| Max CVSS | 9.3 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-5547 | 7.2 |
drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other imp
|
10-02-2023 - 00:54 | 06-02-2017 - 06:59 | |
| CVE-2017-5544 | 7.1 |
An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login ti
|
09-09-2021 - 01:23 | 23-01-2017 - 07:59 | |
| CVE-2017-5545 | 6.4 |
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
|
02-04-2020 - 10:15 | 21-01-2017 - 01:59 | |
| CVE-2017-5539 | 9.0 |
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on th
|
03-10-2019 - 00:03 | 23-01-2017 - 07:59 | |
| CVE-2017-5563 | 6.8 |
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
|
03-10-2019 - 00:03 | 23-01-2017 - 07:59 | |
| CVE-2017-5554 | 9.3 |
An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. The attacker can reboot the device into the fastboot mode, which could be done without any authentication. A physical attacker can press the "Volume Up" button during device
|
03-10-2019 - 00:03 | 23-01-2017 - 07:59 | |
| CVE-2006-4219 | 7.5 |
The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN
|
17-10-2018 - 21:34 | 18-08-2006 - 19:04 | |
| CVE-2004-0003 | 4.6 |
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
|
11-10-2017 - 01:29 | 03-03-2004 - 05:00 | |
| CVE-2014-6238 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB Folderdownload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2017-5575 | 7.5 |
SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the modules parameter.
|
26-01-2017 - 18:14 | 23-01-2017 - 07:59 | |
| CVE-2017-5553 | 3.5 |
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL.
|
26-01-2017 - 15:01 | 23-01-2017 - 07:59 | |
| CVE-2017-5574 | 7.5 |
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter.
|
26-01-2017 - 14:45 | 23-01-2017 - 07:59 |