CVE List - 2017 / January
Showing 501 - 600 of 1083 CVEs for January 2017 (Page 6 of 11)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-5013 | 2017-01-20 | In Moodle 2.x and 3.x, text injection can occur in... |
| CVE-2016-5014 | 2017-01-20 | In Moodle 2.x and 3.x, an unenrolled user still receives... |
| CVE-2016-7038 | 2017-01-20 | In Moodle 2.x and 3.x, web service tokens are not... |
| CVE-2016-8642 | 2017-01-20 | In Moodle 2.x and 3.x, the question engine allows access... |
| CVE-2016-8643 | 2017-01-20 | In Moodle 2.x and 3.x, non-admin site managers may accidentally... |
| CVE-2016-8644 | 2017-01-20 | In Moodle 2.x and 3.x, the capability to view course... |
| CVE-2017-2576 | 2017-01-20 | In Moodle 2.x and 3.x, there is incorrect sanitization of... |
| CVE-2017-2578 | 2017-01-20 | In Moodle 3.x, there is XSS in the assignment submission... |
| CVE-2017-5541 | 2017-01-20 | Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10... |
| CVE-2017-5542 | 2017-01-20 | Cross-site scripting (XSS) vulnerability in template/usererror.missing_extension.php in Symphony CMS before... |
| CVE-2017-5543 | 2017-01-20 | includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct... |
| CVE-2014-2045 | 2017-01-20 | Multiple cross-site scripting (XSS) vulnerabilities in the old and new... |
| CVE-2014-9754 | 2017-01-20 | The hardware VPN client in Viprinet MultichannelVPN Router 300 version... |
| CVE-2014-9755 | 2017-01-20 | The hardware VPN client in Viprinet MultichannelVPN Router 300 version... |
| CVE-2016-5316 | 2017-01-20 | Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff... |
| CVE-2016-5317 | 2017-01-20 | Buffer overflow in the PixarLogDecode function in libtiff.so in the... |
| CVE-2016-5318 | 2017-01-20 | Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6... |
| CVE-2016-5319 | 2017-01-20 | Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier... |
| CVE-2016-5321 | 2017-01-20 | The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers... |
| CVE-2016-5323 | 2017-01-20 | The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers... |
| CVE-2016-6253 | 2017-01-20 | mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5,... |
| CVE-2016-9435 | 2017-01-20 | The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does... |
| CVE-2016-9436 | 2017-01-20 | parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values,... |
| CVE-2017-5545 | 2017-01-21 | The main function in plistutil.c in libimobiledevice libplist through 1.12... |
| CVE-2016-10101 | 2017-01-23 | Information Disclosure can occur in Hitek Software's Automize 10.x and... |
| CVE-2016-10102 | 2017-01-23 | hitek.jar in Hitek Software's Automize uses weak encryption when encrypting... |
| CVE-2016-10103 | 2017-01-23 | Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize... |
| CVE-2016-10104 | 2017-01-23 | Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize... |
| CVE-2016-10156 | 2017-01-23 | A flaw in systemd v228 in /src/basic/fs-util.c caused world writable... |
| CVE-2016-10157 | 2017-01-23 | Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries... |
| CVE-2016-8213 | 2017-01-23 | EMC Documentum WebTop Version 6.8, prior to P18 and Version... |
| CVE-2016-9870 | 2017-01-23 | EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2,... |
| CVE-2017-5539 | 2017-01-23 | The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable... |
| CVE-2017-5544 | 2017-01-23 | An issue was discovered on FiberHome Fengine S5800 switches V210R240.... |
| CVE-2017-5553 | 2017-01-23 | Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5... |
| CVE-2017-5554 | 2017-01-23 | An issue was discovered in ABOOT in OnePlus 3 and... |
| CVE-2017-5556 | 2017-01-23 | The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF... |
| CVE-2017-5563 | 2017-01-23 | LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read... |
| CVE-2017-5574 | 2017-01-23 | SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows... |
| CVE-2017-5575 | 2017-01-23 | SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows... |
| CVE-2017-5182 | 2017-01-23 | Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote... |
| CVE-2017-5569 | 2017-01-23 | An issue was discovered in eClinicalWorks Patient Portal 7.0 build... |
| CVE-2017-5570 | 2017-01-23 | An issue was discovered in eClinicalWorks Patient Portal 7.0 build... |
| CVE-2013-7451 | 2017-01-23 | The validator module before 1.1.0 for Node.js allows remote attackers... |
| CVE-2013-7452 | 2017-01-23 | The validator module before 1.1.0 for Node.js allows remote attackers... |
| CVE-2013-7453 | 2017-01-23 | The validator module before 1.1.0 for Node.js allows remote attackers... |
| CVE-2013-7454 | 2017-01-23 | The validator module before 1.1.0 for Node.js allows remote attackers... |
| CVE-2014-8362 | 2017-01-23 | Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable... |
| CVE-2014-9772 | 2017-01-23 | The validator package before 2.0.0 for Node.js allows remote attackers... |
| CVE-2015-4626 | 2017-01-23 | B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which... |
| CVE-2015-7743 | 2017-01-23 | XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078... |
| CVE-2015-8315 | 2017-01-23 | The ms package before 0.7.1 for Node.js allows attackers to... |
| CVE-2015-8854 | 2017-01-23 | The marked package before 0.3.4 for Node.js allows attackers to... |
| CVE-2015-8855 | 2017-01-23 | The semver package before 4.3.2 for Node.js allows attackers to... |
| CVE-2015-8856 | 2017-01-23 | Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3... |
| CVE-2015-8857 | 2017-01-23 | The uglify-js package before 2.4.24 for Node.js does not properly... |
| CVE-2015-8858 | 2017-01-23 | The uglify-js package before 2.6.0 for Node.js allows attackers to... |
| CVE-2015-8859 | 2017-01-23 | The send package before 0.11.1 for Node.js allows attackers to... |
| CVE-2015-8860 | 2017-01-23 | The tar package before 2.0.0 for Node.js allows remote attackers... |
| CVE-2015-8861 | 2017-01-23 | The handlebars package before 4.0.0 for Node.js allows remote attackers... |
| CVE-2015-8862 | 2017-01-23 | mustache package before 2.2.1 for Node.js allows remote attackers to... |
| CVE-2015-8971 | 2017-01-23 | Terminology 0.7.0 allows remote attackers to execute arbitrary commands via... |
| CVE-2015-8972 | 2017-01-23 | Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in... |
| CVE-2016-0765 | 2017-01-23 | Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop... |
| CVE-2016-0769 | 2017-01-23 | Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin... |
| CVE-2016-1281 | 2017-01-23 | Untrusted search path vulnerability in the installer for TrueCrypt 7.2... |
| CVE-2016-1417 | 2017-01-23 | Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers... |
| CVE-2016-1925 | 2017-01-23 | Integer underflow in header.c in lha allows remote attackers to... |
| CVE-2016-2242 | 2017-01-23 | Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers... |
| CVE-2016-2783 | 2017-01-23 | Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software... |
| CVE-2016-3147 | 2017-01-23 | Buffer overflow in the collector.exe listener of the Landesk Management... |
| CVE-2016-3177 | 2017-01-23 | Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2... |
| CVE-2016-4010 | 2017-01-23 | Magento CE and EE before 2.0.6 allows remote attackers to... |
| CVE-2016-4055 | 2017-01-23 | The duration function in the moment package before 2.11.2 for... |
| CVE-2016-4056 | 2017-01-23 | Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3... |
| CVE-2016-4338 | 2017-01-23 | The mysql user parameter configuration script (userparameter_mysql.conf) in the agent... |
| CVE-2016-4340 | 2017-01-23 | The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0... |
| CVE-2016-4484 | 2017-01-23 | The Debian initrd script for the cryptsetup package 2:1.7.3-2 and... |
| CVE-2016-4793 | 2017-01-23 | The clientIp function in CakePHP 3.2.4 and earlier allows remote... |
| CVE-2016-5091 | 2017-01-23 | Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and... |
| CVE-2016-5119 | 2017-01-23 | The automatic update feature in KeePass 2.33 and earlier allows... |
| CVE-2016-5237 | 2017-01-23 | Valve Steam 3.42.16.13 uses weak permissions for the files in... |
| CVE-2016-5697 | 2017-01-23 | Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping... |
| CVE-2016-5720 | 2017-01-23 | Multiple untrusted search path vulnerabilities in Microsoft Skype allow local... |
| CVE-2016-5742 | 2017-01-23 | SQL injection vulnerability in the XML-RPC interface in Movable Type... |
| CVE-2016-5873 | 2017-01-23 | Buffer overflow in the HTTP URL parsing functions in pecl_http... |
| CVE-2016-5876 | 2017-01-23 | ownCloud server before 8.2.6 and 9.x before 9.0.3, when the... |
| CVE-2016-6160 | 2017-01-23 | tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause... |
| CVE-2016-6164 | 2017-01-23 | Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg... |
| CVE-2016-6223 | 2017-01-23 | The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before... |
| CVE-2016-6484 | 2017-01-23 | CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1... |
| CVE-2016-6517 | 2017-01-23 | Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to... |
| CVE-2016-6521 | 2017-01-23 | Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails... |
| CVE-2016-6582 | 2017-01-23 | The Doorkeeper gem before 4.2.0 for Ruby might allow remote... |
| CVE-2016-6600 | 2017-01-23 | Directory traversal vulnerability in the file upload functionality in ZOHO... |
| CVE-2016-6601 | 2017-01-23 | Directory traversal vulnerability in the file download functionality in ZOHO... |
| CVE-2016-6602 | 2017-01-23 | ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak... |
| CVE-2016-6603 | 2017-01-23 | ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers... |
| CVE-2016-6668 | 2017-01-23 | The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before... |
| CVE-2016-6920 | 2017-01-23 | Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in... |