2017 CVEs

17102 CVEs published in 2017. 2109 critical, 6689 high. Browse by vendor, severity, or with PoCs.

Top CVEs published in 2017
CVESeverityScorePublishedSummary
CVE-2017-20230Critical10.02026-04-21Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read…
CVE-2017-14451Critical10.02020-12-02An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause…
CVE-2017-16088Critical10.02018-06-07The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard…
CVE-2017-12087Critical10.02018-04-24An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an a…
CVE-2017-14459Critical10.02018-04-11An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wi…
CVE-2017-14473Critical10.02018-04-05An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B…
CVE-2017-14472Critical10.02018-04-05An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B…
CVE-2017-14471Critical10.02018-04-05An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B…
CVE-2017-14470Critical10.02018-04-05An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B…
CVE-2017-14469Critical10.02018-04-05An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B…
CVE-2017-12815Critical10.02018-03-26Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archi…
CVE-2017-12542Critical10.02018-02-15A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
CVE-2017-16740Critical10.02018-01-09A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-…
CVE-2017-11291Critical10.02017-12-09An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass n…
CVE-2017-14378Critical10.02017-11-29EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerab…
CVE-2017-16845Critical10.02017-11-17hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
CVE-2017-10269Critical10.02017-11-14Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3…
CVE-2017-10151Critical10.02017-10-30Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11…
CVE-2017-10405Critical10.02017-10-19Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that ar…
CVE-2017-10402Critical10.02017-10-19Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that ar…