| | CVE-2017-11770 | Microsoft | high | 7.5 | 13.7%
| | .NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service … | Nov 15, 2017 | May 13, 2026 |
| | CVE-2017-11768 | Microsoft | low | 2.5 | 1.5%
| | Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, W… | Nov 15, 2017 | May 13, 2026 |
| | CVE-2017-12636 | Apache | high | 7.2 | 93.8%
| | CouchDB administrative users can configure the database server via HTTP(S). Some of the configuratio… | Nov 14, 2017 | May 13, 2026 |
| | CVE-2017-12635 | Apache | critical | 9.8 | 94.1%
| | Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible … | Nov 14, 2017 | May 13, 2026 |
| | CVE-2017-12624 | Apache | medium | 5.5 | 3.6%
| | Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications… | Nov 14, 2017 | May 13, 2026 |
| | CVE-2017-3166 | Apache | high | 7.8 | 0.2%
| | In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encrypti… | Nov 13, 2017 | May 13, 2026 |
| | CVE-2016-6803 | Apache | high | 7.8 | 0.1%
| | An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache Ope… | Nov 13, 2017 | May 13, 2026 |
| | CVE-2017-14360 | HPE | medium | 5.9 | 0.5%
| | A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.0… | Nov 8, 2017 | May 13, 2026 |
| | CVE-2017-14359 | HPE | medium | 5.4 | 0.2%
| | A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The… | Nov 3, 2017 | May 13, 2026 |
| | CVE-2017-11767 | Microsoft | critical | 9.8 | 17.2%
| | ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that … | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-11508 | Tenable | high | 8.8 | 0.4%
| | SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be e… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12295 | Cisco | medium | 5.3 | 0.4%
| | A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to ac… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12294 | Cisco | medium | 5.4 | 0.2%
| | A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to cond… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12276 | Cisco | high | 8.1 | 0.2%
| | A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collabor… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12262 | Cisco | high | 8.8 | 0.6%
| | A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Con… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12261 | Cisco | high | 7.8 | 0.0%
| | A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessib… | Nov 2, 2017 | May 13, 2026 |
| | CVE-2017-12625 | Apache | medium | 4.3 | 0.5%
| | Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface throu… | Nov 1, 2017 | May 13, 2026 |
| | CVE-2017-14358 | HPE | medium | 6.1 | 0.2%
| | A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2017-14357 | HPE | medium | 6.1 | 0.4%
| | A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight E… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2017-14356 | HPE | critical | 9.8 | 0.5%
| | An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version pr… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2017-3935 | Trellix | high | 7.5 | 0.3%
| | Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Inte… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2017-3934 | Trellix | medium | 5.9 | 0.2%
| | Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Netwo… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2017-3933 | Trellix | medium | 5.4 | 0.2%
| | Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9… | Oct 31, 2017 | May 13, 2026 |
| | CVE-2014-0073 | Apache | critical | 9.8 | 11.4%
| | The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2014-0072 | Apache | high | 7.5 | 1.5%
| | ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2013-4366 | Apache | critical | 9.8 | 1.3%
| | http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2012-5636 | Apache | medium | 6.1 | 1.6%
| | Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.22, 1.5.x before 1.5.10, … | Oct 30, 2017 | May 13, 2026 |
| | CVE-2012-4449 | Apache | critical | 9.8 | 0.4%
| | Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2014-0115 | Apache | high | 7.5 | 0.8%
| | Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers … | Oct 30, 2017 | May 13, 2026 |
| | CVE-2012-0881 | Apache | high | 7.5 | 2.1%
| | Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU c… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2009-1198 | Apache | medium | 6.1 | 0.8%
| | Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to injec… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2009-1197 | Apache | medium | 5.3 | 0.4%
| | Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error … | Oct 30, 2017 | May 13, 2026 |
| | CVE-2016-3090 | Apache | high | 8.8 | 2.2%
| | The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attacke… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2015-3249 | Apache | critical | 9.8 | 4.2%
| | The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers … | Oct 30, 2017 | May 13, 2026 |
| | CVE-2015-0226 | Apache | high | 7.5 | 5.2%
| | Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption fail… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2015-0224 | Apache | high | 7.5 | 56.0%
| | qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon c… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2014-3624 | Apache | critical | 9.8 | 0.4%
| | Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by le… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2014-3526 | Apache | high | 7.5 | 0.5%
| | Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers… | Oct 30, 2017 | May 13, 2026 |
| | CVE-2013-4246 | Apache | high | 8.8 | 0.4%
| | libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users … | Oct 30, 2017 | May 13, 2026 |
| | CVE-2015-1835 | Apache | medium | 5.3 | 0.6%
| | Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit … | Oct 27, 2017 | May 13, 2026 |
| | CVE-2014-3600 | Apache | critical | 9.8 | 0.5%
| | XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2014-3579 | Apache | critical | 9.8 | 3.5%
| | XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote con… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2016-5003 | Apache | critical | 9.8 | 41.5%
| | The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2016-5002 | Apache | high | 7.8 | 3.5%
| | XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6163 | F5 | medium | 5.9 | 1.5%
| | In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 1… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6162 | F5 | medium | 5.9 | 1.5%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websa… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6161 | F5 | medium | 5.3 | 2.7%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6160 | F5 | medium | 5.9 | 4.6%
| | In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a re… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6159 | F5 | medium | 5.9 | 0.9%
| | F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software versi… | Oct 27, 2017 | May 13, 2026 |
| | CVE-2017-6157 | F5 | high | 8.1 | 6.9%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software… | Oct 27, 2017 | May 13, 2026 |