CVE List - 2017 / April
Showing 1 - 100 of 1568 CVEs for April 2017 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-7389 | 2017-04-01 | Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute... |
| CVE-2017-7390 | 2017-04-01 | A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/template/pw_forgot.php' URL. An attacker could execute arbitrary... |
| CVE-2017-7391 | 2017-04-01 | A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. An attacker could execute arbitrary... |
| CVE-2017-7392 | 2017-04-01 | In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. |
| CVE-2017-7393 | 2017-04-01 | In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. |
| CVE-2017-7394 | 2017-04-01 | In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames. |
| CVE-2017-7395 | 2017-04-01 | In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. |
| CVE-2017-7396 | 2017-04-01 | In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. |
| CVE-2016-7585 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover... |
| CVE-2017-2367 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2376 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof... |
| CVE-2017-2377 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to... |
| CVE-2017-2378 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the "WebKit" component. It allows remote... |
| CVE-2017-2379 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2380 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol (SCEP) implementation in the "Profiles" component. It allows remote... |
| CVE-2017-2381 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership... |
| CVE-2017-2382 | 2017-04-02 | An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the "Wiki Server" component. It allows remote attackers to enumerate user accounts via... |
| CVE-2017-2383 | 2017-04-02 | An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the... |
| CVE-2017-2384 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local... |
| CVE-2017-2385 | 2017-04-02 | An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows local users to obtain access to locked... |
| CVE-2017-2386 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2388 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer... |
| CVE-2017-2389 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof... |
| CVE-2017-2390 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2391 | 2017-04-02 | An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before... |
| CVE-2017-2392 | 2017-04-02 | An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial... |
| CVE-2017-2393 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Safari Reader" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks... |
| CVE-2017-2394 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2395 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2396 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2397 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Accounts" component. It allows physically proximate attackers to discover an Apple ID by... |
| CVE-2017-2398 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary... |
| CVE-2017-2399 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging... |
| CVE-2017-2400 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "SafariViewController" component. It allows attackers to obtain sensitive information by leveraging the SafariViewController's... |
| CVE-2017-2401 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2402 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has... |
| CVE-2017-2403 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via... |
| CVE-2017-2404 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary... |
| CVE-2017-2405 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers... |
| CVE-2017-2406 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2407 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2408 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOATAFamily" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2409 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial... |
| CVE-2017-2410 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2412 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream... |
| CVE-2017-2413 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a... |
| CVE-2017-2414 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "DataAccess" component. It allows remote attackers to access Exchange traffic in opportunistic circumstances... |
| CVE-2017-2415 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2416 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2417 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2418 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the... |
| CVE-2017-2419 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass... |
| CVE-2017-2420 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2421 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleGraphicsPowerManagement" component. A race condition allows attackers to execute arbitrary code in a... |
| CVE-2017-2422 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2423 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass... |
| CVE-2017-2424 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves mishandling of OpenGL shaders in the "WebKit" component. It... |
| CVE-2017-2425 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code... |
| CVE-2017-2426 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files... |
| CVE-2017-2427 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2428 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2429 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "FinderKit" component. It allows remote attackers to bypass intended access restrictions in opportunistic... |
| CVE-2017-2430 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2431 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "CoreMedia" component. It allows remote attackers to execute arbitrary code or cause a... |
| CVE-2017-2432 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2433 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute... |
| CVE-2017-2434 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the... |
| CVE-2017-2435 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2436 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2437 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial... |
| CVE-2017-2438 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2439 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2440 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2441 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2442 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers... |
| CVE-2017-2443 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a... |
| CVE-2017-2444 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2445 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2446 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2447 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2448 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It... |
| CVE-2017-2449 | 2017-04-02 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context... |
| CVE-2017-2450 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2451 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2452 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to read text messages on the... |
| CVE-2017-2453 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof... |
| CVE-2017-2454 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2455 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2456 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2457 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute... |
| CVE-2017-2458 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2459 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2460 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2461 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2462 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |
| CVE-2017-2463 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows... |
| CVE-2017-2464 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2465 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2466 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It... |
| CVE-2017-2467 | 2017-04-02 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue... |