Latest CVE Feed
-
6.3
MEDIUMCVE-2017-7936
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7899
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
7.3
HIGHCVE-2017-7965
A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.... Read more
- Published: Jun. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protect... Read more
Affected Products : multilin_sr_750_feeder_protection_relay_firmware multilin_sr_760_feeder_protection_relay_firmware multilin_sr_469_motor_protection_relay_firmware multilin_sr_489_generator_protection_relay_firmware multilin_sr_745_transformer_protection_relay_firmware multilin_sr_369_motor_protection_relay_firmware multilin_universal_relay_firmware multilin_urplus_d90_firmware multilin_urplus_c90_firmware multilin_urplus_b95_firmware +10 more products- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
6.6
MEDIUMCVE-2017-7907
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XML external entity reference, or XXE) may allow an attack... Read more
Affected Products : wonderware_historian_client- Published: May. 19, 2017
- Modified: Apr. 20, 2025
-
8.6
HIGHCVE-2017-7914
A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310,... Read more
- Published: Jun. 14, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-7916
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the ... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7910
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.... Read more
Affected Products : wind_analysis- Published: Jun. 14, 2017
- Modified: Apr. 20, 2025
-
3.8
LOWCVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project cons... Read more
- Published: May. 03, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-7911
A Code Injection issue was discovered in CyberVision Kaa IoT Platform, Version 0.7.4. An insufficient-encapsulation vulnerability has been identified, which may allow remote code execution.... Read more
Affected Products : kaa_iot_platform- Published: May. 06, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-6429
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.... Read more
- Published: Mar. 15, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-6463
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.... Read more
Affected Products : ntp- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025
-
5.0
MEDIUMCVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.... Read more
- Published: Mar. 15, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6532
Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db.... Read more
- Published: Jul. 20, 2017
- Modified: Apr. 20, 2025
-
7.7
HIGHCVE-2017-6610
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH p... Read more
- Published: Apr. 20, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-6502
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).... Read more
Affected Products : imagemagick- Published: Mar. 06, 2017
- Modified: Apr. 20, 2025
-
9.1
CRITICALCVE-2017-6519
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by... Read more
- Published: May. 01, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-6467
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size.... Read more
- Published: Mar. 04, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-6474
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.... Read more
- Published: Mar. 04, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-6459
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.... Read more
Affected Products : ntp- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025