Latest CVE Feed
-
6.7
MEDIUMCVE-2017-5704
Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrati... Read more
- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2017-5703
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.... Read more
Affected Products : core_i7-8550u core_i7-8559u core_i7-8650u core_i7-8700 core_i7-8700b core_i7-8700k core_i7-8700t core_i7-8705g core_i7-8706g core_i7-8709g +298 more products- Published: Apr. 03, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-5699
Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.... Read more
- Published: Jan. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-5696
Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.... Read more
Affected Products : graphics_driver- Published: Jan. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-5693
Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic.... Read more
- Published: Jul. 31, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-5692
Out-of-bounds read condition in older versions of some Intel Graphics Driver for Windows code branches allows local users to perform a denial of service attack.... Read more
Affected Products : graphics_driver- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2017-5660
There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.... Read more
- Published: Feb. 27, 2018
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2017-5658
The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bo... Read more
Affected Products : pony_mail- Published: Oct. 04, 2018
- Modified: Nov. 21, 2024
-
6.3
MEDIUMCVE-2017-5536
The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). In addition, an authenticated user c... Read more
Affected Products : datasynapse_gridserver_manager- Published: May. 01, 2018
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2017-5535
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicio... Read more
Affected Products : datasynapse_gridserver_manager- Published: May. 01, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firef... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5471
Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54.... Read more
Affected Products : firefox- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5470
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Fir... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5469
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2017-5468
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox < 53.... Read more
Affected Products : firefox- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2017-5467
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2017-5466
If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) ... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2017-5465
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5464
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ES... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2017-5463
Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating ... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024