Joomla! Component iF surfALERT 1.2 - Local File Inclusion

A directory traversal vulnerability in the iF surfALERT comifsurfalert component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1717 info: name: Joomla! Component i...

Amazon Linux 2023 : rclone (ALAS2023-2026-1717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1717 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...

MiracleLinux 7 : etcd-3.2.32-1.el7 (AXSA:2021-1717:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1717:01 advisory. etcd: Large slice causes panic in decodeRecord method CVE-2020-15106 etcd: DoS in wal/wal.go CVE-2020-15112 Tenable has extracted the preceding...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4 (AXSA:2012-662:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-662:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2012-1711 Unspecified vulnerability in the Java Runtime Environment JRE...

EUVD-2026-1717

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

CVE-2012-1717 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-8-openj9...

Linux Distros Unpatched Vulnerability : CVE-2012-1717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and...

Linux Distros Unpatched Vulnerability : CVE-2013-1717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not...

CVE-2025-1717

creationtimestamp| type| source ---|---|--- 2025-02-27 09:48:19+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114075218651181708 2025-02-27 10:22:16+00:00| seen| https://t.me/cvedetector/19026 2025-02-27 11:00:55+00:00| seen|...

CVE-2025-1717

CVE-2025-1717 : The WordPress plugin Login Me Now (versions up to and including 1.7.2) is vulnerable to an authentication bypass via insecure authentication based on an arbitrary transient name in the AutoLogin::listen() function. The vulnerability allows unauthenticated attackers to log in as an...

CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the 'AutoLogin::listen' function. This makes it possible for unauthenticated attackers to log in an...

CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the 'AutoLogin::listen' function. This makes it possible for unauthenticated attackers to log in an...

CVE-2024-1717

The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleajaxcall function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

CVE-2024-1717

CVE-2024-1717 affects the Admin Notices Manager plugin for WordPress. A missing capability check in handle_ajax_call() (all versions through 1.4.0) allows authenticated users with subscriber-level access or higher to retrieve the emails of registered users. The provided documents do not specify a...

WordPress Admin Notices Manager Plugin <= 1.4.0 is vulnerable to Broken Access Control

Software Admin Notices Manager Type Plugin Vulnerable versions = 1.4.0 Fixed in 1.5.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1717 Patch priority Low CVSS severity Low 4.3 Developer Melapress PSID 95224798df4d Credits Lucio Sá Required privilege...

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1717

Bitrix24 22.0.300 is affected by a prototype pollution vulnerability in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js. Attackers can pollute proto [tag] and proto [text], enabling remote JavaScript execution in the victim’s browser and potentially arbitrary PHP code on ...

CVE-2023-1717 Bitrix24 Cross-Site Scripting (XSS) via Client-side Prototype Pollution

Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/leftvertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2023-1717)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...