CVE List - 2017 / October
Showing 1 - 100 of 1398 CVEs for October 2017 (Page 1 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-14941 | 2017-10-01 | Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability,... |
| CVE-2017-14954 | 2017-10-01 | The waitid implementation in kernel/exit.c in the Linux kernel through... |
| CVE-2017-14955 | 2017-10-01 | Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save... |
| CVE-2017-14957 | 2017-10-01 | Stored XSS vulnerability via a comment in inc/conv.php in BlogoText... |
| CVE-2017-14958 | 2017-10-01 | lib.php in PivotX 2.3.11 does not properly block uploads of... |
| CVE-2017-14970 | 2017-10-01 | In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are... |
| CVE-2017-14975 | 2017-10-01 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a... |
| CVE-2017-14976 | 2017-10-01 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a... |
| CVE-2017-14977 | 2017-10-01 | The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a... |
| CVE-2017-14974 | 2017-10-01 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library... |
| CVE-2017-14981 | 2017-10-02 | Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The... |
| CVE-2017-13997 | 2017-10-02 | A Missing Authentication for Critical Function issue was discovered in... |
| CVE-2017-14983 | 2017-10-02 | Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka... |
| CVE-2017-14984 | 2017-10-02 | Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka... |
| CVE-2017-14985 | 2017-10-02 | Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka... |
| CVE-2017-14988 | 2017-10-02 | Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to... |
| CVE-2017-14989 | 2017-10-02 | A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16... |
| CVE-2017-8018 | 2017-10-02 | EMC AppSync host plug-in versions 3.5 and below (Windows platform... |
| CVE-2017-8021 | 2017-10-02 | EMC Elastic Cloud Storage (ECS) before 3.1 is affected by... |
| CVE-2014-0043 | 2017-10-02 | In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to... |
| CVE-2016-6806 | 2017-10-02 | Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1... |
| CVE-2017-9797 | 2017-10-02 | When an Apache Geode cluster before v1.2.1 is operating in... |
| CVE-2017-12792 | 2017-10-02 | Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow... |
| CVE-2017-9537 | 2017-10-02 | Persistent cross-site scripting (XSS) in the Add Node function of... |
| CVE-2017-9538 | 2017-10-02 | The 'Upload logo from external path' function of SolarWinds Network... |
| CVE-2017-12620 | 2017-10-02 | When loading models or dictionaries that contain XML it is... |
| CVE-2017-11321 | 2017-10-02 | The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8... |
| CVE-2017-11322 | 2017-10-02 | The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows... |
| CVE-2017-14754 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14755 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14756 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14757 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14758 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14759 | 2017-10-02 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1... |
| CVE-2017-14979 | 2017-10-02 | Gxlcms uses an unsafe character-replacement approach in an attempt to... |
| CVE-2017-14990 | 2017-10-02 | WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous... |
| CVE-2017-6089 | 2017-10-02 | SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote... |
| CVE-2017-6090 | 2017-10-02 | Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and... |
| CVE-2015-3321 | 2017-10-02 | Services and files in Lenovo Fingerprint Manager before 8.01.42 have... |
| CVE-2015-6576 | 2017-10-02 | Bamboo 2.2 before 5.8.5 and 5.9.x before 5.9.7 allows remote... |
| CVE-2015-6971 | 2017-10-02 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows... |
| CVE-2015-7841 | 2017-10-02 | The login page of the server on Huawei FusionServer rack... |
| CVE-2015-7843 | 2017-10-02 | The management interface on Huawei FusionServer rack servers RH2288 V3... |
| CVE-2015-7980 | 2017-10-02 | Cross-site scripting (XSS) vulnerability in the Compass Rose module 6.x-1.x... |
| CVE-2015-7357 | 2017-10-02 | Cross-site scripting (XSS) vulnerability in the uDesign (aka U-Design) theme... |
| CVE-2015-7358 | 2017-10-02 | The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before... |
| CVE-2015-7359 | 2017-10-02 | The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in... |
| CVE-2017-1311 | 2017-10-02 | IBM Insights Foundation for Energy 2.0 is vulnerable to SQL... |
| CVE-2017-1324 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1334 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1335 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1345 | 2017-10-02 | IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site... |
| CVE-2017-1359 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1364 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1369 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1429 | 2017-10-02 | IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site... |
| CVE-2017-1569 | 2017-10-02 | IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified vulnerability... |
| CVE-2017-11496 | 2017-10-02 | Stack buffer overflow in hasplms in Gemalto ACC (Admin Control... |
| CVE-2017-11497 | 2017-10-02 | Stack buffer overflow in hasplms in Gemalto ACC (Admin Control... |
| CVE-2017-11498 | 2017-10-02 | Buffer overflow in hasplms in Gemalto ACC (Admin Control Center),... |
| CVE-2017-12638 | 2017-10-02 | Stack based buffer overflow in Ipswitch IMail server up to... |
| CVE-2017-12639 | 2017-10-02 | Stack based buffer overflow in Ipswitch IMail server up to... |
| CVE-2017-13704 | 2017-10-02 | In dnsmasq before 2.78, if the DNS packet size does... |
| CVE-2017-14491 | 2017-10-02 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers... |
| CVE-2017-14492 | 2017-10-02 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers... |
| CVE-2017-14493 | 2017-10-02 | Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers... |
| CVE-2017-14494 | 2017-10-02 | dnsmasq before 2.78, when configured as a relay, allows remote... |
| CVE-2017-14495 | 2017-10-02 | Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id... |
| CVE-2017-14496 | 2017-10-02 | Integer underflow in the add_pseudoheader function in dnsmasq before 2.78... |
| CVE-2017-14770 | 2017-10-02 | Skybox Manager Client Application prior to 8.5.501 is prone to... |
| CVE-2017-14771 | 2017-10-02 | Skybox Manager Client Application prior to 8.5.501 is prone to... |
| CVE-2017-14772 | 2017-10-02 | Skybox Manager Client Application is prone to information disclosure via... |
| CVE-2017-14773 | 2017-10-02 | Skybox Manager Client Application prior to 8.5.501 is prone to... |
| CVE-2017-14848 | 2017-10-02 | WPHRM Human Resource Management System for WordPress 1.0 allows SQL... |
| CVE-2017-9792 | 2017-10-03 | In Apache Impala (incubating) before 2.10.0, a malicious user with... |
| CVE-2017-14991 | 2017-10-03 | The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before... |
| CVE-2017-14994 | 2017-10-03 | ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to... |
| CVE-2017-14995 | 2017-10-03 | The Management Console in WSO2 Application Server 5.3.0, WSO2 Business... |
| CVE-2017-14997 | 2017-10-03 | GraphicsMagick 1.3.26 allows remote attackers to cause a denial of... |
| CVE-2017-8047 | 2017-10-03 | In Cloud Foundry router routing-release all versions prior to v0.163.0... |
| CVE-2017-8048 | 2017-10-03 | In Cloud Foundry capi-release versions 1.33.0 and later, prior to... |
| CVE-2017-12818 | 2017-10-03 | Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel... |
| CVE-2017-12819 | 2017-10-03 | Remote manipulations with language pack updater lead to NTLM-relay attack... |
| CVE-2017-12820 | 2017-10-03 | Arbitrary memory read from controlled memory pointer in Gemalto's HASP... |
| CVE-2017-12821 | 2017-10-03 | Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel... |
| CVE-2017-12822 | 2017-10-03 | Remote enabling and disabling admin interface in Gemalto's HASP SRM,... |
| CVE-2017-12617 | 2017-10-03 | When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to... |
| CVE-2017-15010 | 2017-10-03 | A ReDoS (regular expression denial of service) flaw was found... |
| CVE-2017-15008 | 2017-10-03 | PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site... |
| CVE-2017-15009 | 2017-10-03 | PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site... |
| CVE-2017-1126 | 2017-10-03 | IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0)... |
| CVE-2017-1541 | 2017-10-03 | A flaw in the AIX 5.3, 6.1, 7.1, and 7.2... |
| CVE-2017-12166 | 2017-10-03 | OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable... |
| CVE-2017-15011 | 2017-10-03 | The named pipes in qtsingleapp in Qt 5.x, as used... |
| CVE-2017-0818 | 2017-10-03 | A vulnerability in the Android media framework (n/a). Product: Android.... |
| CVE-2017-0806 | 2017-10-03 | An elevation of privilege vulnerability in the Android framework (gatekeeperresponse).... |
| CVE-2017-0807 | 2017-10-03 | An elevation of privilege vulnerability in the Android framework (ui... |
| CVE-2017-0808 | 2017-10-03 | An information disclosure vulnerability in the Android framework (file system).... |
| CVE-2017-0809 | 2017-10-03 | A remote code execution vulnerability in the Android media framework... |
| CVE-2017-0810 | 2017-10-03 | A remote code execution vulnerability in the Android media framework... |