Export limit exceeded: 24693 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24693 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17798 | 1 Tgsoft | 1 Vir.it Explorer | 2025-04-20 | N/A |
| In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273A0A0, a different vulnerability than CVE-2017-17800. | ||||
| CVE-2017-17797 | 1 Ikarussecurity | 1 Anti.virus | 2025-04-20 | N/A |
| In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000058. | ||||
| CVE-2017-17796 | 1 Tgsoft | 1 Vir.it Explorer Lite | 2025-04-20 | N/A |
| In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x827300A4. | ||||
| CVE-2017-17795 | 1 Ikarussecurity | 1 Anti.virus | 2025-04-20 | N/A |
| In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000088. | ||||
| CVE-2017-17776 | 1 Paid To Read Script Project | 1 Paid To Read Script | 2025-04-20 | N/A |
| Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter. | ||||
| CVE-2014-9678 | 1 Flowpaper | 1 Flexpaper | 2025-04-20 | N/A |
| FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter. | ||||
| CVE-2015-7852 | 5 Debian, Netapp, Ntp and 2 more | 15 Debian Linux, Clustered Data Ontap, Data Ontap and 12 more | 2025-04-20 | 5.9 Medium |
| ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | ||||
| CVE-2017-17735 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-20 | N/A |
| CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. | ||||
| CVE-2017-17692 | 1 Samsung | 1 Internet Browser | 2025-04-20 | N/A |
| Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property. | ||||
| CVE-2017-17734 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-20 | N/A |
| CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. | ||||
| CVE-2017-17556 | 1 Hp | 1 Synaptics Touchpad Driver | 2025-04-20 | N/A |
| A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys. | ||||
| CVE-2017-16951 | 1 Audiovalley | 1 Winamp Pro | 2025-04-20 | 5.5 Medium |
| Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file. | ||||
| CVE-2017-16952 | 1 Kmplayer | 1 Kmplayer | 2025-04-20 | N/A |
| KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. | ||||
| CVE-2017-16837 | 1 Trusted Boot Project | 1 Trusted Boot | 2025-04-20 | N/A |
| Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers. | ||||
| CVE-2016-0307 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
| IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses. | ||||
| CVE-2016-0297 | 1 Ibm | 1 Bigfix Platform | 2025-04-20 | N/A |
| IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques. | ||||
| CVE-2014-9692 | 1 Huawei | 64 Tecal Bh620 V2, Tecal Bh620 V2 Firmware, Tecal Bh621 V2 and 61 more | 2025-04-20 | N/A |
| Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow attackers to figure out the RMCP+ session IDs of users and access the system with forged identities. | ||||
| CVE-2016-0203 | 1 Ibm | 2 Cloud Orchestrator, Smartcloud Orchestrator | 2025-04-20 | N/A |
| A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to. | ||||
| CVE-2016-0210 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response. | ||||
| CVE-2016-0270 | 1 Ibm | 3 Client Application Access, Domino, Notes | 2025-04-20 | N/A |
| IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue. | ||||