Latest CVE Feed
-
6.1
MEDIUMCVE-2017-7343
An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter.... Read more
Affected Products : fortiportal- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-7339
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality.... Read more
Affected Products : fortiportal- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7338
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View.... Read more
Affected Products : fortiportal- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
9.1
CRITICALCVE-2017-7337
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /f... Read more
Affected Products : fortiportal- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
9.0
HIGHCVE-2017-3134
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command 'copy running-config'.... Read more
Affected Products : fortiwlc-sd- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-3129
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.... Read more
Affected Products : fortiweb- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-3126
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.... Read more
- Published: May. 27, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2017-5646
For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While t... Read more
Affected Products : knox- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-8542
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 exchange_server windows_defender malware_protection_engine +1 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-8541
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 exchange_server windows_defender malware_protection_engine +1 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-8540
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 exchange_server windows_10_1607 windows_10_1507 windows_defender +9 more products- Actively Exploited
- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-8539
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 exchange_server windows_defender malware_protection_engine +1 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-8538
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 exchange_server windows_defender malware_protection_engine +1 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-8537
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2016 exchange_server windows_defender security_essentials system_center_endpoint_protection +4 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-8536
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2016 exchange_server windows_defender security_essentials system_center_endpoint_protection +4 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-8535
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2016 exchange_server windows_defender security_essentials system_center_endpoint_protection +4 more products- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6862
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR... Read more
Affected Products : wnr2000v5_firmware wnr2000v4_firmware wnr2000v3_firmware wnr2000v5 wnr2000v4 wnr2000v3- Actively Exploited
- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-10375
Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c.... Read more
Affected Products : yodl- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2015-0269
Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors.... Read more
- Published: May. 26, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-7505
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object out... Read more
Affected Products : foreman- Published: May. 26, 2017
- Modified: Apr. 20, 2025