Latest CVE Feed
-
6.5
MEDIUMCVE-2017-5527
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized ... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-7967
All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the... Read more
Affected Products : vampset- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8853
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.... Read more
Affected Products : fiyo_cms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3073
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3072
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3070
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3068
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.... Read more
Affected Products : experience_manager_forms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2017-6137
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie ... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-0302
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-9257
In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Log... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9256
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a r... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9253
In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-9251
In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-6799
Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a m... Read more
Affected Products : cordova- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0290
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 17... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-4982
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system.... Read more
Affected Products : mainframe_enablers_resourcepak_base- Published: May. 08, 2017
- Modified: Apr. 20, 2025