CVE List - 2017 / April
Showing 201 - 300 of 1568 CVEs for April 2017 (Page 3 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-5950 | 2017-04-03 | The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote... |
| CVE-2017-5951 | 2017-04-03 | The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript... |
| CVE-2017-6181 | 2017-04-03 | The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod)... |
| CVE-2017-6194 | 2017-04-03 | The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote... |
| CVE-2017-6441 | 2017-04-03 | The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to... |
| CVE-2017-6448 | 2017-04-03 | The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote... |
| CVE-2017-7378 | 2017-04-03 | The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote... |
| CVE-2017-7379 | 2017-04-03 | The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote... |
| CVE-2017-7380 | 2017-04-03 | The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to... |
| CVE-2017-7381 | 2017-04-03 | The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to... |
| CVE-2017-7382 | 2017-04-03 | The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to... |
| CVE-2017-7383 | 2017-04-03 | The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to... |
| CVE-2016-10312 | 2017-04-03 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.... |
| CVE-2016-10313 | 2017-04-03 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.... |
| CVE-2016-10314 | 2017-04-03 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.... |
| CVE-2016-10315 | 2017-04-03 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.... |
| CVE-2016-10316 | 2017-04-03 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.... |
| CVE-2017-7400 | 2017-04-03 | OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0... |
| CVE-2017-7401 | 2017-04-03 | Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c... |
| CVE-2013-7450 | 2017-04-03 | Pulp before 2.3.0 uses the same the same certificate authority... |
| CVE-2014-1677 | 2017-04-03 | Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to... |
| CVE-2014-3927 | 2017-04-03 | mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute... |
| CVE-2014-3928 | 2017-04-03 | Cougar-LG stores sensitive information under the web root with insufficient... |
| CVE-2014-3929 | 2017-04-03 | The default configuration for Cougar-LG stores sensitive information under the... |
| CVE-2014-3930 | 2017-04-03 | lg.pl in Cistron-LG 1.01 stores sensitive information under the web... |
| CVE-2017-5642 | 2017-04-03 | During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts... |
| CVE-2017-7402 | 2017-04-03 | Pixie 1.0.4 allows remote authenticated users to upload and execute... |
| CVE-2016-10317 | 2017-04-03 | The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript... |
| CVE-2017-7397 | 2017-04-03 | BackBox Linux 4.6 allows remote attackers to cause a denial... |
| CVE-2017-7407 | 2017-04-03 | The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow... |
| CVE-2017-5684 | 2017-04-03 | The BIOS in Intel Compute Stick systems based on 6th... |
| CVE-2017-5685 | 2017-04-03 | The BIOS in Intel NUC systems based on 6th Gen... |
| CVE-2017-5686 | 2017-04-03 | The BIOS in Intel NUC systems based on 6th Gen... |
| CVE-2017-7410 | 2017-04-03 | Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker... |
| CVE-2017-7412 | 2017-04-04 | NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which... |
| CVE-2014-9922 | 2017-04-04 | The eCryptfs subsystem in the Linux kernel before 3.18 allows... |
| CVE-2016-10229 | 2017-04-04 | udp.c in the Linux kernel before 4.5 allows remote attackers... |
| CVE-2017-3204 | 2017-04-04 | The Go SSH library (x/crypto/ssh) by default does not verify... |
| CVE-2017-5683 | 2017-04-04 | Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated... |
| CVE-2017-7228 | 2017-04-04 | An issue (known as XSA-212) was discovered in Xen, with... |
| CVE-2017-7398 | 2017-04-04 | D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request... |
| CVE-2017-7413 | 2017-04-04 | In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail... |
| CVE-2017-7414 | 2017-04-04 | In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail... |
| CVE-2016-10318 | 2017-04-04 | A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c... |
| CVE-2017-5670 | 2017-04-04 | Riverbed RiOS through 9.6.0 deletes the secure vault with the... |
| CVE-2017-7305 | 2017-04-04 | Riverbed RiOS through 9.6.0 does not require a bootloader password,... |
| CVE-2017-7306 | 2017-04-04 | Riverbed RiOS through 9.6.0 has a weak default password for... |
| CVE-2017-7307 | 2017-04-04 | Riverbed RiOS before 9.0.1 does not properly restrict shell access... |
| CVE-2015-1611 | 2017-04-04 | OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers... |
| CVE-2015-1612 | 2017-04-04 | OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers... |
| CVE-2017-0360 | 2017-04-04 | file_open in Tryton 3.x and 4.x through 4.2.2 allows remote... |
| CVE-2017-7233 | 2017-04-04 | Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before... |
| CVE-2017-7234 | 2017-04-04 | A maliciously crafted URL to a Django (1.10 before 1.10.7,... |
| CVE-2017-7418 | 2017-04-04 | ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the... |
| CVE-2016-3740 | 2017-04-04 | Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in... |
| CVE-2016-5870 | 2017-04-04 | The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for... |
| CVE-2017-5649 | 2017-04-04 | Apache Geode before 1.1.1, when a cluster has enabled security... |
| CVE-2017-2671 | 2017-04-05 | The ping_unhash function in net/ipv4/ping.c in the Linux kernel through... |
| CVE-2017-7358 | 2017-04-05 | In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh... |
| CVE-2017-0325 | 2017-04-05 | An elevation of privilege vulnerability in the NVIDIA I2C HID... |
| CVE-2017-0327 | 2017-04-05 | An elevation of privilege vulnerability in the NVIDIA crypto driver... |
| CVE-2017-0328 | 2017-04-05 | An information disclosure vulnerability in the NVIDIA crypto driver could... |
| CVE-2017-0329 | 2017-04-05 | An elevation of privilege vulnerability in the NVIDIA boot and... |
| CVE-2017-0330 | 2017-04-05 | An information disclosure vulnerability in the NVIDIA crypto driver could... |
| CVE-2017-0332 | 2017-04-05 | An elevation of privilege vulnerability in the NVIDIA crypto driver... |
| CVE-2017-0339 | 2017-04-05 | An elevation of privilege vulnerability in the NVIDIA crypto driver... |
| CVE-2017-6956 | 2017-04-05 | On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a... |
| CVE-2017-6975 | 2017-04-05 | Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956... |
| CVE-2016-9091 | 2017-04-05 | Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and... |
| CVE-2017-6338 | 2017-04-05 | Multiple Access Control issues in Trend Micro InterScan Web Security... |
| CVE-2017-6339 | 2017-04-05 | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before... |
| CVE-2017-6340 | 2017-04-05 | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before... |
| CVE-2014-9829 | 2017-04-05 | coders/sun.c in ImageMagick allows remote attackers to cause a denial... |
| CVE-2015-4680 | 2017-04-05 | FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not... |
| CVE-2016-3015 | 2017-04-05 | IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This... |
| CVE-2016-3031 | 2017-04-05 | IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This... |
| CVE-2016-6100 | 2017-04-05 | IBM Disposal and Governance Management for IT and IBM Global... |
| CVE-2017-1180 | 2017-04-05 | The IBM TRIRIGA Document Manager contains a vulnerability that could... |
| CVE-2017-0883 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission... |
| CVE-2017-0884 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation... |
| CVE-2017-0885 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error... |
| CVE-2017-0886 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial... |
| CVE-2017-0887 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass... |
| CVE-2017-0888 | 2017-04-05 | Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing... |
| CVE-2017-7444 | 2017-04-05 | In Veritas System Recovery before 16 SP1, there is a... |
| CVE-2017-7443 | 2017-04-05 | apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response... |
| CVE-2015-9019 | 2017-04-05 | In libxslt 1.1.29 and earlier, the EXSLT math.random function was... |
| CVE-2017-7446 | 2017-04-05 | HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of... |
| CVE-2017-7447 | 2017-04-05 | HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of... |
| CVE-2017-7448 | 2017-04-05 | The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows... |
| CVE-2017-7450 | 2017-04-05 | AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access... |
| CVE-2017-7452 | 2017-04-06 | The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0... |
| CVE-2017-7453 | 2017-04-06 | The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0... |
| CVE-2017-7454 | 2017-04-06 | The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0... |
| CVE-2017-0305 | 2017-04-06 | F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable... |
| CVE-2017-5887 | 2017-04-06 | WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass... |
| CVE-2017-6130 | 2017-04-06 | F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator... |
| CVE-2017-6968 | 2017-04-06 | GMV Checker ATM Security prior to 5.0.18 allows remote authenticated... |
| CVE-2017-7192 | 2017-04-06 | WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass... |
| CVE-2017-2675 | 2017-04-06 | Little Snitch version 3.0 through 3.7.3 suffer from a local... |