Search Results (26229 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-2540 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVE-2017-2550 1 Kubik-rubik 1 Easy Joomla Backup 2025-04-20 N/A
Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable filename.
CVE-2017-2576 1 Moodle 1 Moodle 2025-04-20 N/A
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
CVE-2017-3154 1 Apache 1 Atlas 2025-04-20 N/A
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.
CVE-2017-2642 1 Moodle 1 Moodle 2025-04-20 N/A
Moodle 3.x has user fullname disclosure on the user preferences page.
CVE-2017-2643 1 Moodle 1 Moodle 2025-04-20 N/A
In Moodle 3.2.x, global search displays user names for unauthenticated users.
CVE-2017-2686 1 Siemens 1 Ruggedcom Rox I 2025-04-20 N/A
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.
CVE-2017-2715 1 Huawei 1 Files 2025-04-20 N/A
The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak.
CVE-2017-2730 2 Apple, Huawei 3 Iphone Os, Hilink, Tech Support 2025-04-20 N/A
HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version.
CVE-2017-2731 1 Huawei 2 P9 Plus, P9 Plus Firmware 2025-04-20 N/A
The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone vibrator service interface to crash the system.
CVE-2017-2732 1 Huawei 1 Hilink 2025-04-20 N/A
Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious application and application can access Hilink APP data.
CVE-2017-2733 1 Huawei 2 Honor 6x, Honor 6x Firmware 2025-04-20 N/A
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN.
CVE-2017-7131 1 Apple 1 Iphone Os 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app.
CVE-2017-3087 1 Adobe 1 Captivate 2025-04-20 N/A
Adobe Captivate versions 9 and earlier have an information disclosure vulnerability resulting from abuse of the quiz reporting feature in Captivate.
CVE-2017-3098 1 Adobe 1 Captivate 2025-04-20 N/A
Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server.
CVE-2017-3107 1 Adobe 1 Experience Manager 2025-04-20 N/A
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability.
CVE-2017-3130 1 Fortinet 1 Fortios 2025-04-20 N/A
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.
CVE-2017-3134 1 Fortinet 1 Fortiwlc-sd 2025-04-20 N/A
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command 'copy running-config'.
CVE-2017-3841 1 Cisco 1 Secure Access Control System 2025-04-20 N/A
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. Known Affected Releases: 5.8(2.5).
CVE-2017-3556 1 Oracle 1 Application Object Library 2025-04-20 N/A
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: File Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).