Export limit exceeded: 364870 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364870 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-7577 1 Xiongmaitech 1 Uc-httpd 2025-04-20 N/A
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.
CVE-2017-7578 1 Libming 1 Libming 2025-04-20 N/A
Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831.
CVE-2017-7579 1 Phpmyfaq 1 Phpmyfaq 2025-04-20 N/A
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
CVE-2017-7581 1 News System Project 1 News System 2025-04-20 N/A
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
CVE-2017-7583 1 Ilias 1 Ilias 2025-04-20 N/A
ILIAS before 5.2.3 has XSS via SVG documents.
CVE-2017-7584 1 Foxitsoftware 1 Foxit Pdf Toolkit 2025-04-20 N/A
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file.
CVE-2017-7585 1 Libsndfile Project 1 Libsndfile 2025-04-20 N/A
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
CVE-2017-7586 1 Libsndfile Project 1 Libsndfile 2025-04-20 N/A
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
CVE-2017-7588 1 Brother 33 Ads-1000w, Ads-1500w, Ads-2500w and 30 more 2025-04-20 N/A
On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W.
CVE-2017-7589 1 Openidm Project 1 Openidm 2025-04-20 N/A
In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in bin/defaults/script/info/login.js.
CVE-2017-7590 1 Openidm Project 1 Openidm 2025-04-20 N/A
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name.
CVE-2017-7591 1 Openidm Project 1 Openidm 2025-04-20 N/A
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.
CVE-2017-7592 1 Libtiff 1 Libtiff 2025-04-20 N/A
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7593 1 Libtiff 1 Libtiff 2025-04-20 N/A
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.
CVE-2017-7596 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7597 1 Libtiff 1 Libtiff 2025-04-20 N/A
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7598 1 Libtiff 1 Libtiff 2025-04-20 N/A
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
CVE-2017-7599 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7600 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7601 1 Libtiff 1 Libtiff 2025-04-20 N/A
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.