Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364837 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12892 | 1 Foxitsoftware | 1 Pdf Compressor | 2025-04-20 | 7.8 High |
| Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | ||||
| CVE-2017-1290 | 1 Ibm | 1 Openpages Grc Platform | 2025-04-20 | N/A |
| IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125151. | ||||
| CVE-2017-12900 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-20 | N/A |
| Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). | ||||
| CVE-2017-12904 | 2 Debian, Newsbeuter | 2 Debian Linux, Newsbeuter | 2025-04-20 | N/A |
| Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL. | ||||
| CVE-2017-12905 | 1 Vebto | 1 Pixie - Image Editor | 2025-04-20 | 10.0 Critical |
| Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php. | ||||
| CVE-2017-12906 | 1 Nexusphp Project | 1 Nexusphp | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) cheaters.php or (2) confirm_resend.php. | ||||
| CVE-2017-12907 | 1 Nexusphp Project | 1 Nexusphp | 2025-04-20 | N/A |
| Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url path to usersearch.php. | ||||
| CVE-2017-12908 | 1 Nexusphp Project | 1 Nexusphp | 2025-04-20 | N/A |
| SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | ||||
| CVE-2017-12909 | 1 Nexusphp Project | 1 Nexusphp | 2025-04-20 | N/A |
| SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | ||||
| CVE-2017-1291 | 1 Ibm | 2 Maximo Asset Management, Maximo Asset Management Essentials | 2025-04-20 | N/A |
| IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 125152. | ||||
| CVE-2017-12910 | 1 Nexusphp Project | 1 Nexusphp | 2025-04-20 | N/A |
| SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter. | ||||
| CVE-2017-12911 | 1 Mp3gain | 1 Mp3gain | 2025-04-20 | N/A |
| The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file. | ||||
| CVE-2017-12912 | 1 Mp3gain | 1 Mp3gain | 2025-04-20 | N/A |
| The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file. | ||||
| CVE-2017-12919 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image. | ||||
| CVE-2017-1292 | 1 Ibm | 2 Maximo Asset Management, Maximo Asset Management Essentials | 2025-04-20 | N/A |
| IBM Maximo Asset Management 7.5 and 7.6 generates error messages that could reveal sensitive information that could be used in further attacks against the system. IBM X-Force ID: 125153. | ||||
| CVE-2017-12920 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | ||||
| CVE-2017-12921 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | ||||
| CVE-2017-12922 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | ||||
| CVE-2017-12923 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | ||||
| CVE-2017-12924 | 1 Libfpx Project | 1 Libfpx | 2025-04-20 | N/A |
| CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted fpx image. | ||||