CVE List - 2017 / May
Showing 1 - 100 of 1010 CVEs for May 2017 (Page 1 of 11)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-10349 | 2017-05-01 | The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote... |
| CVE-2016-10350 | 2017-05-01 | The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote... |
| CVE-2016-10351 | 2017-05-01 | Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows... |
| CVE-2017-6519 | 2017-05-01 | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to... |
| CVE-2017-6520 | 2017-05-01 | The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30... |
| CVE-2017-8372 | 2017-05-01 | The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b,... |
| CVE-2017-8373 | 2017-05-01 | The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b... |
| CVE-2017-8374 | 2017-05-01 | The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b... |
| CVE-2017-8378 | 2017-05-01 | Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in... |
| CVE-2016-8649 | 2017-05-01 | lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows... |
| CVE-2017-8383 | 2017-05-01 | Craft CMS before 2.6.2976 does not properly restrict viewing the... |
| CVE-2017-8384 | 2017-05-01 | Craft CMS before 2.6.2976 allows XSS attacks because an array... |
| CVE-2017-8385 | 2017-05-01 | Craft CMS before 2.6.2976 does not prevent modification of the... |
| CVE-2017-5631 | 2017-05-01 | An issue was discovered in KMCIS CaseAware. Reflected cross site... |
| CVE-2017-6128 | 2017-05-01 | An attacker may be able to cause a denial-of-service (DoS)... |
| CVE-2017-8376 | 2017-05-01 | GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that... |
| CVE-2017-8377 | 2017-05-01 | GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid... |
| CVE-2017-8388 | 2017-05-01 | GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSG_USER_EMAIL_EXIST... |
| CVE-2017-8392 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8393 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8394 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8395 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8396 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8397 | 2017-05-01 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed... |
| CVE-2017-8398 | 2017-05-01 | dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid... |
| CVE-2017-8399 | 2017-05-01 | PCRE2 before 10.30 has an out-of-bounds write caused by a... |
| CVE-2017-6564 | 2017-05-01 | On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest... |
| CVE-2017-6565 | 2017-05-01 | On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag... |
| CVE-2017-8400 | 2017-05-01 | In SWFTools 0.9.2, an out-of-bounds write of heap data can... |
| CVE-2017-8401 | 2017-05-01 | In SWFTools 0.9.2, an out-of-bounds read of heap data can... |
| CVE-2017-8403 | 2017-05-01 | 360fly 4K cameras allow unauthenticated Wi-Fi password changes and complete... |
| CVE-2015-8257 | 2017-05-02 | The devtools.sh script in AXIS network cameras allows remote authenticated... |
| CVE-2016-10243 | 2017-05-02 | TeX Live allows remote attackers to execute arbitrary commands by... |
| CVE-2016-4442 | 2017-05-02 | The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers... |
| CVE-2016-4467 | 2017-05-02 | The C client and C-based client bindings in the Apache... |
| CVE-2016-5006 | 2017-05-02 | The Cloud Controller in Cloud Foundry before 239 logs user-provided... |
| CVE-2016-5063 | 2017-05-02 | The RSCD agent in BMC Server Automation before 8.6 SP1... |
| CVE-2016-5810 | 2017-05-02 | upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators... |
| CVE-2017-6551 | 2017-05-02 | Pexip Infinity before 14.2 allows remote attackers to cause a... |
| CVE-2017-7440 | 2017-05-02 | Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop... |
| CVE-2017-7483 | 2017-05-02 | Rxvt 2.7.10 is vulnerable to a denial of service attack... |
| CVE-2017-8086 | 2017-05-02 | Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU... |
| CVE-2017-8112 | 2017-05-02 | hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS... |
| CVE-2017-5689 | 2017-05-02 | An unprivileged network attacker could gain system privileges to provisioned... |
| CVE-2017-8418 | 2017-05-02 | RuboCop 0.48.1 and earlier does not use /tmp in safe... |
| CVE-2017-8419 | 2017-05-02 | LAME through 3.99.5 relies on the signed integer data type... |
| CVE-2017-7216 | 2017-05-02 | The Management Web Interface in Palo Alto Networks PAN-OS before... |
| CVE-2017-7476 | 2017-05-02 | Gnulib before 2017-04-26 has a heap-based buffer overflow with the... |
| CVE-2017-8421 | 2017-05-02 | The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD)... |
| CVE-2014-9940 | 2017-05-02 | The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before... |
| CVE-2015-9004 | 2017-05-02 | kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping,... |
| CVE-2017-0331 | 2017-05-02 | An elevation of privilege vulnerability in the NVIDIA video driver... |
| CVE-2017-7428 | 2017-05-03 | NetIQ iManager 3.x before 3.0.3.1 has an issue in the... |
| CVE-2017-7430 | 2017-05-03 | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and... |
| CVE-2017-7431 | 2017-05-03 | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and... |
| CVE-2017-7432 | 2017-05-03 | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and... |
| CVE-2017-8453 | 2017-05-03 | Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an... |
| CVE-2017-8454 | 2017-05-03 | Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an... |
| CVE-2017-8455 | 2017-05-03 | Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an... |
| CVE-2015-9057 | 2017-05-03 | Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior... |
| CVE-2015-9058 | 2017-05-03 | Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix... |
| CVE-2016-10367 | 2017-05-03 | In Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475,... |
| CVE-2016-10368 | 2017-05-03 | Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162300841,... |
| CVE-2017-8458 | 2017-05-03 | Brave 0.12.4 has a URI Obfuscation issue in which a... |
| CVE-2017-8459 | 2017-05-03 | Brave 0.12.4 has a Status Bar Obfuscation issue in which... |
| CVE-2017-5236 | 2017-05-03 | Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060... |
| CVE-2017-5240 | 2017-05-03 | Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain... |
| CVE-2016-0382 | 2017-05-03 | The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal... |
| CVE-2016-2930 | 2017-05-03 | IBM BigFix Remote Control 9.1.3 could allow a remote attacker... |
| CVE-2016-9976 | 2017-05-03 | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow... |
| CVE-2017-7995 | 2017-05-03 | Xen PV guest before Xen 4.3 checked access permissions to... |
| CVE-2017-5481 | 2017-05-03 | Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG... |
| CVE-2017-7229 | 2017-05-03 | PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21)... |
| CVE-2017-6620 | 2017-05-03 | A vulnerability in the remote management access control list (ACL)... |
| CVE-2017-6624 | 2017-05-03 | A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager... |
| CVE-2017-6625 | 2017-05-03 | A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco... |
| CVE-2017-6626 | 2017-05-03 | A vulnerability in the Cisco Finesse Notification Service for Cisco... |
| CVE-2017-6628 | 2017-05-03 | A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area... |
| CVE-2017-6629 | 2017-05-03 | A vulnerability in the ImageID parameter of Cisco Unity Connection... |
| CVE-2017-8762 | 2017-05-03 | GeniXCMS 1.0.2 has XSS triggered by an authenticated user who... |
| CVE-2017-8763 | 2017-05-04 | Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI... |
| CVE-2017-8765 | 2017-05-04 | The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has... |
| CVE-2017-8773 | 2017-05-04 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316,... |
| CVE-2017-8774 | 2017-05-04 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316,... |
| CVE-2017-8775 | 2017-05-04 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316,... |
| CVE-2017-8776 | 2017-05-04 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316,... |
| CVE-2017-4983 | 2017-05-04 | EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and... |
| CVE-2017-8295 | 2017-05-04 | WordPress through 4.7.4 relies on the Host HTTP header for... |
| CVE-2017-8779 | 2017-05-04 | rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3,... |
| CVE-2017-8780 | 2017-05-04 | GeniXCMS 1.0.2 has XSS triggered by a comment that is... |
| CVE-2017-8778 | 2017-05-04 | GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5... |
| CVE-2016-7053 | 2017-05-04 | CMS Null dereference |
| CVE-2016-7054 | 2017-05-04 | ChaCha20/Poly1305 heap-buffer-overflow |
| CVE-2017-3730 | 2017-05-04 | Bad (EC)DHE parameters cause a client crash |
| CVE-2017-3731 | 2017-05-04 | Truncated packet could crash via OOB read |
| CVE-2017-3732 | 2017-05-04 | BN_mod_exp may produce incorrect results on x86_64 |
| CVE-2017-3733 | 2017-05-04 | Encrypt-Then-Mac renegotiation crash |
| CVE-2016-7055 | 2017-05-04 | There is a carry propagating bug in the Broadwell-specific Montgomery... |
| CVE-2017-8768 | 2017-05-04 | Atlassian SourceTree v2.5c and prior are affected by a command... |
| CVE-2017-8786 | 2017-05-05 | pcre2test.c in PCRE2 10.23 allows remote attackers to cause a... |