Export limit exceeded: 346170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346170 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6049 | 1 3m | 1 Detcon Sitewatch Gateway | 2024-11-21 | N/A |
| Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL. | ||||
| CVE-2017-6047 | 1 3m | 1 Detcon Sitewatch Gateway | 2024-11-21 | N/A |
| Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication. | ||||
| CVE-2017-6021 | 2 Aveva, Schneider-electric | 2 Clearscada, Clearscada | 2024-11-21 | N/A |
| In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | ||||
| CVE-2017-6020 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | N/A |
| Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level. | ||||
| CVE-2017-6015 | 1 Rockwellautomation | 1 Factorytalk Activation | 2024-11-21 | N/A |
| Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later. | ||||
| CVE-2017-5984 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read. | ||||
| CVE-2017-5971 | 1 Newsbee Project | 1 Newsbee | 2024-11-21 | N/A |
| SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands. | ||||
| CVE-2017-5947 | 1 Oneplus | 7 Oneplus 2, Oneplus 3, Oneplus 3t and 4 more | 2024-11-21 | 6.8 Medium |
| An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading partitions such as the Android Bootloader. | ||||
| CVE-2017-5934 | 4 Canonical, Debian, Moinmo and 1 more | 4 Ubuntu Linux, Debian Linux, Moinmoin and 1 more | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2017-5871 | 1 Odoo | 1 Odoo | 2024-11-21 | N/A |
| Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote). | ||||
| CVE-2017-5864 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-5863 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. | ||||
| CVE-2017-5829 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5828 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5827 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5826 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5825 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5824 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5823 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | ||||
| CVE-2017-5822 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | ||||