-8706]🔒🔒
106500Microsoft Windows Hyper-V input validation [CVE-2017-8704]🔒🔒
106499Microsoft Windows Error Reporting access control [CVE-2017-8702]🔒🔒
106498Microsoft Windows Shell input validation [CVE-2017-8699]🔒🔒
106497Microsoft Windows Uniscribe memory corruption [CVE-2017-8696]🔒🔒
106496Microsoft Windows Uniscribe information disclosure [CVE-2017-8695]🔒🔒
106495Microsoft Windows Uniscribe memory corruption [CVE-2017-8692]🔒🔒
106494Microsoft Windows GDI+ information disclosure [CVE-2017-8688]🔒🔒
106493Microsoft Windows Kernel Win32k NtGdiDoBanding information disclosure🔒🔒
106492Microsoft Windows DHCP Service memory corruption [CVE-2017-8686]🔒🔒
106491Microsoft Windows GDI+ NtGdiEngCreatePalette information disclosure🔒🔒
106490Microsoft Windows GDI+ NtGdiGetFontResourceInfoInternalW information disclosure🔒🔒
106489Microsoft Windows Graphics Win32k fsc_CalcGrayRow information disclosure🔒🔒
106488Microsoft Windows Graphics Win32k bGeneratePath input validation🔒🔒
106487Microsoft Windows Kernel Win32k NtGdiGetPhysicalMonitorDescription information disclosure🔒🔒
106486Microsoft Windows Kernel Win32k NtGdiGetGlyphOutline information disclosure🔒🔒
106485Microsoft Windows Kernel information disclosure [CVE-2017-8679]🔒🔒
106484Microsoft Windows Kernel Win32k NtQueryCompositionSurfaceBinding information disclosure🔒🔒
106483Microsoft Windows GDI+ information disclosure [CVE-2017-8677]🔒🔒
106482Microsoft Windows GDI information disclosure [CVE-2017-8676]🔒🔒
106481Microsoft Windows Kernel-Mode Driver Win32k memory corruption🔒🔒
106480Microsoft Edge Javascript Engine access control [CVE-2017-8660]🔒🔒
106479Microsoft Edge Javascript Engine memory corruption [CVE-2017-8649]🔒🔒
106478Microsoft Edge information disclosure [CVE-2017-8648]🔒🔒
106477Microsoft Edge Clipboard information disclosure [CVE-2017-8643]🔒🔒
106476Microsoft Excel memory corruption [CVE-2017-8632]🔒🔒
106475Microsoft Excel memory corruption [CVE-2017-8631]🔒🔒
106474Microsoft Office memory corruption [CVE-2017-8630]🔒🔒
106473Microsoft SharePoint Server cross site scripting [CVE-2017-8629]🔒🔒
106472Microsoft Windows Bluetooth Driver Object BlueBorne access control🔒🔒
106471Microsoft Edge information disclosure [CVE-2017-8597]🔒🔒
106470Microsoft Excel memory corruption [CVE-2017-8567]🔒🔒
106469MP3Gain mpglibDBL interface.c copy_mp out-of-bounds write
106468MP3Gain mpglibDBL interface.c copy_mp out-of-bounds write
106467MP3Gain mpglibDBL layer3.c III_i_stereo out-of-bounds read
106466MP3Gain mpglibDBL layer3.c III_dequantize_sample out-of-bounds write
106465MP3Gain mpglibDBL layer3.c dct36 out-of-bounds read
106464MP3Gain gain_analysis.c filterYule out-of-bounds read
106463MP3Gain mpglibDBL interface.c sync_buffer null pointer dereference
106462EyesOfNetwork Web Interface index.php command injection🔒
106461EyesOfNetwork Web Interface select_tool.php information disclosure🔒
106460EyesOfNetwork Web Interface search.php sql injection🔒
106459EyesOfNetwork Web Interface add_modify_user.php sql injection🔒
106458EyesOfNetwork add_modify_user.php sql injection🔒
106457Microsoft Edge memory corruption [CVE-2017-11766]🔒🔒
106456Microsoft Edge Scripting Engine ParseCatch memory corruption🔒🔒
106455Microsoft Exchange Server information disclosure [CVE-2017-11761]🔒🔒
106454Microsoft Windows Windows NetBT Session Services race condition🔒🔒
106453Dive Assistant xml external entity reference [CVE-2017-8918]
106452EMC AppSync sql injection [CVE-2017-8015]
106451IBM DB2 improper authentication [CVE-2017-1520]🔒
106450ImageMagick cache.c GetVirtualPixels null pointer dereference🔒🔒
106449BlackCat CMS File Upload ajax_rename.php unrestricted upload
106448AnyDesk injection [CVE-2017-14397]
106447osTicket file.php sql injection🔒
106446LibRaw processCanonCameraInfo memory corruption🔒🔒
106445NexusPHP fun.php cross site scripting
106444tianchoy Blog File Upload upload.php unrestricted upload
106443tianchoy Blog view.php sql injection
106442Jungo WinDriver input validation [CVE-2017-14344]
106441ImageMagick XCF File xcf.c ReadXCFImage memory corruption🔒🔒
106440ImageMagick wpg.c ReadWPGImage resource consumption🔒🔒
106439ImageMagick wpg.c ReadWPGImage resource consumption🔒🔒
106438MISP X.509 Certificate Authentication improper authentication
106437Beijing Hanbang Hanbanggaoke PUT Request 1 Password input validation
106436GNU binutils readelf.c process_version_sections integer overflow🔒
106435ImageMagick mat.c ReadMATImage memory corruption🔒
106434ImageMagick cache.c PersistPixelCache resource management🔒
106433ImageMagick mpc.c ReadMPCImage memory corruption
106432Xen Grant Mapping access control [CVE-2017-14319]🔒🔒
106431Xen __gnttab_cache_flush null pointer dereference🔒🔒
106430Xen C Xenstore Daemon race condition [CVE-2017-14317]🔒🔒
106429Xen alloc_heap_pages out-of-bounds read🔒🔒
106428Apple iOS Bluetooth Stack BlueBorne memory corruption🔒
106427tcpreplay tcprewrite memory corruption [CVE-2017-14266]
106426IBM Maximo Asset Management command injection [CVE-2017-1352]
106425IBM QRadar information disclosure [CVE-2017-1162]
106424Linux Kernel Bluetooth Stack memory corruption [CVE-2017-1000251]🔒🔒
106423BlueZ SDP Server information disclosure [CVE-2017-1000250]🔒🔒
106422BulletProof Security Plugin Backup db-backup-security.php cross site scripting
106421Photocrati NextGEN Gallery nggallery-manage-gallery Page cross site scripting
106420Photocrati NextGEN Gallery File Upload post-new.php unrestricted upload🔒
106419Jenkins Session Cookie' 7pk security🔒
106418Jenkins Session Cookie' Flag 7pk security🔒
106417MantisBT Captcha install.php improper authentication🔒🔒
106416GraphicsMagick render.c DrawImage numeric error🔒
106415Shibboleth Plugin shibboleth.php add_query_arg cross site scripting🔒🔒
106414Mosquitto Access Control access control [CVE-2017-7650]🔒🔒
106413Kura Network Enabled Distribution improper authentication [CVE-2017-7649]
106412Nagios nagios access control🔒🔒
106411STDU Viewer JB2 File memory corruption [CVE-2017-14310]
106410STDU Viewer JB2 File memory corruption [CVE-2017-14309]
106409STDU Viewer JB2 File memory corruption [CVE-2017-14308]
106408STDU Viewer JB2 File memory corruption [CVE-2017-14307]
106407STDU Viewer JB2 File memory corruption [CVE-2017-14306]
106406STDU Viewer JP2 File memory corruption [CVE-2017-14305]
106405STDU Viewer JB2 File memory corruption [CVE-2017-14304]
106404STDU Viewer JB2 File memory corruption [CVE-2017-14303]
106403STDU Viewer JB2 File memory corruption [CVE-2017-14302]
106402STDU Viewer JB2 File memory corruption [CVE-2017-14301]
106401STDU Viewer JB2 File memory corruption [CVE-2017-14300]
106400STDU Viewer JB2 File memory corruption [CVE-2017-14299]
106399STDU Viewer JB2 File memory corruption [CVE-2017-14298]
106398STDU Viewer JB2 File memory corruption [CVE-2017-14297]
106397STDU Viewer JB2 File memory corruption [CVE-2017-14296]
106396STDU Viewer JB2 File memory corruption [CVE-2017-14295]
106395STDU Viewer JB2 File memory corruption [CVE-2017-14294]
106394STDU Viewer JB2 File memory corruption [CVE-2017-14293]
106393STDU Viewer JB2 File memory corruption [CVE-2017-14292]
106392STDU Viewer JB2 File memory corruption [CVE-2017-14291]
106391STDU Viewer JB2 File memory corruption [CVE-2017-14290]
106390STDU Viewer JB2 File memory corruption [CVE-2017-14289]
106389STDU Viewer JB2 File memory corruption [CVE-2017-14288]
106388STDU Viewer JB2 File memory corruption [CVE-2017-14287]
106387STDU Viewer JB2 File memory corruption [CVE-2017-14286]
106386XnView Classic JB2 File memory corruption [CVE-2017-14285]🔒
106385XnView Classic JB2 File memory corruption [CVE-2017-14284]🔒
106384XnView Classic JB2 File memory corruption [CVE-2017-14283]🔒
106383XnView Classic JB2 File memory corruption [CVE-2017-14282]🔒
106382XnView Classic JB2 File memory corruption [CVE-2017-14281]🔒
106381XnView Classic JB2 File memory corruption [CVE-2017-14280]🔒
106380XnView Classic JB2 File memory corruption [CVE-2017-14279]🔒
106379XnView Classic JB2 File memory corruption [CVE-2017-14278]🔒
106378XnView Classic JB2 File memory corruption [CVE-2017-14277]🔒
106377XnView Classic JB2 File memory corruption [CVE-2017-14276]🔒
106376XnView Classic JB2 File memory corruption [CVE-2017-14275]🔒
106375XnView Classic JB2 File memory corruption [CVE-2017-14274]🔒
106374XnView Classic JB2 File memory corruption [CVE-2017-14273]🔒
106373XnView Classic JB2 File memory corruption [CVE-2017-14272]🔒
106372XnView Classic JB2 File memory corruption [CVE-2017-14271]🔒
106371XnView Classic JB2 File memory corruption [CVE-2017-14270]🔒
106370Jungo WinDriver Kernel Driver memory corruption [CVE-2017-14153]
106369Jungo WinDriver Kernel Driver out-of-bounds write [CVE-2017-14075]
106368File file memory corruption🔒🔒
106367AlegroCart report_logs.php get_file code injection
106366AlegroCart model_admin_download.php orderUpdate sql injection
106365Ultimate Member Plugin users.php cross site scripting🔒
106364Role Scoper Plugin Edit Page admin.php cross site scripting🔒
106363Gwolle Guestbook Plugin ajaxresponse.php code injection🔒
106362Calls to Action Plugin edit.php cross site scripting🔒
106361SourceBans index.php cross site scripting
106360Stickynote Module cross site scripting [CVE-2015-7879]
106359Dashboard Module sql injection [CVE-2015-7877]
106358Ellucian Banner Student redirect [CVE-2015-5054]
106357Ellucian Banner Student Password Reset password recovery [CVE-2015-4689]
106356Ellucian Banner Student User information disclosure [CVE-2015-4688]
106355Ellucian Banner Student cross site scripting [CVE-2015-4687]
106354Blue Coat Malware Analysis Appliance/Malware Analyzer G2 Virtual Machine access control
106353Red Hat Satellite cross site scripting [CVE-2017-7538]🔒
106352EE 4GEE WiFi MBB JSONP Endpoint Password information disclosure
106351EE 4GEE WiFi MBB getSMSlist cross site scripting
106350EE 4GEE WiFi MBB AddNewProfile cross-site request forgery
106349LibRaw dcraw_common.cpp xtrans_interpolate memory corruption🔒🔒
106348Honeywell NVR RPC2 userManager.addUser access control
106347Samsung NVR main-cgi Password access control
106346Bento4 Ap4StszAtom.cpp AP4_StszAtom memory corruption
106345Bento4 SDK Ap4StssAtom.cpp AP4_StssAtom memory corruption
106344Bento4 SDK Ap4StscAtom.cpp AP4_StscAtom memory corruption
106343Bento4 SDK Ap4StscAtom.h memory corruption
106342Bento4 SDK Ap4AtomSampleTable.cpp GetSample memory corruption
106341EyesOfNetwork Web Interface Cookie side.php sql injection🔒
106340TYPO3 File Upload SystemEnvironmentBuilder.php unrestricted upload🔒
106339ImageMagick mpc.c GetPixelCacheTileSize divide by zero🔒🔒
106338ImageMagick resize.c SampleImage memory corruption🔒
106337EyesOfNetwork Web Interface header.php sql injection🔒
106336Dolibarr list.php sql injection🔒
106335Dolibarr edit.php cross site scripting🔒
106334Dolibarr document.php information disclosure🔒
106333Dolibarr company.php cross site scripting🔒
106332Dolibarr edit.php sql injection🔒
106331IBM DB2 access control [CVE-2017-1451]🔒
106330IBM DB2 access control [CVE-2017-1439]🔒🔒
106329IBM DB2 access control [CVE-2017-1438]🔒🔒
106328IBM DB2 access control [CVE-2017-1452]🔒🔒
106327IBM DB2 input validation [CVE-2017-1519]🔒🔒
106326IBM DB2 Upgrade Password information disclosure🔒🔒
106325GeniXCMS register.php input validation
106324Cyrus IMAP mboxlist.c mboxlist_do_find input validation🔒🔒
106323Jasper jpc_dec.c jpc_dec_tileinit resource consumption
106322Netwide Assembler preproc.c paste_tokens null pointer dereference🔒
106321MongoDB libbson bson-iter.c bson_utf8_validate memory corruption🔒🔒
106320libwpd WP42StylesListener.cpp WPXTableList memory corruption🔒🔒
106319FFmpeg pixdesc.c avcodec_string null pointer dereference🔒🔒
106318Google Chrome HTTPS 7pk security [CVE-2017-5120]🔒🔒
106317Google Chrome Blink Content Security Policy 7pk security🔒🔒
106316Google Chrome Skia memory corruption [CVE-2017-5119]🔒🔒
106315Google Chrome Skia information disclosure [CVE-2017-5117]🔒🔒
106314Google Chrome v8 type conversion [CVE-2017-5116]🔒🔒
106313Google Chrome v8 type conversion [CVE-2017-5115]🔒🔒
106312Google Chrome PDFium memory corruption [CVE-2017-5114]🔒🔒
106311Google Chrome Skia memory corruption [CVE-2017-5113]🔒🔒
106310Google Chrome WebGL memory corruption [CVE-2017-5112]🔒🔒
106309Google Chrome PDFium use after free [CVE-2017-5111]🔒🔒
106308Diving Log XML File dive.xml xml external entity reference
106307Single Sign-On Single Sign-On service UI cross site scripting
106306Single Sign-On XML Data xml external entity reference [CVE-2017-8040]
106305AzeoTech DAQFactory uncontrolled search path [CVE-2017-5147]
106304Easy Backup information disclosure
106303ImageMagick pcx.c WritePCXImage memory corruption🔒🔒
106302FFmpeg asfdec_f.c asf_build_simple_index resource management🔒🔒
106301FFmpeg mov.c read_tfra resource management🔒🔒
106300QEMU multiboot.c load_multiboot out-of-bounds write🔒🔒
106299OPW Fuel Management Systems SiteSentinel Integra 100 missing authentication
106298OPW Fuel Management Systems SiteSentinel Integra 100 sql injection
106297AzeoTech DAQFactory Permission File permission
106296Linux Kernel platform.c driver_override race condition🔒🔒
106295Synology Photo Station file_upload.php server-side request forgery🔒
106294Wolf CMS create-directory-popup cross site scripting
106293Synology Photo Station synphotoio path traversal [CVE-2017-11162]🔒
106292Synology Photo Station label.php sql injection🔒
106291Google Android MediaTek mmc Driver access control [CVE-2017-0804]
106290Google Android MediaTek Accessory Detector Driver access control
106289Google Android MediaTek Kernel access control [CVE-2017-0802]
106288Google Android MediaTek libmtkomxvdec access control [CVE-2017-0801]
106287Google MediaTek MediaTek teei access control [CVE-2017-0800]
106286Google Android MediaTek lastbus access control [CVE-2017-0799]
106285Google Android MediaTek Kernel access control [CVE-2017-0798]
106284Google Android MediaTek Accessory Detector Driver access control
106283Google Android MediaTek auxadc Driver access control [CVE-2017-0796]
106282Google Android MediaTek Accessory Detector Driver access control
106281Google Android Kernel SCSI Driver access control [CVE-2017-0794]🔒
106280Google Android Memory Subsystem information disclosure [CVE-2017-0793]
106279Google Android Broadcom Wi-Fi Driver information disclosure [CVE-2017-0792]
106278Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0791]
106277Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0790]
106276Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0789]
106275Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0788]
106274Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0787]
106273Google Android Broadcom Wi-Fi Driver access control [CVE-2017-0786]
106272Google Android NFC access control [CVE-2017-0784]
106271Google Android Android Runtime access control [CVE-2017-0780]
106270Google Android audioflinger information disclosure [CVE-2017-0779]
106269Google Android Media Framework access control [CVE-2017-0778]
106268Google Android Media Framework information disclosure [CVE-2017-0777]
106267Google Android Media Framework information disclosure [CVE-2017-0776]
106266Google Android libstagefright access control [CVE-2017-0775]
106265Google Android libstagefright access control [CVE-2017-0774]
106264Google Android libhevc access control [CVE-2017-0773]
106263Google Android libavc access control [CVE-2017-0772]
106262Google Android libskia access control [CVE-2017-0771]
106261Google Android libmediaplayerservice access control [CVE-2017-0770]
106260Google Android libstagefright access control [CVE-2017-0769]
106259Google Android libeffects access control [CVE-2017-0768]
106258Google Android libeffects access control [CVE-2017-0767]
106257Google Android libjhead access control [CVE-2017-0766]
106256Google Android libstagefright access control [CVE-2017-0765]
106255Google Android libvorbis access control [CVE-2017-0764]
106254Google Android libhevc access control [CVE-2017-0763]
106253Google Android libhevc access control [CVE-2017-0762]
106252Google Android libavc access control [CVE-2017-0761]
106251Google Android libstagefright access control [CVE-2017-0760]
106250Google Android libstagefright access control [CVE-2017-0759]
106249Google Android libhevc access control [CVE-2017-0758]
106248Google Android libavc access control [CVE-2017-0757]
106247Google Android libstagefright access control [CVE-2017-0756]
106246Google Android libminikin access control [CVE-2017-0755]
106245Google Android libgdx access control [CVE-2017-0753]
106244Google Android windowmanager access control [CVE-2017-0752]
106243Directory Administrator Script hosts input validation🔒
106242YaST2 Network Configuration information disclosure [CVE-2011-3177]
106241Cisco IOS XE USB Modem os command injection [CVE-2017-6796]
106240Cisco IOS XE USB Modem File input validation
106239Cisco Meeting Server CLI command injection [CVE-2017-6794]
106238Cisco Prime Collaboration Provisioning Tool Inventory Management information disclosure
106237Cisco Prime Collaboration Provisioning Tool Batch Provisioning File input validation
106236Cisco Unified Communications Manager Trust Verification Service data processing
106235Cisco Unified Intelligence Center Web Interface DOM-Based cross site scripting
106234Cisco Connected Grid Network Management System TCP Throttling resource management
106233Yes Set-top Box HTTP Remote Procedure Call resource management
106232Cisco IOS/IOS XE UDP resource management [CVE-2017-6627]
106231IBM Content Navigator / CMIS Web UI cross site scripting [CVE-2017-1502]
106230Intelbras Wireless N 150Mbps Router popupSiteSurveyRpm.htm Persistent cross site scripting
106229dayrui FineCMS Form.php call_msg cross site scripting
106228dayrui FineCMS Login.php out cross site scripting
106227dayrui FineCMS api.php oauth cross site scripting
106226FineCMS api.php checktitle cross site scripting
106225mp4tools aacplusenc bitbuffer.c DeleteBitBuffer null pointer dereference🔒
106224Cisco Emergency Responder SQL Database Interface sql injection
106223Cisco Prime LAN Management Solution Web session fixiation [CVE-2017-12225]🔒
106222Cisco Meeting Server information disclosure [CVE-2017-12224]
106221Cisco IR800 ROM Monitor input validation [CVE-2017-12223]
106220Cisco FirePOWER Management Center cross site scripting [CVE-2017-12221]🔒
106219Cisco FirePOWER Management Center Web-based Management Interface Reflected cross site scripting🔒
106218Cisco Email Security Appliance Advanced Malware Protection input validation🔒
106217Cisco ASR 5000 GPRS input validation [CVE-2017-12217]
106216Cisco SocialMiner Web UI xml external entity reference [CVE-2017-12216]
106215Cisco IOS XE Dynamic Access Control List improper authentication
106214Cisco Unity Connection Web Framework Reflected cross site scripting🔒
106213Cisco IOS/IOS XE IPv6 SNMP resource management [CVE-2017-12211]
106212IBM Emptoris Supplier Lifecycle Management Web UI cross site scripting
106211Centreon cross site scripting [CVE-2015-7672]🔒
106210anchor-cms cross site scripting [CVE-2015-5060]
106209Sefrengo sql injection [CVE-2015-5052]
106208concrete5 sql injection [CVE-2015-4724]🔒
106207concrete5 cross site scripting [CVE-2015-4721]🔒
106206Google Analyticato Plugin options-general.php cross-site request forgery🔒
106205Huawei E5756S access control [CVE-2015-4629]
106204Pragyan CMS sql injection [CVE-2015-4627]
106203Spina application_controller.rb cross-site request forgery
106202Etherpad Frontend Tests tests.js path traversal
106201strongSwan Daemon data processing [CVE-2015-3991]🔒🔒
106200Tune Library plugin sql injection [CVE-2015-3314]
106199Community Events Plugin sql injection [CVE-2015-3313]🔒
106198OSSEC seechanges.c access control🔒
106197Askbot cross site scripting [CVE-2015-3169]
106196IBM EN6131/IB6131 cross-site request forgery [CVE-2014-9565]
106195Googlemaps Plugin plugin_googlemap2_proxy.php resource consumption🔒
106194WatuPRO Plugin admin-ajax.php sql injection
106193ocaml Compiler access control [CVE-2017-9779]
106192libgd2 gdImagePngPtr double free🔒🔒
106191ImageMagick xbm.c ReadXBMImage resource management🔒🔒
106190ImageMagick psd.c ReadPSDLayersInternal resource management🔒🔒
106189ImageMagick txt.c ReadTXTImage integer overflow🔒🔒
106188ImageMagick ps.c ReadPSImage resource management🔒🔒
106187FFmpeg nsvdec.c nsv_parse_NSVf_header resource management🔒🔒
106186FFmpeg mxfdec.c mxf_read_index_entry_array resource management🔒🔒
106185FFmpeg mxfdec.c mxf_read_primer_pack input validation🔒🔒
106184FiberHome AN1020-25 Default Configuration restoreinfo.cgi Restore 7pk security
106183Lexmark Scan To Network Network Configuration snfDestServlet credentials management🔒
106182Wibu-Systems CodeMeter Advanced Settings ChangeConfiguration.html cross site scripting
106181T&W WIFI Repeater BE126 webupg command injection
106180MP3Gain layer3.c memory corruption
106179MP3Gain apetag.c memory corruption
106178NexusPHP confirm_resend.php cross site scripting
106177NexusPHP mybonus.php cross-site request forgery
106176GNU C Library DNS Stub Resolver data processing [CVE-2017-12133]🔒🔒
106175Mongoose Web Server _mg_admin cross-site request forgery
106174D-Link DIR-600L session fixiation [CVE-2016-10405]
106173Cloud Foundry/Elastic Runtime Identity Zone access control [CVE-2016-0732]
106172Soreco Xpert.Line Windows API Call improper authentication [CVE-2015-3442]
106171Apache Directory LDAP API information disclosure [CVE-2015-3250]
106170Kamailio kamcmd kamailio_ctl access control
106169IBM WebSphere Portal cross site scripting [CVE-2017-1189]🔒
106168Django CMS Technical 500 Template cross site scripting [CVE-2017-12794]🔒🔒
106167Apache Struts REST Plugin deserialization [CVE-2017-9805]🔒🔒🔒
106166Apache Struts REST Plugin input validation [CVE-2017-9793]🔒🔒
106165Apache Struts URLValidator resource management [CVE-2017-9804]🔒🔒
106164libarchive archive_read_support_format_xar.c atol8 memory corruption🔒🔒
106163GraphicsMagick sun.c MagickMalloc memory corruption🔒
106162OpenJPEG Incomplete Fix j2k.c opj_j2k_write_sot out-of-bounds write🔒
106161Bento4 mp4dump MP4 File Ap4AvccAtom.cpp InspectFields null pointer dereference
106160Bento4 mp4encrypt MP4 File Ap4Processor.cpp Process null pointer dereference
106159Bento4 mp42ts MP4 File Ap4AtomSampleTable.cpp GetSample null pointer dereference
106158LightDM XDMCP Server array index [CVE-2015-8316]🔒
106157ldapauth-fork LDAP ldap injection [CVE-2015-7294]
106156Tinfoil Devise-two-factor OTP 7pk security [CVE-2015-7225]
106155simple-php-captcha information disclosure [CVE-2015-6250]
106154Froxlor Default Configuration sql-error.log Password information disclosure🔒🔒
106153SalesAgility SuiteCRM Incomplete Fix race condition [CVE-2015-5948]
106152SalesAgility SuiteCRM race condition [CVE-2015-5947]
106151devscripts Filename link following [CVE-2015-5705]🔒🔒
106150Audit Filename auparse.c input validation🔒🔒
106149TelescopeJS Websocket Message Password information disclosure
106148libaxl memory corruption [CVE-2015-3450]
106147Beaker Admin Pages powertypes access control
106146Beaker Edit Comment cross site scripting
106145Beaker Search Bar cross site scripting
106144Beaker xml external entity reference
106143Honda Moto LINC SSL Certificate Validator certificate validation
106142svn-workbench xeyes $(xeyes) input validation
106141ConnMan Project Connection Manager Daemon DNS Packet memory corruption🔒
106140Intel Active Management Technology access control [CVE-2017-5698]🔒
106139gdk-pixbuf tiff_image_parse integer overflow🔒🔒
106138gdk-pixbuf gdk_pixbuf__jpeg_image_load_increment memory corruption🔒🔒
106137Lexmark Control Filters memory corruption [CVE-2017-2822]
106136Lexmark Perspective Document Filter PDF Parser use after free
106135Ledger-CLI Account Parser use after free [CVE-2017-2808]🔒
106134Ledger-CLI Parser memory corruption [CVE-2017-2807]🔒
106133RSRC LabVIEW out-of-bounds write [CVE-2017-2779]
106132IBM QRadar Network Security cryptographic issues [CVE-2017-1491]
106131IBM QRadar Network Security xml external entity reference [CVE-2017-1458]
106130IBM QRadar Network Security Web UI cross site scripting [CVE-2017-1457]
106129OpenLDAP slapd Kill access control
106128Scrapy resource consumption
106127Linux Kernel atyfb_base.c atyfb_ioctl Kernel Memory information disclosure🔒🔒
106126OpenJPEG j2k.c opj_j2k_set_cinema_parameters out-of-bounds write🔒🔒
106125OpenJPEG tcd.c opj_tcd_code_block_enc_allocate_data memory corruption🔒🔒
106124GoAhead http.c websDecodeUrl null pointer dereference
106123HelpDEZk Attachment code injection [CVE-2017-14146]
106122HelpDEZk loginController.php selectWarning sql injection
106121Linux Kernel migrate.c move_pages information disclosure🔒🔒
106120GNOME gedit libgedit.a resource management
106119IBM Notes Dialog Box access control [CVE-2017-1130]
106118IBM Notes Link access control [CVE-2017-1129]
106117IBM Emptoris Strategic Supply Management cross-site request forgery
106116GNOME Evince Comic Book Backend comics-document.c command injection🔒🔒
106115Apache Hadoop YARN NodeManager Password information disclosure🔒
106114Palo Alto PAN-OS xml external entity reference [CVE-2017-9458]🔒
106113Palo Alto PAN-OS GlobalProtect Interface cross site scripting🔒
106112ImageMagick msl.c WriteMSLImage memory corruption🔒
106111ImageMagick webp.c ReadWEBPImage memory corruption🔒🔒
106110ImageMagick Header webp.c ReadWEBPImage memory corruption🔒
106109OpenCV Incomplete Fix utils.cpp imread out-of-bounds write🔒🔒
106108opendreambox Webadmin Plugin os command injection
106107Jasper jas_image.c jas_image_ishomosamp out-of-bounds read🔒
106106GNU binutils libbfd elf-attrs.c bfd_elf_parse_attributes memory corruption🔒
106105GNU binutils libbfd dwarf2.c read_section memory corruption🔒
106104GNU binutils libbfd dwarf2.c decode_line_info memory corruption🔒
106103Technicolor TD5336 Web Interface mnt_ping.cgi os command injection
106102Participants Database Plugin cross site scripting [CVE-2017-14126]
106101Zoho ManageEngine Firewall Analyzer Group Chat shell.jsp unrestricted upload
106100unrar-free unrarlib.c stricomp memory corruption
106099unrar-free unrarlib.c DecodeNumber null pointer dereference
106098unrar-free RAR2 Archive path traversal [CVE-2017-14120]🔒🔒
106097EyesOfNetwork Web Interface snmpwalk.php command injection🔒
106096EyesOfNetwork Web Interface interface.php command injection🔒
106095AT&T U-verse IP Passthrough Mode improper authentication [CVE-2017-14117]🔒
106094AT&T U-verse IP Passthrough Mode hard-coded credentials [CVE-2017-14116]🔒
106093AT&T U-verse IP Passthrough Mode access control [CVE-2017-14115]🔒
106092AT&T U-verse IP Passthrough Mode sbdc.ha information disclosure🔒
106091RTPproxy NAT information disclosure [CVE-2017-14114]
106090Digium Asterisk command injection [CVE-2017-14100]🔒🔒
106089Digium Asterisk res_rtp_asterisk.c information disclosure🔒🔒
106088Digium Asterisk PJSIP Channel Driver input validation [CVE-2017-14098]🔒🔒
106087Red Hat Certificate Server input validation [CVE-2017-7509]
106086Intel McAfee LiveSafe HTTP Backend access control [CVE-2017-3898]🔒🔒
106085Intel McAfee Live Safe/McAfee Security Scan Plus HTTP Backend code injection🔒
106084libzip zip_open.c zip_read_eocd64 memory corruption🔒🔒
106083Linux Kernel tcp.c __tcp_disconnect divide by zero🔒🔒
106082HiveManager Classic Backup Archive maps input validation
106081GraphicsMagick Incomplete Fix png.c ReadOneJNGImage use after free🔒
106080NetApp OnCommand Unified Manager for Clustered Data ONTAP Cookie Flag information disclosure
106079QEMU socket.c ifq_so use after free🔒🔒
106078Symantec ProxyClient access control [CVE-2017-13674]
106077QEMU VGA Display Emulator out-of-bounds read [CVE-2017-13672]🔒🔒
106076InfoCard Module XML Message input validation [CVE-2017-12874]🔒🔒
106075SimpleSAMLphp IdP access control [CVE-2017-12873]🔒🔒
106074SimpleSAMLphp authcrypt Module SimpleSAML_Session information disclosure🔒
106073SimpleSAMLphp Crypto.php aesEncrypt inadequate encryption
106072Service Provider Session Identifier Crypto aesDecrypt information disclosure
106071SimpleSAMLphp Multiauth Module authsources.php input validation🔒🔒
106070SimpleSAMLphp Crypto.php secureCompare session fixiation🔒
106069ImageMagick BMP File bmp.c ReadBMPImage resource management🔒🔒
106068ImageMagick viff File viff.c ReadVIFFImage resource management🔒🔒
106067ImageMagick xcf.c ReadOneLayer resource management🔒🔒
106066NetApp Clustered Data ONTAP SVM access control [CVE-2017-12423]🔒
106065NetApp Clustered Data ONTAP access control [CVE-2017-12421]🔒
106064ContentsBridge Utility Installer untrusted search path [CVE-2017-10851]
106063ART EX Driver for ApeosPort-VI/DocuCentre-VI untrusted search path
106062DocuWorks Self-extracting Document untrusted search path [CVE-2017-10849]🔒
106061DocuWorks/DocuWorks Viewer Light Installer untrusted search path🔒
106060Enkaku Remote Support Tool untrusted search path [CVE-2017-10829]
106059NetApp Data Ontap format string [CVE-2016-1895]🔒
106058NetApp Data Ontap 7-Mode improper authentication [CVE-2015-7746]
106057MIMEDefang PID File Kill access control🔒🔒
106055Icewarp Webmail cross site scripting [CVE-2017-7855]🔒
106054NexusPHP linksmanage.php sql injection
106053NexusPHP ipsearch.php cross site scripting
106052NexusPHP nowarn.php sql injection
106051RubyGems GEM Install DNS access control🔒🔒
106050RubyGems Specification Name Validator File input validation🔒🔒
106049RubyGems Query Command input validation [CVE-2017-0900]🔒🔒
106048RubyGems gem code injection [CVE-2017-0899]🔒🔒
106047ALC Liebert SiteScan Web Version/WebCTRL/Carrier i-Vu XML Parser xml external entity reference
106046Kohana Security.php cross site scripting🔒🔒
106045OpenCart amazon.php updateAmazonOrderTracking sql injection
106044phpThumb phpThumb.demo.showpic.php cross site scripting
106043ATutor popuphelp.php cross site scripting
106042pngcrush sPLT Chunk Structure png.c double free🔒🔒
106041phpFileManager URL os command injection [CVE-2015-5958]
106040Designate RecordSets resource consumption [CVE-2015-5695]
106039Soplanning Install code injection [CVE-2014-8677]🔒
106038Soplanning file_get_contents path traversal🔒
106037Soplanning ICAL Link Brute Force information disclosure🔒
106036IBM Emptoris Sourcing redirect [CVE-2017-1450]
106035IBM Emptoris Sourcing redirect [CVE-2017-1449]
106034IBM Emptoris Sourcing Web UI cross site scripting [CVE-2017-1447]
106033IBM Emptoris Sourcing Web UI cross site scripting [CVE-2017-1444]
106032Ruby generator.c Memory memory corruption🔒🔒
106031Async Http Client input validation [CVE-2017-14063]
106030Libidn2 puny_decode.c decode_digit integer overflow🔒🔒
106029Libidn2 bidi.c _isBidi integer overflow🔒🔒
106028ImageMagick cut.c QueueAuthenticPixelCacheNexus null pointer dereference🔒🔒
106027FFmpeg cine_read_header resource management🔒🔒
106026FFmpeg hls.c read_data resource management🔒🔒
106025FFmpeg asf_read_marker resource management🔒🔒
106024FFmpeg rl2.c rl2_read_header resource management🔒🔒
106023FFmpeg mvdec.c mv_read_header resource management🔒🔒
106022FFmpeg rmdec.c ivr_read_header resource management🔒🔒
106021Linux Kernel qla_attr.c qla2x00_sysfs_write_optrom_ctl integer overflow🔒🔒
106020BlackCat CMS install.php unrestricted upload
106019BlackCat CMS ajax_save_settings.php cross site scripting
106018BlackCat CMS Backend info.php cross-site request forgery
106017VX Search Enterprise GET Request memory corruption [CVE-2017-13708]
106016BlackCat CMS Media Upload ajax_upload.php access control
106015Synology Cloud Station Drive shfolder.dll untrusted search path
106014Cloud Foundry Gorouter cross site scripting [CVE-2016-0713]
106013Siemens 7KM PAC Switched Ethernet PROFINET Expansion Module PROFINET DCP Packet input validation
106012Apache Solr Replication path traversal [CVE-2017-3163]🔒🔒
106011IBM Emptoris Spend Analysis Web UI cross site scripting [CVE-2017-1446]
106010IBM Emptoris Spend Analysis Web UI cross site scripting [CVE-2017-1445]
106009IBM Emptoris Services Procurement Web UI cross site scripting
106008IBM Emptoris Services Procurement cross-site request forgery
106007IBM Emptoris Services Procurement Stored access control [CVE-2017-1441]
106006IBM Emptoris Services Procurement access control [CVE-2017-1440]
106005GraphicsMagick pnm.c MagickRealloc memory corruption🔒🔒
106004OpenJPEG convert.c pgxtoimage out-of-bounds write🔒🔒
106003OpenJPEG convert.c tgatoimage out-of-bounds write🔒🔒
106002OpenJPEG t2.c opj_t2_encode_packet out-of-bounds write🔒🔒
106001CrushFTP redirect [CVE-2017-14038]
106000CrushFTP HTTP Header crlf injection [CVE-2017-14037]
105999CrushFTP cross site scripting [CVE-2017-14036]
105998CrushFTP Serialized deserialization [CVE-2017-14035]
105997ARM mbed TLS X.509 Certificate improper authentication [CVE-2017-14032]🔒🔒
105996EyesOfNetwork Web Interface download.php path traversal🔒
105995Siemens LOGO! access control [CVE-2017-12735]
105994Siemens LOGO! Integrated Web Server information disclosure [CVE-2017-12734]
105993Advantech WebAccess uncontrolled search path [CVE-2017-12717]
105992Advantech WebAccess File ACL access control [CVE-2017-12713]
105991Advantech WebAccess access control [CVE-2017-12711]
105990Advantech WebAccess sql injection [CVE-2017-12710]
105989Advantech WebAccess memory corruption [CVE-2017-12708]
105988Advantech WebAccess memory corruption [CVE-2017-12706]
105987Advantech WebAccess memory corruption [CVE-2017-12704]
105986Advantech WebAccess format string [CVE-2017-12702]
105985Advantech WebAccess improper authentication [CVE-2017-12698]
105984Siemens SIMATIC Wincc Runtime Foundation tcp xml external entity reference
105983Directory Cloud Station Trojan Horse shfolder.dll untrusted search path
105982Javascript Default Configuration cross site scripting [CVE-2016-6800]
105981Apache Hadoop HDFS information disclosure [CVE-2016-5001]🔒
105980Apache Engine Reflected input validation
105979Fiyo CMS sys_config.php cross site scripting
105978GraphicsMagick xbm.c ReadXBMImage resource management🔒🔒
105977GraphicsMagick xbm.c ReadXBMImage resource management🔒🔒
105976GraphicsMagick jnx.c ReadJNXImage resource management🔒
105975Hikvision iVMS-4200 Password Recovery information disclosure
105974ImageMagick JPEG File thumbnail.c WriteTHUMBNAILImage memory corruption🔒🔒
105973ImageMagick identify.c IdentifyImage null pointer dereference🔒🔒
105972Wireshark SDP Dissector packet-msdp.c resource management🔒🔒
105971Wireshark Profinet I/O Dissector packet-dcerpc-pn-io.c out-of-bounds write🔒🔒
105970Wireshark IrCOMM Dissector packet-ircomm.c memory corruption🔒🔒
105969Wireshark Modbus Dissector packet-mbtcp.c null pointer dereference🔒🔒
105968ONOS resource management [CVE-2017-13763]
105967ONOS cross site scripting [CVE-2017-13762]
105966OpenJPEG BMP File convertbmp.c bmp24toimage integer overflow🔒
105965OpenJPEG J2K File pi.c divide by zero🔒
105964OpenJPEG convert.c sycc422_to_rgb null pointer dereference🔒
105963OpenJPEG mqc.c opj_mqc_byteout memory corruption🔒🔒
105962Apache Atlas Frame cross site scripting [CVE-2017-3155]🔒
105961Apache Atlas Stack Trace information disclosure [CVE-2017-3154]🔒
105960Apache Atlas Search Reflected cross site scripting🔒
105959Apache Atlas edit Tag DOM cross site scripting🔒
105958Apache Atlas edit Tag Stored cross site scripting🔒
105957Apache Atlas Cookie cross site scripting [CVE-2017-3150]🔒
105956IBM Cognos Analytics Web UI cross site scripting [CVE-2017-1535]
105955IBM Cognos Analytics Web UI cross site scripting [CVE-2017-1485]
105954IBM Cognos Analytics input validation [CVE-2017-1428]
105953IBM Cognos Analytics Web UI cross site scripting [CVE-2017-1427]
105952The Sleuth Kit exfat Image img_io.c tsk_img_read Hang memory corruption
105951ImageMagick draw.c TracePoint memory corruption🔒🔒
105950GNU binutils libbfd elf32-i386.c memory corruption🔒
105949The Sleuth Kit dos.c dos_load_ext_table memory corruption
105948The Sleuth Kit iso9660 Image iso9660_dent.c iso9660_proc_dir memory corruption🔒
105947Jasper jpc_t1cod.c JPC_NOMINALGAIN input validation
105946Jasper jpc_dec.c jpc_dequantize input validation
105945Jasper jpc_dec.c calcstepsizes input validation
105944Jasper jpc_dec.c jpc_dec_process_siz input validation
105943Jasper jpc_t2cod.c jpc_pi_nextrpcl input validation
105942Jasper jas_string.c jas_strdup input validation🔒
105941Jasper jpc_math.c jpc_floorlog2 input validation
105940Jasper jpc_dec.c:1297 jpc_dec_process_siz input validation
105939Jasper jpc_dec.c jpc_dec_process_sot input validation
105938Liblouis compileTranslationTable.c _lou_getALine Address out-of-bounds read🔒🔒
105936Liblouis compileTranslationTable.c includeFile memory corruption🔒🔒
105935Liblouis compileTranslationTable.c compileBrailleIndicator use after free🔒🔒
105934Liblouis compileTranslationTable.c parseChars memory corruption🔒🔒
105933Liblouis compileTranslationTable.c resolveSubtable memory corruption🔒🔒
105932Liblouis compileTranslationTable.c _lou_getALine out-of-bounds read🔒🔒
105931GraphicsMagick memory.c MagickFree use after free🔒🔒
105930GraphicsMagick command.c GMCommand memory corruption
105929LibRaw dcraw_common.cpp kodak_radc_load_raw input validation🔒🔒
105928ncurses strings.c _nc_safe_strcat memory corruption🔒
105927ncurses dump_entry.c fmt_entry memory corruption🔒
105926ncurses dump_entry.c dump_uses memory corruption🔒
105925ncurses parse_entry.c postprocess_termcap memory corruption🔒
105924ncurses tic.c nc_read_entry_source memory corruption🔒
105923ncurses alloc_entry.c nc_save_str memory corruption🔒
105922ncurses libtic comp_scan.c next_char memory corruption🔒
105921LibTIFF tif_dirwrite.c TIFFWriteDirectoryTagSubifd input validation🔒🔒
105920LibTIFF tif_dirwrite.c TIFFWriteDirectorySec input validation🔒🔒
105919SQLite dump_callback input validation🔒
105918QEMU VGA Display Update cpu_physical_memory_snapshot_get_dirty input validation🔒🔒
105917ImageMagick WritePixelCachePixels resource management🔒🔒
105916SimpleSAMLphp SimpleSAML_Auth_TimeLimitedToken access control🔒🔒
105915ConnMan dnsproxy.c memory corruption🔒🔒
105914C.P.Sub index.php cross site scripting
105913mpg123 ID3 Parser INT123_parse_new_id3 integer overflow🔒🔒
105912Question2Answer qa-install.php User input validation
105911NoMachine access control [CVE-2017-12763]
105910NetApp StorageGRID Webscale access control [CVE-2017-12422]
105909IBM Curam Social Program Management redirect [CVE-2017-1195]
105908Pulse Connect Secure/Pulse Policy Secure diag.cgi cross-site request forgery🔒🔒
105907BitDefender Total Security access control [CVE-2017-10950]🔒
105906Libgcrypt Curve25519 ecc.c information disclosure🔒🔒
105905Apache Atlas js access control🔒
105904IBM Sametime WebPlayer injection [CVE-2016-2980]
105903IBM Sametime Meeting Server Web UI cross site scripting [CVE-2016-2979]
105902IBM Sametime Browser Cache information disclosure [CVE-2016-2978]
105901IBM Sametime Meeting Server input validation [CVE-2016-2977]
105900IBM Sametime Meeting Server Meeting Report History information disclosure
105899IBM Sametime Web UI cross site scripting [CVE-2016-2975]
105898IBM Sametime Connect Sametime Rich Client Uninstall information disclosure
105897IBM Sametime Media Services Web UI cross site scripting [CVE-2016-2973]
105896IBM Sametime Meeting Server Credentials credentials management
105895IBM Sametime Media Services Error Log information disclosure
105894IBM Sametime Meeting Server Reply information disclosure [CVE-2016-2969]
105893IBM Sametime cross site scripting [CVE-2016-2967]
105892IBM Sametime information disclosure [CVE-2016-2966]
105891IBM Sametime Meeting Server cross-site request forgery [CVE-2016-2965]
105890IBM Sametime Error Message information disclosure [CVE-2016-2964]
105889IBM Sametime Meeting Server access control [CVE-2016-2959]
105888IBM Sametime Meeting Server input validation [CVE-2016-10503]
105887IBM Sametime information disclosure [CVE-2016-0358]
105886IBM Sametime Enterprise Meeting Server Screen Sharing cross-site request forgery
105885IBM Sametime Enterprise Meeting Server Screen Sharing cross-site request forgery
105884IBM Sametime Enterprise Meeting Server File Upload unrestricted upload
105883Huawei VCN500 Operation/Maintenance Unit sql injection [CVE-2015-8334]
105882KNX ETS Group Messages Monitor memory corruption [CVE-2015-8299]
105881Double Opt-In for Download Plugin class-doifd-download.php sql injection
105880ZTE OX-330P X.509 Certificate information disclosure [CVE-2015-7255]🔒🔒
105879Coremail Document Attachment cross site scripting [CVE-2015-6942]
105878Apache Struts input validation [CVE-2015-5209]🔒🔒
105877Aruba Networks ClearPass Policy Manager access control [CVE-2015-4649]
105876Aruba Networks ClearPass Policy Manager access control [CVE-2015-3657]
105875Aruba Networks ClearPass Policy Manager improper authorization
105874Aruba Networks ClearPass Policy Manager cross-site request forgery
105873Aruba Networks ClearPass Policy Manager access control [CVE-2015-3654]
105872Aruba Networks ClearPass Policy Manager Permission Check access control
105871mpg123 memory corruption [CVE-2014-9497]🔒🔒
105870Googlemaps Plugin cross site scripting [CVE-2013-7433]🔒
105869Googlemaps Plugin access control [CVE-2013-7432]🔒
105868Googlemaps Plugin Path information disclosure [CVE-2013-7431]🔒
105867Kamailio Temp File kamailio_fifo unrestricted upload
105866ElanTech Touchpad Driver unquoted search path [CVE-2017-3757]🔒
105865ThinkPad USB 3.0 Ethernet Adapter Driver access control [CVE-2017-3746]
105864Cybozu Garoon SOAP API WorkflowHandleApplications path traversal🔒
105863Cybozu Garoon Mail cross site scripting [CVE-2017-2257]🔒
105862Cybozu Garoon Rich Text Editor cross site scripting [CVE-2017-2256]🔒
105861Cybozu Garoon Rich Text Editor cross site scripting [CVE-2017-2255]🔒
105860Cybozu Garoon edit input validation🔒
105859Flets Setsuzoku Tool untrusted search path [CVE-2017-2242]
105858IBM J9 VM access control [CVE-2017-1376]🔒
105857Linux Kernel flow_dissector.c __skb_flow_dissect input validation
105856IBM Curam Social Program Management information disclosure [CVE-2017-1110]🔒
105855BaserCMS code injection [CVE-2017-10844]
105854BaserCMS Mail Form File access control
105853BaserCMS sql injection [CVE-2017-10842]
105852Webcalendar path traversal [CVE-2017-10841]🔒🔒
105851Webcalendar cross site scripting [CVE-2017-10840]🔒🔒
105850Seo Panel sql injection [CVE-2017-10839]
105849Seo Panel cross site scripting [CVE-2017-10838]
105848BackupGuard cross site scripting [CVE-2017-10837]
105847Optimal Guard untrusted search path [CVE-2017-10836]
105846Dokodemo eye Smart HD SCR02HD code injection [CVE-2017-10835]
105845Dokodemo eye Smart HD SCR02HD path traversal [CVE-2017-10834]
105844Dokodemo eye Smart HD SCR02HD access control [CVE-2017-10833]
105843Dokodemo eye Smart HD SCR02HD os command injection [CVE-2017-10832]
105842Electronic Authentication System untrusted search path [CVE-2017-10831]
105841Security Setup Tool untrusted search path [CVE-2017-10830]
105840Flets Install Tool untrusted search path [CVE-2017-10828]
105839Flets Azukeru Auto Backup Tool untrusted search path [CVE-2017-10827]
105838Security Kinou Mihariban untrusted search path [CVE-2017-10826]
105837Photo Collection PC Software untrusted search path [CVE-2017-10812]
105836IBM Curam Social Program Management Web UI cross site scripting
105835pki-core Temp File input validation [CVE-2015-0234]
105834Corel CorelDRAW X7 wintab32.dll uncontrolled search path [CVE-2014-8393]
105833The Next Generation of Genealogy Sitebuilding timeline2.php sql injection
105832OSNEXUS QuantaStor REST Call cross site scripting [CVE-2017-9979]🔒
105831OSNEXUS QuantaStor Error Message User information disclosure🔒
105830QEMU megasas_mmio_write memory corruption🔒🔒
105829Heimdal Transit Path Validator access control [CVE-2017-6594]🔒
105828OpenSSL X.509 Certificate memory corruption [CVE-2017-3735]🔒🔒
105827libiberty C++ Symbol Demangler cplus-dem.c resource management🔒
105826LAME id3tag.c id3v2AddAudioDuration null pointer dereference🔒🔒
105825libgig gig File gig.cpp GetSampleFromWavePool out-of-bounds read
105824libgig gig File gig.cpp UpdateRegionKeyTable out-of-bounds write
105823libgig gig File helper.h LoadString null pointer dereference
105822libgig gig File gig.cpp CreateVelocityTable memory corruption
105821libgig gig File gig.cpp Region null pointer dereference
105820libfpx fpx Image docfile.cxx double free
105819libfpx fpx Image dirfunc.hxx GetTable divide by zero
105818libfpx fpx Image olestrm.cpp WriteVT_LPSTR null pointer dereference
105817libfpx fpx Image wchar.c null pointer dereference
105816libfpx fpx Image f_fpxvw.cpp GetGlobalInfoProperty null pointer dereference
105815libfpx fpx Image dir.cxx GetDirEntry null pointer dereference
105814libfpx fpx Image olestrm.cpp WriteVT_LPSTR memory corruption
105813ImageMagick image.c DestroyImage use after free🔒🔒
105812ImageMagick enhance.c memory corruption🔒
105811DESLock+ Client Kernel Driver DLMFENC.sys memory corruption
105810Synology Router Manager SYNO.Core.PortForwarding.Rules resource consumption
105809Synology DiskStation SYNO.Core.PortForwarding.Rules resource consumption
105808FreeIPA Default Password Policy credentials management [CVE-2016-7030]🔒🔒
105807GNU Bash \h Expansion os command injection [CVE-2016-0634]🔒🔒
105806Huawei Video Content Management improper authentication [CVE-2015-8332]
105805Polycom BToE Connector plcmbtoesrv.exe, permission
105804GE Multilink ML3100 cross site scripting [CVE-2015-3976]
105803MantisBT cross site scripting [CVE-2015-2046]🔒
105802ES File Explorer path traversal [CVE-2015-1876]
105801Netatmo Indoor Module Password information disclosure [CVE-2015-1600]
105800kgb-bot input validation [CVE-2015-1554]
105799fli4l httpd response splitting [CVE-2015-1445]
105798fli4l httpd input validation [CVE-2015-1443]
105797Xymon memory corruption [CVE-2015-1430]🔒
105796LDAP SSO Authentication improper authentication [CVE-2015-1401]
105795unshield path traversal [CVE-2015-1386]
105794ppmd path traversal [CVE-2015-1199]
105793ha path traversal [CVE-2015-1198]
105792Exponent CMS index.php cross site scripting
105791ZTE Datacard MF19 mediaplayerdll.dll untrusted search path [CVE-2015-0974]
105790OISF libhtp null pointer dereference [CVE-2015-0928]🔒
105789389 Administration Server Temp File 7pk security [CVE-2015-0233]🔒🔒
105788wpa_supplicant Certificate Subject Name certificate validation🔒
105787IBM V5R4/i Access memory corruption [CVE-2015-0114]
105786IBM Business Process Manager cross site scripting [CVE-2015-0101]
105785SmartCMS sql injection [CVE-2014-9558]
105784SmartCMS cross site scripting [CVE-2014-9557]
105783BMC FootPrints Service Core cross site scripting [CVE-2014-9514]
105782xbindkeys-config Temp File xbindkeysrc-tmp access control
105781Photo Gallery File Upload unrestricted upload [CVE-2014-9312]
105780IBM UrbanCode cross-site request forgery [CVE-2014-8900]
105779Hybris Commerce Software Suite path traversal [CVE-2014-8871]🔒
105778Cit-e-Net Cit-e-Access cross site scripting [CVE-2014-8753]
105777Red Hat Satellite MongoDB access control [CVE-2014-8168]
105776Red Hat Satellite XMLRPC Interface path traversal [CVE-2014-8163]
105775IT360 path traversal [CVE-2014-5302]
105774IT360 path traversal [CVE-2014-5301]
105773Good for Enterprise iOS cross site scripting [CVE-2014-4925]
105772Red Hat Satellite cross site scripting [CVE-2014-0141]
105771Joomla CMS cross site scripting [CVE-2013-7430]🔒
105770GNU binutils libbfd elf.c setup_group null pointer dereference
105769FlightGear FGLogger Subsystem logger.cxx input validation🔒🔒
105768Replibit Backup Manager sudo Command access control [CVE-2017-13707]
105767QPDF Tokenizer parseInternal input validation🔒🔒
105766IBM Security Access Manager redirect [CVE-2017-1489]
105765IBM Sametime Media Server information disclosure [CVE-2016-2970]
105764ALC WebCTRL File Upload unrestricted upload [CVE-2017-9650]
105763ALC WebCTRL Unquoted Search Path unquoted search path [CVE-2017-9644]🔒
105762ALC WebCTRL path traversal [CVE-2017-9640]
105761OSIsoft PI Server improper authentication [CVE-2017-7934]
105760OSIsoft PI Server improper authentication [CVE-2017-7930]
105759OSIsoft PI Web API cross-site request forgery [CVE-2017-7926]
105758Riverbed OPNET App Response Xpert viewer_script.jsp path traversal
105757FineCMS api.php cross site scripting
105756Polycom SoundStation IP/VVX/RealPresence Trio UCS Web Application Memory information disclosure
105755Kaspersky Internet Security Trace File information disclosure
105754Kaspersky Internet Security Export access control [CVE-2017-12816]
105753MRD-305-DIN/MRD-315/MRD-355/MRD-455 hard-coded credentials [CVE-2017-12709]
105752SpiderControl SCADA MicroBrowser HTML File memory corruption
105751Westermo MRD-305-DIN/MRD-315/MRD-355/MRD-455 cross-site request forgery
105750SpiderControl SCADA Web Server path traversal [CVE-2017-12694]
105749MRD-305-DIN/MRD-315/MRD-355/MRD-455 hard-coded credentials [CVE-2016-5816]
105748mktexlsr link following [CVE-2015-5701]
105747mktexlsr link following [CVE-2015-5700]🔒
105746phpMyBackupPro Incomplete Fix get_file.php path traversal
105745phpMyBackupPro Incomplete Fix get_file.php path traversal
105744Salt Certificate Validation certificate validation [CVE-2015-4017]
105743zend-diactoros Uri::filterPath cross site scripting
105742php-fpm link following [CVE-2015-3211]
105741python-kerberos checkPassword improper authentication🔒
105740GNU Patch diff File Name path traversal [CVE-2015-1395]🔒🔒
105739Apport race condition [CVE-2015-1325]🔒🔒
105738Apport access control [CVE-2015-1324]🔒🔒
105737GNU Patch diff File set_hunkmax resource management🔒🔒
105736IBM EN6131/IB6131 crlf injection [CVE-2014-9564]
105735D-Link DNS-320L/DNS-327L fb_publish.php improper authentication
105734D-Link DNR-320L/DNS-320LW/DNR-322L/DNR-326/DNS-327L HTTP Header login_mgr.cgi memory corruption
105733D-Link DNR-326 Cookie check_login improper authentication
105732D-Link DNS-345 Cookie improper authentication [CVE-2014-7857]
105731Linux Kernel sctp_diag.c sctp_get_sctp_info Memory out-of-bounds read🔒🔒
105730HPE iLO 4 privileges management [CVE-2017-12542]🔒🔒
105729Linux Kernel Operand Cache nseval.c acpi_ns_evaluate information disclosure🔒🔒
105728Linux Kernel psobject.c acpi_ps_complete_final_op information disclosure🔒🔒
105727Linux Kernel Operand Cache dsutils.c acpi_ds_create_operands information disclosure🔒🔒
105726tidy attrs.c IsURLCodePoint input validation
105725Synology Photo Station PixlrEditorHandler.php cross site scripting
105724Atlassian FishEye/Crucible Permission Check information disclosure🔒
105723Atlassian FishEye/Crucible MultiPathResource path traversal🔒
105722Atlassian FishEye Repository Changelog cross site scripting [CVE-2017-9510]🔒
105721Atlassian Crucible Review File Upload cross site scripting [CVE-2017-9509]🔒
105720Atlassian FishEye/Crucible cross site scripting [CVE-2017-9508]🔒
105719Atlassian Crucible Review Filter cross site scripting [CVE-2017-9507]🔒
105718Linux Kernel route.c null pointer dereference
105717MISP Comment Field CommandHelper.php Persistent cross site scripting
105716NexusPHP staffbox.php sql injection
105715MulticoreWare x265 pixel-a.asm planeClipAndMax integer underflow
105714ImageMagick mat.c DestroyImageInfo input validation🔒🔒
105713Paessler PRTG Network Monitor Device/Sensor Stored cross site scripting🔒
105712CVS SSH command injection [CVE-2017-12836]🔒🔒
105711NexusPHP cheaterbox.php sql injection
105710Synology DNS Server SYNO.DNSServer.Zone.MasterZoneConf path traversal
105709PyJWT PEM Encoded Public Key asymmetric invalid_strings access control🔒🔒
105708Form module orion.extfeedbackform_efbf_forms.php sql injection
105707Zen Cart ajax.php path traversal
105706LXDM X Server improper authentication [CVE-2015-8308]
105705ONOS Ethernet Frame null pointer dereference
105704ZTE ZXV10 W300 credentials management [CVE-2015-7259]
105703ZTE ZXV10 W300 Telnet Connection Password credentials management
105702ZTE ZXV10 W300 password recovery [CVE-2015-7257]
105701Red Hat Enterprise Virtualization Manager SLAAC IPv6 Address access control
105700Cloud4Wi Splash Portal cross site scripting [CVE-2015-4699]
105699Samsung S4 GT-I9500 samsung_extdisp Driver memory corruption
105698Samsung S4 GT-I9500 samsung_extdisp Driver information disclosure
105697Google Android Media Framework access control [CVE-2017-0805]
105696Atlassian OAuth Plugin IconUriServlet server-side request forgery🔒
105695UnrealIRCd access control [CVE-2017-13649]🔒
105694GraphicsMagick mat.c ReadMATImage memory corruption🔒
105693GraphicsMagick MNG File png.c ReadMNGImage Allocation input validation🔒🔒
105692ImageMagick mat.c ReadMATImage memory corruption🔒🔒
105691ImageMagick jp2.c ReadJP2Image input validation🔒🔒
105690ImageMagick input validation [CVE-2017-13144]🔒🔒
105689ImageMagick mat.c ReadMATImage Memory information disclosure🔒🔒
105688ImageMagick PNG File unusual condition [CVE-2017-13142]🔒🔒
105687ImageMagick png.c ReadOnePNGImage memory corruption🔒🔒
105686ImageMagick png.c ReadOnePNGImage memory corruption🔒🔒
105685ImageMagick png.c ReadOneMNGImage out-of-bounds read🔒🔒
105684Bridge Theme DOM cross site scripting [CVE-2017-13138]
105683FormCraft Basic Plugin form.php sql injection
105682Apache2Triad users.php cross site scripting
105681Apache2Triad users.php cross-site request forgery
105680Apache2Triad session fixiation [CVE-2017-12965]
105679newsbeuter Bookmark Remote Code Execution [CVE-2017-12904]🔒🔒
105678libzip zip_dirent.c zip_dirent_read double free🔒🔒
105677Nagios nagios.lock` access control🔒🔒
105676Icewarp Mail Server Admin Panel cross site scripting [CVE-2017-12844]🔒
105675QEMU CD/DVD-ROM Emulator null pointer dereference [CVE-2017-12809]🔒🔒
105674SaltStack Salt Minion ID path traversal [CVE-2017-12791]🔒
105673supervisor XML-RPC Server access control [CVE-2017-11610]🔒🔒
105672Progress Telerik UI for ASP.NET AJAX File Upload input validation🔒
105671Telerik Progress UI for ASP.NET AJAX Telerik.Web.UI inadequate encryption🔒
105670Synology Photo Station Uploader shfolder.dll untrusted search path
105669util-linux login-utils mkostemp access control🔒
105668Foxit Reader applaunchURL access control🔒🔒
105667Foxit Reader JavaScript SaveAs input validation🔒🔒
105666ImageMagick sfw.c SFWScan memory corruption🔒🔒
105665ImageMagick xcf.c load_level resource management🔒🔒
105664ImageMagick pdf.c WritePDFImage input validation🔒
105663ImageMagick miff.c ReadMIFFImage resource management🔒
105662BMC Patrol mcmnm access control
105661dnsdist REST API cross-site request forgery [CVE-2017-7557]🔒🔒
105660icoutils integer overflow [CVE-2017-5208]🔒🔒
105659IBM MaaS360 DTM information disclosure [CVE-2017-1422]
105658GraphicsMagick image.c CloneImage memory corruption🔒🔒
105657GraphicsMagick svg.c SVGStartElement null pointer dereference🔒🔒
105656GraphicsMagick svg.c GetStyleTokens memory corruption🔒🔒
105655GraphicsMagick svg.c GetStyleTokens memory corruption🔒🔒
105654ImageMagick meta.c formatIPTC memory corruption🔒🔒
105653ImageMagick psd.c ReadPSDLayersInternal input validation🔒🔒
105652ImageMagick mat.c ReadMATImage memory corruption🔒
105651ImageMagick png.c WriteOneJNGImage memory corruption🔒
105650ImageMagick pcx.c WritePCXImage memory corruption🔒
105649Cyrus IMAP Command input validation [CVE-2017-12843]🔒🔒
105648NoviWare novi_process_manager_daemon memory corruption [CVE-2017-12787]
105647NoviWare Network Interface memory corruption [CVE-2017-12786]
105646NoviWare novish CLI memory corruption [CVE-2017-12785]
105645Red Hat JBoss Enterprise Application Platform IP Address information disclosure🔒
105644RHEV oVirt Engine engine.log information disclosure
105643Apache Pony Mail improper authentication [CVE-2016-4460]
105642openstack-tripleo-image-elements HAProxy Stats improper authentication
105641WAGO IO 750-849/IO 750-881 Privilege Separation 7pk security
105640WAGO IO 750-849/IO 750-881/IO 758-870 Credential Management credentials management
105639springframework-social cross-site request forgery [CVE-2015-5258]🔒🔒
105638Fortinet FortiManager CLI access control [CVE-2015-3617]
105637Accellion File Transfer Appliance get_oauth_customer_name command injection🔒🔒
105636IBM Security Network Protection cross site scripting [CVE-2014-6189]
105635Cloud Foundry CAPI Request File information disclosure
105634Micro Focus Enterprise Developer/Enterprise Server esfadmingui path traversal
105633Micro Focus Enterprise Developer/Enterprise Server cross-site request forgery
105632Micro Focus Enterprise Developer/Enterprise Server esfadmingui Reflected cross site scripting