CVE List - 2017 / April
Showing 1401 - 1500 of 1568 CVEs for April 2017 (Page 15 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-7984 | 2017-04-25 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering... |
| CVE-2017-7985 | 2017-04-25 | In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering... |
| CVE-2017-7986 | 2017-04-25 | In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering... |
| CVE-2017-7987 | 2017-04-25 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping... |
| CVE-2017-7988 | 2017-04-25 | In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering... |
| CVE-2017-7989 | 2017-04-25 | In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME... |
| CVE-2017-8057 | 2017-04-25 | In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files... |
| CVE-2017-3342 | 2017-04-25 | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite... |
| CVE-2017-3345 | 2017-04-25 | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite... |
| CVE-2017-3347 | 2017-04-25 | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite... |
| CVE-2017-3355 | 2017-04-25 | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite... |
| CVE-2017-3356 | 2017-04-25 | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite... |
| CVE-2017-3434 | 2017-04-25 | Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business... |
| CVE-2017-8115 | 2017-04-25 | Directory traversal in setup/processors/url_search.php (aka the search page of an... |
| CVE-2017-8217 | 2017-04-25 | TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0... |
| CVE-2017-8218 | 2017-04-25 | vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1... |
| CVE-2017-8219 | 2017-04-25 | TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0... |
| CVE-2017-8220 | 2017-04-25 | TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0... |
| CVE-2017-8221 | 2017-04-25 | Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext... |
| CVE-2017-8222 | 2017-04-25 | Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production... |
| CVE-2017-8223 | 2017-04-25 | On Wireless IP Camera (P2P) WIFICAM devices, an attacker can... |
| CVE-2017-8224 | 2017-04-25 | Wireless IP Camera (P2P) WIFICAM devices have a backdoor root... |
| CVE-2017-8225 | 2017-04-25 | On Wireless IP Camera (P2P) WIFICAM devices, access to .ini... |
| CVE-2017-7293 | 2017-04-26 | The Dolby DAX2 and DAX3 API services are vulnerable to... |
| CVE-2017-8283 | 2017-04-26 | dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use... |
| CVE-2017-6052 | 2017-04-26 | A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue... |
| CVE-2017-6054 | 2017-04-26 | A Use of Hard-Coded Cryptographic Key issue was discovered in... |
| CVE-2017-7720 | 2017-04-26 | Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers... |
| CVE-2017-8284 | 2017-04-26 | The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when... |
| CVE-2016-8924 | 2017-04-26 | IBM Maximo Asset Management 7.1, 7.5 and 7.6 could allow... |
| CVE-2016-8962 | 2017-04-26 | IBM BigFix Inventory 9.2 does not require that users should... |
| CVE-2017-1170 | 2017-04-26 | IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 8.0 could... |
| CVE-2017-3161 | 2017-04-26 | The HDFS web UI in Apache Hadoop before 2.7.0 is... |
| CVE-2017-3162 | 2017-04-26 | HDFS clients interact with a servlet on the DataNode to... |
| CVE-2017-6035 | 2017-04-27 | A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies... |
| CVE-2017-6037 | 2017-04-27 | A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies... |
| CVE-2017-8287 | 2017-04-27 | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by... |
| CVE-2017-8288 | 2017-04-27 | gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload,... |
| CVE-2017-8289 | 2017-04-27 | Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in... |
| CVE-2017-8291 | 2017-04-27 | Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command... |
| CVE-2017-7415 | 2017-04-27 | Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass... |
| CVE-2017-3008 | 2017-04-27 | Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update... |
| CVE-2017-5186 | 2017-04-27 | Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x... |
| CVE-2017-8294 | 2017-04-27 | libyara/re.c in the regex component in YARA 3.5.0 allows remote... |
| CVE-2017-3066 | 2017-04-27 | Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update... |
| CVE-2017-5135 | 2017-04-27 | Certain Technicolor devices have an SNMP access-control bypass, possibly involving... |
| CVE-2017-8296 | 2017-04-27 | kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history... |
| CVE-2017-8297 | 2017-04-27 | A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting... |
| CVE-2017-8298 | 2017-04-27 | cnvs.io Canvas 3.3.0 has XSS in the title and content... |
| CVE-2017-8301 | 2017-04-27 | LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result... |
| CVE-2017-8302 | 2017-04-27 | Mura CMS 7.0.6967 allows admin/?muraAction= XSS attacks, related to admin/core/views/carch/list.cfm,... |
| CVE-2017-8307 | 2017-04-27 | In Avast Antivirus before v17, using the LPC interface API... |
| CVE-2017-8308 | 2017-04-27 | In Avast Antivirus before v17, an unprivileged user (and thus... |
| CVE-2017-8305 | 2017-04-27 | The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer... |
| CVE-2017-7895 | 2017-04-28 | The NFSv2 and NFSv3 server implementations in the Linux kernel... |
| CVE-2016-7815 | 2017-04-28 | Remote Service Manager 3.0.0 to 3.1.4 fails to verify client... |
| CVE-2016-7839 | 2017-04-28 | Cross-site scripting vulnerability in Olive Blog allows remote attackers to... |
| CVE-2016-7840 | 2017-04-28 | Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to... |
| CVE-2016-7841 | 2017-04-28 | Cross-site scripting vulnerability in Olive Diary DX allows remote attackers... |
| CVE-2016-7842 | 2017-04-28 | Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4... |
| CVE-2016-7843 | 2017-04-28 | Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier,... |
| CVE-2017-2090 | 2017-04-28 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows... |
| CVE-2017-2091 | 2017-04-28 | Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to... |
| CVE-2017-2092 | 2017-04-28 | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows... |
| CVE-2017-2093 | 2017-04-28 | Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain... |
| CVE-2017-2094 | 2017-04-28 | Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to... |
| CVE-2017-2095 | 2017-04-28 | Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to... |
| CVE-2017-2096 | 2017-04-28 | smalruby-editor v0.4.0 and earlier allows remote attackers to execute arbitrary... |
| CVE-2017-2097 | 2017-04-28 | Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to... |
| CVE-2017-2098 | 2017-04-28 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows... |
| CVE-2017-2099 | 2017-04-28 | Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and... |
| CVE-2017-2100 | 2017-04-28 | Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and... |
| CVE-2017-2101 | 2017-04-28 | Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and... |
| CVE-2017-2102 | 2017-04-28 | Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool... |
| CVE-2017-2103 | 2017-04-28 | The LaLa Call App for Android 2.4.7 and earlier does... |
| CVE-2017-2104 | 2017-04-28 | The Business LaLa Call App for Android 1.4.7 and earlier... |
| CVE-2017-2105 | 2017-04-28 | The TVer App for Android 3.2.7 and earlier does not... |
| CVE-2017-2106 | 2017-04-28 | Multiple cross-site scripting vulnerabilities in Webmin versions prior to 1.830... |
| CVE-2017-2107 | 2017-04-28 | Untrusted search path vulnerability in Self-extracting archive files created by... |
| CVE-2017-2108 | 2017-04-28 | Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and... |
| CVE-2017-2109 | 2017-04-28 | Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers... |
| CVE-2017-2110 | 2017-04-28 | The Access CX App for Android prior to 2.0.0.1 and... |
| CVE-2017-2111 | 2017-04-28 | HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and... |
| CVE-2017-2112 | 2017-04-28 | TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00,... |
| CVE-2017-2113 | 2017-04-28 | Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2... |
| CVE-2017-2114 | 2017-04-28 | Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows... |
| CVE-2017-2115 | 2017-04-28 | Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to... |
| CVE-2017-2116 | 2017-04-28 | Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to... |
| CVE-2017-2117 | 2017-04-28 | Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows... |
| CVE-2017-2118 | 2017-04-28 | Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier allows... |
| CVE-2017-2119 | 2017-04-28 | Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier allows... |
| CVE-2017-2120 | 2017-04-28 | SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier... |
| CVE-2017-2123 | 2017-04-28 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and... |
| CVE-2017-2124 | 2017-04-28 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and... |
| CVE-2017-2125 | 2017-04-28 | Privilege escalation vulnerability in CentreCOM AR260S V2 remote authenticated attackers... |
| CVE-2017-2127 | 2017-04-28 | Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1... |
| CVE-2017-2128 | 2017-04-28 | Security guide for website operators allows remote attackers to execute... |
| CVE-2017-2130 | 2017-04-28 | Untrusted search path vulnerability in the installer of PhishWall Client... |
| CVE-2017-2134 | 2017-04-28 | Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows remote... |
| CVE-2017-2135 | 2017-04-28 | Cross-site scripting vulnerability in WP Statistics version 12.0.1 and earlier... |