| | CVE-2017-14394 | ForgeRock | medium | 6.1 | — | | OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Mana… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2019-5436 | F5 | high | 7.8 | 13.3%
| | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libc… | May 28, 2019 | Apr 15, 2026 |
| | CVE-2019-11569 | Veeam | high | 8.8 | — | | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | May 6, 2019 | Nov 21, 2024 |
| | CVE-2019-7317 | HPE | medium | 5.3 | 0.6%
| | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_fu… | Feb 4, 2019 | May 28, 2026 |
| | CVE-2018-14634 | F5 | high | 7.8 | 25.7%
| ⚠ KEV | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg… | Sep 25, 2018 | Jan 27, 2026 |
| | CVE-2018-0296 | Cisco | high | 7.5 | 94.4%
| ⚠ KEV | A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an u… | Jun 7, 2018 | Jan 14, 2026 |
| | CVE-2018-1259 | VMware | high | 7.5 | 5.0%
| | Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with… | May 11, 2018 | Jun 26, 2026 |
| | CVE-2018-1274 | VMware | high | 7.5 | 2.0%
| | Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain… | Apr 18, 2018 | Jun 26, 2026 |
| | CVE-2018-1273 | Apache | critical | 9.8 | 95.6%
| ⚠ KEV | Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions… | Apr 11, 2018 | Jun 26, 2026 |
| | CVE-2018-1000134 | ForgeRock | critical | 9.8 | — | | UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904… | Mar 16, 2018 | Nov 21, 2024 |
| | CVE-2018-0147 | Cisco | critical | 9.8 | 4.0%
| ⚠ KEV | A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to re… | Mar 8, 2018 | Jan 14, 2026 |
| | CVE-2017-12174 | Apache | high | 7.5 | 6.0%
| | It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroup… | Mar 7, 2018 | Jun 15, 2026 |
| | CVE-2018-7272 | ForgeRock | medium | 6.5 | — | | The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows att… | Feb 21, 2018 | Nov 21, 2024 |
| | CVE-2017-12626 | Apache | high | 7.5 | 1.3%
| | Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinit… | Jan 29, 2018 | May 28, 2026 |
| | CVE-2017-5753 | VMware | medium | 5.6 | 94.3%
| | Systems with microprocessors utilizing speculative execution and branch prediction may allow unautho… | Jan 4, 2018 | May 28, 2026 |
| | CVE-2017-8046 | VMware | critical | 9.8 | 72.8%
| | Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingall… | Jan 4, 2018 | Jun 26, 2026 |
| | CVE-2017-5641 | Apache | critical | 9.8 | 48.5%
| | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allow… | Dec 28, 2017 | May 13, 2026 |
| | CVE-2017-6167 | F5 | high | 7.5 | 0.3%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6164 | F5 | high | 8.1 | 2.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6151 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6140 | F5 | high | 7.5 | 0.6%
| | On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 445… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6139 | F5 | medium | 5.9 | 0.4%
| | In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system ap… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6138 | F5 | high | 7.5 | 0.7%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6136 | F5 | medium | 5.9 | 0.6%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6135 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6134 | F5 | medium | 6.5 | 1.4%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6133 | F5 | high | 7.5 | 0.6%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6132 | F5 | high | 7.5 | 2.2%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-6129 | F5 | high | 7.5 | 0.5%
| | In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows c… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-0304 | F5 | medium | 5.4 | 0.2%
| | A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-0301 | F5 | high | 7.6 | 0.1%
| | In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 1… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-4943 | VMware | high | 7.8 | 0.0%
| | VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vu… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-4941 | VMware | high | 8.8 | 4.8%
| | VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-4933 | VMware | high | 8.8 | 7.1%
| | VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x bef… | Dec 20, 2017 | May 13, 2026 |
| | CVE-2017-15700 | Apache | high | 8.8 | 0.2%
| | A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authenticat… | Dec 18, 2017 | May 13, 2026 |
| | CVE-2017-12630 | Apache | medium | 5.4 | 0.7%
| | In Apache Drill 1.11.0 and earlier when submitting form from Query page users are able to pass arbit… | Dec 18, 2017 | May 13, 2026 |
| | CVE-2017-17740 | Trellix | high | 7.5 | 6.1%
| | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memb… | Dec 18, 2017 | May 13, 2026 |
| | CVE-2017-14184 | Fortinet | high | 8.8 | 1.6%
| | An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions… | Dec 15, 2017 | May 13, 2026 |
| | CVE-2017-17556 | HPE | medium | 5.1 | 0.1%
| | A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain s… | Dec 15, 2017 | May 13, 2026 |
| | CVE-2017-7344 | Fortinet | high | 8.1 | 1.3%
| | A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows att… | Dec 14, 2017 | May 13, 2026 |
| | CVE-2017-5663 | Apache | high | 8.8 | 0.2%
| | In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating, an authenticated user w… | Dec 14, 2017 | May 13, 2026 |
| | CVE-2017-7738 | Fortinet | high | 7.2 | 0.3%
| | An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and … | Dec 13, 2017 | May 13, 2026 |
| | CVE-2017-4942 | VMware | medium | 4.9 | 0.4%
| | VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitatio… | Dec 13, 2017 | May 13, 2026 |
| | CVE-2017-11939 | Microsoft | medium | 6.5 | 2.0%
| | Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the w… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11936 | Microsoft | high | 8.8 | 15.0%
| | Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to th… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11935 | Microsoft | high | 7.8 | 32.4%
| | Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11934 | Microsoft | medium | 5.5 | 23.5%
| | Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016 allow an informat… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11932 | Microsoft | high | 8.1 | 14.8%
| | Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerabi… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11930 | Microsoft | high | 7.5 | 20.5%
| | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.… | Dec 12, 2017 | May 13, 2026 |
| | CVE-2017-11919 | Microsoft | medium | 5.3 | 25.6%
| | ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.… | Dec 12, 2017 | May 13, 2026 |