| | CVE-2017-4921 |  VMware | high | 8.8 | 0.8%
| | VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure library loading issue that occurs d… | Aug 1, 2017 | May 13, 2026 |
| | CVE-2017-4919 | VMware | critical | 9.0 | 0.9%
| | VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to… | Jul 28, 2017 | May 13, 2026 |
| | CVE-2015-5191 | VMware | medium | 6.7 | 0.1%
| | VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use… | Jul 28, 2017 | May 13, 2026 |
| | CVE-2016-8743 |  Apache | high | 7.5 | 8.4%
| | Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accept… | Jul 27, 2017 | May 13, 2026 |
| | CVE-2016-2161 | Apache | high | 7.5 | 33.2%
| | In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the ser… | Jul 27, 2017 | May 13, 2026 |
| | CVE-2016-0736 | Apache | high | 7.5 | 41.7%
| | In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie us… | Jul 27, 2017 | May 13, 2026 |
| | CVE-2017-7659 | Apache | high | 7.5 | 38.4%
| | A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 … | Jul 26, 2017 | May 13, 2026 |
| | CVE-2017-6755 |  Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could all… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6753 | Cisco | high | 8.8 | 14.0%
| | A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow … | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6751 | Cisco | high | 7.5 | 0.5%
| | A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6750 | Cisco | high | 7.5 | 0.7%
| | A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6749 | Cisco | medium | 5.4 | 0.2%
| | A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6748 | Cisco | medium | 6.7 | 0.3%
| | A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authentic… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6746 | Cisco | high | 7.2 | 2.5%
| | A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authen… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6672 | Cisco | high | 7.5 | 0.4%
| | A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Se… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-6612 | Cisco | high | 8.6 | 0.7%
| | A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Service… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2015-0674 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revis… | Jul 25, 2017 | May 13, 2026 |
| | CVE-2017-7336 |  Fortinet | critical | 9.8 | 0.9%
| | A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote a… | Jul 22, 2017 | May 13, 2026 |
| | CVE-2016-6798 | Apache | critical | 9.8 | 1.3%
| | In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an… | Jul 19, 2017 | May 13, 2026 |
| | CVE-2016-5394 | Apache | medium | 6.1 | 1.1%
| | In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.enco… | Jul 19, 2017 | May 13, 2026 |
| | CVE-2017-7688 | Apache | high | 7.5 | 1.1%
| | Apache OpenMeetings 1.0.0 updates user password in insecure manner. | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7685 | Apache | medium | 5.3 | 1.1%
| | Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PA… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7684 | Apache | high | 7.5 | 1.5%
| | Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a de… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7683 | Apache | high | 7.5 | 0.6%
| | Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secur… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7682 | Apache | high | 8.2 | 0.7%
| | Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has … | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7681 | Apache | high | 8.8 | 0.1%
| | Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify … | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7680 | Apache | high | 7.5 | 1.3%
| | Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash conte… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7673 | Apache | critical | 9.8 | 0.4%
| | Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registr… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7666 | Apache | high | 8.8 | 0.2%
| | Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, c… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7664 | Apache | critical | 10.0 | 0.6%
| | Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0. | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-7663 | Apache | medium | 6.1 | 1.0%
| | Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0. | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-0196 |  Microsoft | medium | 6.5 | 19.1%
| | An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obt… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-0152 | Microsoft | high | 8.1 | 14.6%
| | A remote code execution vulnerability exists in the way affected Microsoft scripting engine render w… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-0028 | Microsoft | critical | 9.8 | 19.6%
| | A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses obj… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2016-6793 | Apache | critical | 9.1 | 3.6%
| | The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote atta… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2015-0249 | Apache | high | 7.2 | 0.4%
| | The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users with a… | Jul 17, 2017 | May 13, 2026 |
| | CVE-2017-9789 | Apache | high | 7.5 | 6.1%
| | When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would s… | Jul 13, 2017 | May 13, 2026 |
| | CVE-2017-9788 | Apache | critical | 9.1 | 49.5%
| | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorizatio… | Jul 13, 2017 | May 13, 2026 |
| | CVE-2017-9787 | Apache | high | 7.5 | 8.2%
| | When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attac… | Jul 13, 2017 | May 13, 2026 |
| | CVE-2017-7672 | Apache | medium | 5.9 | 1.3%
| | If an application allows enter an URL in a form field and built-in URLValidator is used, it is possi… | Jul 13, 2017 | May 13, 2026 |
| | CVE-2017-7529 |  F5 | high | 7.5 | 91.9%
| | Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerabili… | Jul 13, 2017 | May 13, 2026 |
| | CVE-2017-4057 |  Trellix | high | 8.8 | 1.0%
| | Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10… | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-4055 | Trellix | high | 7.5 | 0.9%
| | Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense … | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-4054 | Trellix | high | 8.8 | 4.3%
| | Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3… | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-4053 | Trellix | critical | 9.8 | 4.4%
| | Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3… | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-4052 | Trellix | critical | 9.8 | 0.4%
| | Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.1… | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-7678 | Apache | medium | 6.1 | 1.4%
| | In Apache Spark before 2.2.0, it is possible for an attacker to take advantage of a user's trust in … | Jul 12, 2017 | May 13, 2026 |
| | CVE-2017-8621 | Microsoft | medium | 6.1 | 1.1%
| | Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchang… | Jul 11, 2017 | May 13, 2026 |
| | CVE-2017-8619 | Microsoft | high | 7.5 | 29.9%
| | Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote cod… | Jul 11, 2017 | May 13, 2026 |
| | CVE-2017-8618 | Microsoft | high | 7.5 | 58.3%
| | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT… | Jul 11, 2017 | May 13, 2026 |