CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2017-1189 IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the... | N/A | NONE | — | 0 |
| CVE-2017-14181 DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and applicati... | N/A | NONE | — | 0 |
| CVE-2017-1502 IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended ... | N/A | NONE | — | 0 |
| CVE-2017-14192 The checktitle function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the module field. | N/A | NONE | — | 0 |
| CVE-2017-14193 The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer. | N/A | NONE | — | 0 |
| CVE-2017-14194 The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer. | N/A | NONE | — | 0 |
| CVE-2017-14195 The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer. | N/A | NONE | — | 0 |
| CVE-2017-0789 A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. References: B-V2017053102. | N/A | NONE | — | 0 |
| CVE-2014-9565 Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware 3.4.0000 and earlier. | N/A | NONE | — | 0 |
| CVE-2015-3169 Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch. | N/A | NONE | — | 0 |
| CVE-2015-3222 syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root. | N/A | NONE | — | 0 |
| CVE-2015-3313 SQL injection vulnerability in WordPress Community Events plugin before 1.4. | N/A | NONE | — | 0 |
| CVE-2015-3314 SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5. | N/A | NONE | — | 0 |
| CVE-2015-3991 strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. | N/A | NONE | — | 0 |
| CVE-2015-4085 Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | N/A | NONE | — | 0 |
| CVE-2015-4619 Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75. | N/A | NONE | — | 0 |
| CVE-2015-4627 SQL injection vulnerability in Pragyan CMS 3.0. | N/A | NONE | — | 0 |
| CVE-2015-4629 Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions. | N/A | NONE | — | 0 |
| CVE-2015-4697 Cross-site request forgery (CSRF) vulnerability in Google Analyticator Wordpress Plugin before 6.4.9.3 rev @1183563. | N/A | NONE | — | 0 |
| CVE-2015-4721 Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1. | N/A | NONE | — | 0 |
| CVE-2015-7672 Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27). | N/A | NONE | — | 0 |
| CVE-2015-8079 qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | 5.3 | MEDIUM | — | 0 |
| CVE-2017-12211 A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of t... | N/A | NONE | — | 0 |
| CVE-2017-12212 A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interf... | N/A | NONE | — | 0 |
| CVE-2017-0771 A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243. | N/A | NONE | — | 0 |
| CVE-2017-12213 A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dyna... | N/A | NONE | — | 0 |
| CVE-2017-12216 A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vul... | N/A | NONE | — | 0 |
| CVE-2017-12217 A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remo... | N/A | NONE | — | 0 |
| CVE-2017-12218 A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated, rem... | N/A | NONE | — | 0 |
| CVE-2017-12220 A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack agai... | N/A | NONE | — | 0 |
| CVE-2017-12221 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interfa... | N/A | NONE | — | 0 |
| CVE-2017-12223 A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device ... | N/A | NONE | — | 0 |
| CVE-2017-12224 A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even th... | N/A | NONE | — | 0 |
| CVE-2017-0790 A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101. | N/A | NONE | — | 0 |
| CVE-2017-8630 Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique fro... | N/A | NONE | — | 0 |
| CVE-2017-8631 A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT S... | 7.8 | HIGH | — | 0 |
| CVE-2017-8632 A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office... | N/A | NONE | — | 0 |
| CVE-2017-8643 Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Micros... | N/A | NONE | — | 0 |
| CVE-2017-8725 A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft ... | N/A | NONE | — | 0 |
| CVE-2017-8648 Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Mi... | N/A | NONE | — | 0 |
| CVE-2017-8649 Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaSc... | N/A | NONE | — | 0 |
| CVE-2017-8660 Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser ... | N/A | NONE | — | 0 |
| CVE-2017-8675 The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and... | N/A | NONE | — | 0 |
| CVE-2017-8676 The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1... | N/A | NONE | — | 0 |
| CVE-2017-8677 The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Wind... | N/A | NONE | — | 0 |
| CVE-2017-8678 The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Wi... | N/A | NONE | — | 0 |
| CVE-2017-8679 The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Wi... | N/A | NONE | — | 0 |
| CVE-2017-8680 The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerabi... | N/A | NONE | — | 0 |
| CVE-2017-14402 The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input va... | N/A | NONE | — | 0 |
| CVE-2017-8681 The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Wi... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.