Total
12760 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-0876 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675. | ||||
| CVE-2017-0877 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937. | ||||
| CVE-2017-0878 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291. | ||||
| CVE-2017-1000001 | 1 Fedoraproject | 1 Fedmsg | 2025-04-20 | N/A |
| FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. | ||||
| CVE-2017-1000014 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-20 | N/A |
| phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality | ||||
| CVE-2017-1000039 | 1 Framasoft | 1 Framadate | 2025-04-20 | N/A |
| Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution | ||||
| CVE-2017-1000122 | 1 Webkitgtk | 1 Webkitgtk\+ | 2025-04-20 | N/A |
| The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products. | ||||
| CVE-2017-1000169 | 1 Quickerbb Project | 1 Quickerbb | 2025-04-20 | N/A |
| QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB. | ||||
| CVE-2017-1000189 | 1 Ejs | 1 Ejs | 2025-04-20 | N/A |
| nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile() | ||||
| CVE-2017-1000201 | 2 Redhat, Tcmu-runner Project | 2 Storage, Tcmu-runner | 2025-04-20 | N/A |
| The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack | ||||
| CVE-2017-2368 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. | ||||
| CVE-2017-1000228 | 1 Ejs | 1 Ejs | 2025-04-20 | N/A |
| nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function | ||||
| CVE-2017-1000230 | 1 Snap7 Project | 1 Snap7 Server | 2025-04-20 | N/A |
| The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack. | ||||
| CVE-2017-1000247 | 1 Codeigniter | 1 Codeigniter | 2025-04-20 | N/A |
| British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws. | ||||
| CVE-2017-1000252 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-20 | N/A |
| The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c. | ||||
| CVE-2017-1000365 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.8 High |
| The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23. | ||||
| CVE-2017-1000368 | 2 Redhat, Sudo Project | 3 Enterprise Linux, Rhel Els, Sudo | 2025-04-20 | N/A |
| Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution. | ||||
| CVE-2017-2351 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors. | ||||
| CVE-2017-2345 | 1 Juniper | 1 Junos | 2025-04-20 | N/A |
| On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. Repeated crashes of the snmpd daemon can result in a partial denial of service condition. Additionally, it may be possible to craft a malicious SNMP packet in a way that can result in remote code execution. SNMP is disabled in Junos OS by default. Junos OS devices with SNMP disabled are not affected by this issue. No other Juniper Networks products or platforms are affected by this issue. NOTE: This is a different issue than Cisco CVE-2017-6736, CVE-2017-6737, and CVE-2017-6738. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67; 12.3X48 prior to 12.3X48-D51, 12.3X48-D55; 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R2-S10, 14.1R8-S4, 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D122, 14.1X53-D44, 14.1X53-D50; 14.2 prior to 14.2R4-S9, 14.2R7-S7, 14.2R8; 15.1 prior to 15.1F2-S18, 15.1F6-S7, 15.1R4-S8, 15.1R5-S5, 15.1R6-S1, 15.1R7; 15.1X49 prior to 15.1X49-D100, 15.1X49-D110; 15.1X53 prior to 15.1X53-D231, 15.1X53-D47, 15.1X53-D48, 15.1X53-D57, 15.1X53-D64, 15.1X53-D70; 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R4-S4, 16.1R5; 16.2 prior to 16.2R2, 16.2R3; 17.1 prior to 17.1R1-S3, 17.1R2, 17.1R3; 17.2 prior to 17.2R1-S1, 17.2R2; 17.2X75 prior to 17.2X75-D30. Junos releases prior to 10.2 are not affected. | ||||
| CVE-2017-1001003 | 1 Mathjs Project | 1 Mathjs | 2025-04-20 | N/A |
| math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object. | ||||