| | CVE-2017-12268 |  Cisco | medium | 6.5 | 0.1%
| | A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12267 | Cisco | medium | 5.3 | 0.5%
| | A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wi… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12266 | Cisco | medium | 4.2 | 0.0%
| | A vulnerability in the routine that loads DLL files in Cisco Meeting App for Windows could allow an … | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12265 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Sof… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12264 | Cisco | medium | 5.3 | 1.0%
| | A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, r… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12263 | Cisco | high | 7.5 | 33.4%
| | A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticate… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12258 | Cisco | medium | 6.1 | 2.6%
| | A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthent… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12257 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, … | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12256 | Cisco | medium | 6.5 | 0.3%
| | A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Applian… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12245 | Cisco | high | 8.6 | 0.7%
| | A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could al… | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-12244 | Cisco | high | 8.6 | 0.1%
| | A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software … | Oct 5, 2017 | May 13, 2026 |
| | CVE-2017-9792 |  Apache | medium | 6.5 | 0.2%
| | In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala … | Oct 4, 2017 | May 13, 2026 |
| | CVE-2017-12617 | Apache | high | 8.1 | 94.4%
| ⚠ KEV | When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.… | Oct 4, 2017 | Apr 21, 2026 |
| | CVE-2017-9797 | Apache | medium | 6.5 | 0.2%
| | When an Apache Geode cluster before v1.2.1 is operating in secure mode, an unauthenticated client ca… | Oct 3, 2017 | May 13, 2026 |
| | CVE-2017-12620 | Apache | critical | 9.8 | 1.0%
| | When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since … | Oct 3, 2017 | May 13, 2026 |
| | CVE-2016-6806 | Apache | high | 8.8 | 0.2%
| | Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1 provide a CSRF prevention measure th… | Oct 3, 2017 | May 13, 2026 |
| | CVE-2014-0043 | Apache | medium | 5.3 | 1.5%
| | In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is poss… | Oct 3, 2017 | May 13, 2026 |
| | CVE-2017-9794 | Apache | medium | 4.3 | 0.1%
| | When a cluster is operating in secure mode, a user with read privileges for specific data regions ca… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-14352 |  HPE | medium | 6.1 | 0.4%
| | A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-14351 | HPE | critical | 9.8 | 2.6%
| | A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-14350 | HPE | critical | 9.8 | 1.1%
| | A potential security vulnerability has been identified in HPE Application Performance Management (BS… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-14349 | HPE | critical | 9.8 | 0.8%
| | An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only … | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13991 | HPE | medium | 5.3 | 0.6%
| | An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13990 | HPE | medium | 5.3 | 0.6%
| | An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13989 | HPE | high | 8.1 | 0.3%
| | An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version p… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13988 | HPE | medium | 6.5 | 0.3%
| | An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version p… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13987 | HPE | medium | 6.5 | 0.3%
| | An insufficient access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x versi… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13986 | HPE | medium | 6.1 | 0.4%
| | A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13985 | HPE | medium | 6.5 | 0.4%
| | An authentication vulnerability in HPE BSM Platform Application Performance Management System Health… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13984 | HPE | medium | 6.5 | 1.3%
| | An authentication vulnerability in HPE BSM Platform Application Performance Management System Health… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13983 | HPE | critical | 9.8 | 14.9%
| | An authentication vulnerability in HPE BSM Platform Application Performance Management System Health… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-13982 | HPE | high | 8.8 | 3.3%
| | A directory traversal vulnerability in HPE BSM Platform Application Performance Management System He… | Sep 30, 2017 | May 13, 2026 |
| | CVE-2016-4434 | Apache | high | 7.8 | 0.4%
| | Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might … | Sep 30, 2017 | May 13, 2026 |
| | CVE-2017-9790 | Apache | high | 7.5 | 2.1%
| | When handling a libprocess message wrapped in an HTTP request, libprocess in Apache Mesos before 1.1… | Sep 29, 2017 | May 13, 2026 |
| | CVE-2017-7687 | Apache | high | 7.5 | 3.2%
| | When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache M… | Sep 29, 2017 | May 13, 2026 |
| | CVE-2017-12621 | Apache | critical | 9.8 | 0.8%
| | During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a "S… | Sep 28, 2017 | May 13, 2026 |
| | CVE-2015-5169 | Apache | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20. | Sep 25, 2017 | May 13, 2026 |
| | CVE-2017-12255 | Cisco | medium | 6.7 | 0.1%
| | A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacke… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12254 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthentic… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12253 | Cisco | high | 8.8 | 0.3%
| | A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote atta… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12252 | Cisco | high | 7.8 | 0.1%
| | A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local at… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12250 | Cisco | medium | 5.3 | 0.8%
| | A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allo… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12248 | Cisco | medium | 6.1 | 0.2%
| | A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow … | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-12214 | Cisco | high | 8.8 | 0.9%
| | A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential r… | Sep 21, 2017 | May 13, 2026 |
| | CVE-2017-9804 | Apache | high | 7.5 | 4.6%
| | In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a UR… | Sep 20, 2017 | May 13, 2026 |
| | CVE-2017-9793 | Apache | high | 7.5 | 7.9%
| | The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outd… | Sep 20, 2017 | May 13, 2026 |
| | CVE-2017-12611 | Apache | critical | 9.8 | 94.2%
| | In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in… | Sep 20, 2017 | May 13, 2026 |
| | CVE-2016-8738 | Apache | medium | 5.9 | 1.1%
| | In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the … | Sep 20, 2017 | May 13, 2026 |
| | CVE-2016-6795 | Apache | critical | 9.8 | 5.0%
| | In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possibl… | Sep 20, 2017 | May 13, 2026 |
| | CVE-2015-0689 | Cisco | high | 7.5 | 0.4%
| | Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protect… | Sep 19, 2017 | May 13, 2026 |