High · CVSS 7.3
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
Published Aug 24, 2016 · Updated Jun 3, 2026
Low · CVSS 3.3
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.
Published Aug 1, 2018 · Updated Apr 16, 2026
Medium · CVSS 5.3
A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar.
Published Aug 1, 2018 · Updated Apr 16, 2026
Medium · CVSS 6.5
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
Published Aug 1, 2018 · Updated Apr 15, 2026
High · CVSS 8.8 · CISA KEV
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.
Published Aug 18, 2016 · Updated Jan 12, 2026
High · CVSS 7.8 · CISA KEV
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
Published Aug 18, 2016 · Updated Jan 12, 2026
High · CVSS 7.8 · CISA KEV
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.
Published Aug 9, 2016 · Updated Oct 21, 2025
Medium · CVSS 5.5 · CISA KEV
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
Published Aug 25, 2016 · Updated Oct 21, 2025
High · CVSS 7.8 · CISA KEV
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Published Aug 25, 2016 · Updated Oct 21, 2025
High · CVSS 8.8 · CISA KEV
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Published Aug 25, 2016 · Updated Oct 21, 2025
Unknown · CVSS Not scored
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions.
Published Aug 10, 2017 · Updated Nov 14, 2024
High · CVSS 7.5
The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.
Published Aug 10, 2017 · Updated Oct 15, 2024
Unknown · CVSS Not scored
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
Published Aug 28, 2017 · Updated Oct 4, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
Published Aug 18, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
Published Aug 10, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
Published Aug 10, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803.
Published Aug 29, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850.
Published Aug 29, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
Published Aug 11, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
Published Aug 18, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
Published Aug 18, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993.
Published Aug 29, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851.
Published Aug 28, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
Published Aug 10, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113899.
Published Aug 29, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.
Published Aug 10, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935.
Published Aug 29, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.
Published Aug 16, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846.
Published Aug 29, 2017 · Updated Sep 17, 2024
Low · CVSS 3.3
A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.
Published Aug 30, 2018 · Updated Sep 17, 2024
Unknown · CVSS Not scored
A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL (at least) it is possible to perform updates/inserts/deletes and database modifications to any table the database user has access to.
Published Aug 1, 2018 · Updated Sep 17, 2024
Unknown · CVSS Not scored
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
Published Aug 30, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user's session. IBM X-Force ID: 120257
Published Aug 2, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
Published Aug 18, 2017 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.
Published Aug 9, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.
Published Aug 16, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813.
Published Aug 29, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937.
Published Aug 29, 2017 · Updated Sep 16, 2024
Low · CVSS 3.7
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353.
Published Aug 13, 2018 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.
Published Aug 16, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 116881.
Published Aug 14, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk.
Published Aug 10, 2017 · Updated Sep 16, 2024