NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
81585 | CVE-2017-3436 | Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts). | 2 | 5.8 | Medium | 2017-02-07 | 2017-01-30 | View | |
82609 | CVE-2017-6077 | ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request. | 2 | 10 | High | 2017-03-18 | 2017-03-01 | View | |
83121 | CVE-2017-0517 | An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32372051. References: M-ALPS02973195. | 2 | 7.6 | High | 2017-07-18 | 2017-07-17 | View | |
83377 | CVE-2017-6483 | Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor 2.2.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (lang_code in themes/*/admin/system_preferences/language_edit.tmpl.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | 2 | 4.3 | Medium | 2017-03-18 | 2017-03-07 | View | |
84145 | CVE-2017-0210 | An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka Internet Explorer Elevation of Privilege Vulnerability. | 2 | 4.3 | Medium | 2017-07-18 | 2017-07-10 | View |
Page 1592 of 17672, showing 5 records out of 88360 total, starting on record 7956, ending on 7960