Latest CVE Feed
-
7.8
HIGHCVE-2017-0341
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to den... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8855
wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.... Read more
Affected Products : wolfssl- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-8854
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.... Read more
Affected Products : wolfssl- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-5527
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized ... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-7967
All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the... Read more
Affected Products : vampset- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8853
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.... Read more
Affected Products : fiyo_cms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3073
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3072
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3070
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3068
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.... Read more
Affected Products : experience_manager_forms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2017-6137
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie ... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-0302
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-9257
In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Log... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9256
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a r... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9253
In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-9251
In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_websafe- Published: May. 09, 2017
- Modified: Apr. 20, 2025