| | CVE-2017-0290 |  Microsoft | high | 7.8 | 87.8%
| | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Mic… | May 9, 2017 | May 13, 2026 |
| | CVE-2017-3733 |  HPE | high | 7.5 | 3.1%
| | During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in… | May 4, 2017 | May 13, 2026 |
| | CVE-2017-6629 |  Cisco | medium | 5.3 | 1.1%
| | A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenti… | May 3, 2017 | May 13, 2026 |
| | CVE-2017-6628 | Cisco | medium | 6.8 | 0.6%
| | A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAA… | May 3, 2017 | May 13, 2026 |
| | CVE-2017-6626 | Cisco | medium | 5.3 | 0.3%
| | A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterpris… | May 3, 2017 | May 13, 2026 |
| | CVE-2017-6625 | Cisco | high | 7.1 | 0.6%
| | A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of … | May 3, 2017 | May 13, 2026 |
| | CVE-2016-4467 |  Apache | medium | 5.9 | 0.4%
| | The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows … | May 2, 2017 | May 13, 2026 |
| | CVE-2017-6128 |  F5 | high | 7.5 | 0.9%
| | An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 B… | May 1, 2017 | May 13, 2026 |
| | CVE-2017-3162 | Apache | high | 7.3 | 1.9%
| | HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is p… | Apr 26, 2017 | May 13, 2026 |
| | CVE-2017-3161 | Apache | medium | 6.1 | 5.8%
| | The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack t… | Apr 26, 2017 | May 13, 2026 |
| | CVE-2016-8030 |  Trellix | medium | 4.3 | 0.4%
| | A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch … | Apr 25, 2017 | May 13, 2026 |
| | CVE-2016-2173 |  VMware | critical | 9.8 | 21.3%
| | org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote at… | Apr 21, 2017 | May 13, 2026 |
| | CVE-2017-8051 |  Tenable | critical | 9.8 | 53.1%
| | Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py s… | Apr 21, 2017 | May 13, 2026 |
| | CVE-2017-8050 | Tenable | high | 7.5 | 0.2%
| | Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unaut… | Apr 21, 2017 | May 13, 2026 |
| | CVE-2017-6619 | Cisco | high | 8.8 | 0.8%
| | A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could a… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6618 | Cisco | medium | 5.4 | 0.4%
| | A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could a… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6617 | Cisco | medium | 5.4 | 0.3%
| | A vulnerability in the session identification management functionality of the web-based GUI of Cisco… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6616 | Cisco | high | 8.8 | 1.2%
| | A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could a… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6614 | Cisco | medium | 6.5 | 0.3%
| | A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Prob… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6613 | Cisco | medium | 5.8 | 0.3%
| | A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an u… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-6611 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauth… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-3808 | Cisco | high | 7.5 | 0.5%
| | A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Com… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2016-6368 | Cisco | high | 8.6 | 0.2%
| | A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packet… | Apr 20, 2017 | May 13, 2026 |
| | CVE-2017-7850 | Tenable | high | 7.8 | 0.0%
| | Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to … | Apr 19, 2017 | May 13, 2026 |
| | CVE-2017-7849 | Tenable | medium | 5.5 | 0.0%
| | Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to… | Apr 19, 2017 | May 13, 2026 |
| | CVE-2017-5656 | Apache | high | 7.5 | 2.4%
| | Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associa… | Apr 18, 2017 | May 13, 2026 |
| | CVE-2017-5653 | Apache | medium | 5.3 | 3.2%
| | JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that th… | Apr 18, 2017 | May 13, 2026 |
| | CVE-2017-5662 | Apache | high | 7.3 | 0.3%
| | In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be reve… | Apr 18, 2017 | May 13, 2026 |
| | CVE-2017-5661 | Apache | high | 7.3 | 2.4%
| | In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed… | Apr 18, 2017 | May 13, 2026 |
| | CVE-2017-5645 | Apache | critical | 9.8 | 94.0%
| | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2017-5659 | Apache | high | 7.5 | 2.0%
| | Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content len… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2016-5396 | Apache | high | 7.5 | 1.8%
| | Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack. | Apr 17, 2017 | May 13, 2026 |
| | CVE-2017-5651 | Apache | critical | 9.8 | 6.1%
| | In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors i… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2017-5650 | Apache | high | 7.5 | 12.7%
| | In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame f… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2017-5648 | Apache | critical | 9.1 | 21.8%
| | While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tom… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2017-5647 | Apache | high | 7.5 | 2.3%
| | A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5… | Apr 17, 2017 | May 13, 2026 |
| | CVE-2016-4970 | Apache | high | 7.5 | 8.2%
| | handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allow… | Apr 13, 2017 | May 13, 2026 |
| | CVE-2016-6808 | Apache | critical | 9.8 | 29.5%
| | Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-3125 |  Fortinet | medium | 6.1 | 0.6%
| | An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an a… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0210 | Microsoft | high | 8.8 | 42.1%
| ⚠ KEV | An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cros… | Apr 12, 2017 | Apr 22, 2026 |
| | CVE-2017-0208 | Microsoft | medium | 4.3 | 14.9%
| | An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine do… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0207 | Microsoft | medium | 6.5 | 11.7%
| | Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0205 | Microsoft | high | 7.5 | 18.8%
| | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0204 | Microsoft | medium | 5.5 | 11.7%
| | Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Ou… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0203 | Microsoft | medium | 4.3 | 4.5%
| | A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to proper… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0202 | Microsoft | high | 7.5 | 61.9%
| | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0201 | Microsoft | high | 7.5 | 23.9%
| | A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VB… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0200 | Microsoft | high | 7.5 | 29.4%
| | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2017-0199 | Microsoft | high | 7.8 | 94.3%
| ⚠ KEV | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 20… | Apr 12, 2017 | Apr 22, 2026 |
| | CVE-2017-0197 | Microsoft | high | 7.8 | 27.8%
| | Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrar… | Apr 12, 2017 | May 13, 2026 |