Export limit exceeded: 363719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17988 1 Muslim Matrimonial Script Project 1 Muslim Matrimonial Script 2025-04-20 N/A
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter.
CVE-2017-17989 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVE-2017-17997 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 N/A
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
CVE-2017-17991 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVE-2017-17992 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
CVE-2017-17993 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVE-2017-17994 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVE-2017-17995 1 Iwcnetwork 1 Biometric Shift Employee Management System 2025-04-20 N/A
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
CVE-2017-18001 1 Trustwave 1 Secure Web Gateway 2025-04-20 N/A
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
CVE-2017-18005 3 Debian, Exiv2, Redhat 3 Debian Linux, Exiv2, Enterprise Linux 2025-04-20 5.5 Medium
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.
CVE-2017-18006 1 Extensis 1 Portfolio Netpublish 2025-04-20 N/A
netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
CVE-2017-2090 1 Cubecart 1 Cubecart 2025-04-20 N/A
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2017-2091 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors.
CVE-2017-2092 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-2093 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens used for CSRF protection via unspecified vectors.
CVE-2017-2094 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.
CVE-2017-2095 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.
CVE-2017-2096 1 Smalruby 1 Smalruby-editor 2025-04-20 9.8 Critical
smalruby-editor v0.4.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2017-2097 1 Support-project 1 Knowledge 2025-04-20 8.8 High
Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to v1.7.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2017-2098 1 Cubecart 1 Cubecart 2025-04-20 N/A
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.