| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
401 |
CVE-2017-5672 |
200 |
|
+Info |
2017-04-11 |
2017-04-17 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request. |
|
402 |
CVE-2017-5670 |
200 |
|
+Info |
2017-04-04 |
2017-05-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks. |
|
403 |
CVE-2017-5662 |
611 |
|
DoS |
2017-04-18 |
2020-10-20 |
7.9 |
None |
Remote |
Medium |
??? |
Complete |
None |
Complete |
|
In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack. |
|
404 |
CVE-2017-5661 |
611 |
|
DoS |
2017-04-18 |
2021-07-22 |
7.9 |
None |
Remote |
Medium |
??? |
Complete |
None |
Complete |
|
In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack. |
|
405 |
CVE-2017-5659 |
20 |
|
|
2017-04-17 |
2017-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding. |
|
406 |
CVE-2017-5656 |
384 |
|
|
2017-04-18 |
2021-06-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user. |
|
407 |
CVE-2017-5653 |
295 |
|
|
2017-04-18 |
2021-06-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers. |
|
408 |
CVE-2017-5651 |
|
|
|
2017-04-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up. |
|
409 |
CVE-2017-5650 |
404 |
|
|
2017-04-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads. |
|
410 |
CVE-2017-5649 |
200 |
|
+Info |
2017-04-04 |
2017-04-11 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the cluster. |
|
411 |
CVE-2017-5648 |
668 |
|
|
2017-04-17 |
2020-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. |
|
412 |
CVE-2017-5647 |
200 |
|
+Info |
2017-04-17 |
2019-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. |
|
413 |
CVE-2017-5645 |
502 |
|
Exec Code |
2017-04-17 |
2022-04-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. |
|
414 |
CVE-2017-5642 |
276 |
|
|
2017-04-03 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs. |
|
415 |
CVE-2017-5625 |
476 |
|
|
2017-04-25 |
2017-05-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command. |
|
416 |
CVE-2017-5607 |
200 |
|
+Info |
2017-04-10 |
2019-03-20 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage. |
|
417 |
CVE-2017-5191 |
79 |
|
XSS |
2017-04-24 |
2017-05-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 and 4.3 exists because Access Gateway Error pages do not validate the HTTP Referer header. |
|
418 |
CVE-2017-5190 |
200 |
|
+Info |
2017-04-20 |
2017-07-11 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile. |
|
419 |
CVE-2017-5186 |
327 |
|
|
2017-04-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate. |
|
420 |
CVE-2017-5183 |
79 |
|
XSS |
2017-04-20 |
2017-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document. |
|
421 |
CVE-2017-5160 |
326 |
|
|
2017-04-20 |
2021-08-31 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly. |
|
422 |
CVE-2017-5158 |
200 |
|
+Info |
2017-04-20 |
2021-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified. |
|
423 |
CVE-2017-5156 |
352 |
|
CSRF |
2017-04-20 |
2021-09-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the currently logged in user. |
|
424 |
CVE-2017-5135 |
|
|
Bypass |
2017-04-27 |
2019-10-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability. |
|
425 |
CVE-2017-5051 |
190 |
|
Overflow |
2017-04-25 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
426 |
CVE-2017-5050 |
190 |
|
Overflow |
2017-04-25 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
427 |
CVE-2017-5049 |
190 |
|
Overflow |
2017-04-25 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
428 |
CVE-2017-5048 |
190 |
|
Overflow |
2017-04-25 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
429 |
CVE-2017-5047 |
190 |
|
Overflow |
2017-04-25 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
430 |
CVE-2017-5046 |
|
|
|
2017-04-24 |
2022-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure. |
|
431 |
CVE-2017-5045 |
79 |
|
XSS |
2017-04-24 |
2022-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page. |
|
432 |
CVE-2017-5044 |
787 |
|
Overflow |
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
|
433 |
CVE-2017-5043 |
416 |
|
|
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. |
|
434 |
CVE-2017-5042 |
311 |
|
|
2017-04-24 |
2022-04-22 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. |
|
435 |
CVE-2017-5041 |
20 |
|
|
2017-04-24 |
2018-01-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page. |
|
436 |
CVE-2017-5040 |
|
|
|
2017-04-24 |
2022-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page. |
|
437 |
CVE-2017-5039 |
416 |
|
|
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
|
438 |
CVE-2017-5038 |
416 |
|
|
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. |
|
439 |
CVE-2017-5037 |
190 |
|
Overflow |
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. |
|
440 |
CVE-2017-5036 |
416 |
|
|
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file. |
|
441 |
CVE-2017-5035 |
362 |
|
|
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. |
|
442 |
CVE-2017-5034 |
416 |
|
|
2017-04-24 |
2018-01-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. |
|
443 |
CVE-2017-5033 |
281 |
|
Bypass |
2017-04-24 |
2022-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. |
|
444 |
CVE-2017-5032 |
787 |
|
|
2017-04-24 |
2018-01-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
|
445 |
CVE-2017-5031 |
416 |
|
|
2017-04-24 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
|
446 |
CVE-2017-5030 |
125 |
|
Exec Code |
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page. |
|
447 |
CVE-2017-5029 |
787 |
|
Overflow |
2017-04-24 |
2022-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. |
|
448 |
CVE-2017-4969 |
|
|
|
2017-04-20 |
2019-10-03 |
6.8 |
None |
Remote |
Low |
??? |
None |
None |
Complete |
|
The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks. |
|
449 |
CVE-2017-4964 |
94 |
|
Exec Code |
2017-04-06 |
2021-05-27 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a maliciously crafted stemcell to execute arbitrary code on VMs created by the director, aka a "CPI code injection vulnerability." |
|
450 |
CVE-2017-3889 |
20 |
|
|
2017-04-07 |
2017-04-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc60123. Known Affected Releases: 5.1.0-015. |
