CVE List - 2017 / March
Showing 1101 - 1200 of 1302 CVEs for March 2017 (Page 12 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2015-8026 | 2017-03-27 | Heap-based buffer overflow in the verify_vbr_checksum function in exfatfsck in... |
| CVE-2015-8309 | 2017-03-27 | Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote... |
| CVE-2015-8310 | 2017-03-27 | Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows... |
| CVE-2016-7474 | 2017-03-27 | In some cases the MCPD binary cache in F5 BIG-IP... |
| CVE-2016-9922 | 2017-03-27 | The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator),... |
| CVE-2017-5330 | 2017-03-27 | ark before 16.12.1 might allow remote attackers to execute arbitrary... |
| CVE-2017-5850 | 2017-03-27 | httpd in OpenBSD allows remote attackers to cause a denial... |
| CVE-2017-5899 | 2017-03-27 | Directory traversal vulnerability in the setuid root helper binary in... |
| CVE-2017-5931 | 2017-03-27 | Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows... |
| CVE-2017-5932 | 2017-03-27 | The path autocompletion feature in Bash 4.4 allows local users... |
| CVE-2017-5973 | 2017-03-27 | The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator)... |
| CVE-2017-6878 | 2017-03-27 | Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated... |
| CVE-2015-0863 | 2017-03-27 | GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before... |
| CVE-2015-0864 | 2017-03-27 | Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069... |
| CVE-2015-8010 | 2017-03-27 | Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV... |
| CVE-2015-8762 | 2017-03-27 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote... |
| CVE-2015-8763 | 2017-03-27 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote... |
| CVE-2015-8764 | 2017-03-27 | Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through... |
| CVE-2016-10225 | 2017-03-27 | The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3,... |
| CVE-2016-4912 | 2017-03-27 | The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote... |
| CVE-2016-9243 | 2017-03-27 | HKDF in cryptography before 1.5.2 returns an empty byte-string if... |
| CVE-2017-6451 | 2017-03-27 | The mx4200_send function in the legacy MX4200 refclock in NTP... |
| CVE-2017-6452 | 2017-03-27 | Stack-based buffer overflow in the Windows installer for NTP before... |
| CVE-2017-6455 | 2017-03-27 | NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI,... |
| CVE-2017-6458 | 2017-03-27 | Multiple buffer overflows in the ctl_put* functions in NTP before... |
| CVE-2017-6459 | 2017-03-27 | The Windows installer for NTP before 4.2.8p10 and 4.3.x before... |
| CVE-2017-6460 | 2017-03-27 | Stack-based buffer overflow in the reslist function in ntpq in... |
| CVE-2017-6462 | 2017-03-27 | Buffer overflow in the legacy Datum Programmable Time Server (DPTS)... |
| CVE-2017-6463 | 2017-03-27 | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated... |
| CVE-2017-6464 | 2017-03-27 | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers... |
| CVE-2017-6542 | 2017-03-27 | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers... |
| CVE-2017-7183 | 2017-03-27 | The TFTP server in ExtraPuTTY 0.30 and earlier allows remote... |
| CVE-2017-7191 | 2017-03-27 | The netjoin processing in Irssi 1.x before 1.0.2 allows attackers... |
| CVE-2017-7271 | 2017-03-27 | Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11,... |
| CVE-2017-7272 | 2017-03-27 | PHP through 7.1.11 enables potential SSRF in applications that accept... |
| CVE-2017-7273 | 2017-03-27 | The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2... |
| CVE-2017-7274 | 2017-03-27 | The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote... |
| CVE-2016-9252 | 2017-03-27 | The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4... |
| CVE-2017-7275 | 2017-03-27 | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote... |
| CVE-2017-5237 | 2017-03-27 | Due to a lack of authentication, an unauthenticated user who... |
| CVE-2017-5238 | 2017-03-27 | Due to a lack of bounds checking, several input configuration... |
| CVE-2017-5239 | 2017-03-27 | Due to a lack of standard encryption when transmitting sensitive... |
| CVE-2016-6056 | 2017-03-27 | IBM Call Center for Commerce 9.3 and 9.4 is vulnerable... |
| CVE-2016-6102 | 2017-03-27 | IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive... |
| CVE-2016-8960 | 2017-03-27 | IBM Cognos Business Intelligence 10.2 could allow a user with... |
| CVE-2016-9737 | 2017-03-27 | IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site... |
| CVE-2017-1120 | 2017-03-27 | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site... |
| CVE-2017-1142 | 2017-03-27 | IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could... |
| CVE-2017-1143 | 2017-03-27 | IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could... |
| CVE-2017-1153 | 2017-03-27 | IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability... |
| CVE-2017-6964 | 2017-03-28 | dmcrypt-get-device, as shipped in the eject package of Debian and... |
| CVE-2016-9121 | 2017-03-28 | go-jose before 1.0.4 suffers from an invalid curve attack for... |
| CVE-2016-9122 | 2017-03-28 | go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose... |
| CVE-2016-9123 | 2017-03-28 | go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on... |
| CVE-2016-9124 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive... |
| CVE-2016-9125 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from session fixation, by allowing... |
| CVE-2016-9126 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are... |
| CVE-2016-9127 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF).... |
| CVE-2016-9128 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate-preview.php... |
| CVE-2016-9129 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy.... |
| CVE-2016-9130 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector... |
| CVE-2016-9454 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector... |
| CVE-2016-9455 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF).... |
| CVE-2016-9456 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF).... |
| CVE-2016-9457 | 2017-03-28 | Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is... |
| CVE-2016-9459 | 2017-03-28 | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are... |
| CVE-2016-9460 | 2017-03-28 | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are... |
| CVE-2016-9461 | 2017-03-28 | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are... |
| CVE-2016-9462 | 2017-03-28 | Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are... |
| CVE-2016-9463 | 2017-03-28 | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before... |
| CVE-2016-9464 | 2017-03-28 | Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper... |
| CVE-2016-9465 | 2017-03-28 | Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and... |
| CVE-2016-9466 | 2017-03-28 | Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and... |
| CVE-2016-9467 | 2017-03-28 | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before... |
| CVE-2016-9468 | 2017-03-28 | Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before... |
| CVE-2016-9469 | 2017-03-28 | Multiple versions of GitLab expose a dangerous method to any... |
| CVE-2016-9470 | 2017-03-28 | Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File... |
| CVE-2016-9471 | 2017-03-28 | Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element... |
| CVE-2016-9472 | 2017-03-28 | Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS.... |
| CVE-2016-9473 | 2017-03-28 | Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56... |
| CVE-2017-0881 | 2017-03-28 | An error in the implementation of an autosubscribe feature in... |
| CVE-2017-0882 | 2017-03-28 | Multiple versions of GitLab expose sensitive user credentials when assigning... |
| CVE-2017-7277 | 2017-03-28 | The TCP stack in the Linux kernel through 4.10.6 mishandles... |
| CVE-2016-10152 | 2017-03-28 | The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back... |
| CVE-2016-8884 | 2017-03-28 | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote... |
| CVE-2014-6440 | 2017-03-28 | VideoLAN VLC media player before 2.1.5 allows remote attackers to... |
| CVE-2016-8031 | 2017-03-28 | Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE)... |
| CVE-2016-8749 | 2017-03-28 | Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to... |
| CVE-2016-6807 | 2017-03-28 | Custom commands may be executed on Ambari Agent (2.4.x, before... |
| CVE-2017-5226 | 2017-03-29 | When executing a program via the bubblewrap sandbox, the nonpriv... |
| CVE-2017-7297 | 2017-03-29 | Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users... |
| CVE-2017-2686 | 2017-03-29 | Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that... |
| CVE-2017-2687 | 2017-03-29 | Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in... |
| CVE-2017-2688 | 2017-03-29 | The integrated web server in Siemens RUGGEDCOM ROX I (all... |
| CVE-2017-2689 | 2017-03-29 | Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user... |
| CVE-2017-6864 | 2017-03-29 | The integrated web server in Siemens RUGGEDCOM ROX I (all... |
| CVE-2017-7294 | 2017-03-29 | The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through... |
| CVE-2017-7298 | 2017-03-29 | In Moodle 3.2.2+, there is XSS in the Course summary... |
| CVE-2009-5147 | 2017-03-29 | DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel... |
| CVE-2015-4556 | 2017-03-29 | The string-translate* procedure in the data-structures unit in CHICKEN before... |