86 CVEs published in 2017. 86 flagged on the CISA Known Exploited Vulnerabilities catalog. Every guide includes runnable Linux, Windows PowerShell, and Bash remediation commands.
86 fix guides from 2017 ⚠ 86 actively exploited (CISA KEV)CVE-2017-1000353 - Remote Code Execution in Jenkins. Runnable patch commands, mitigation snippets, and verification steps on this page.
CVE-2017-1000486 is an inadequate encryption strength in Primetek Primefaces. This page lists verified fix commands and short-term mitigatio
CVE-2017-11317: Inadequate Encryption Strength in Telerik User Interface (UI) for ASP.NET AJAX. Runnable fix commands and patched builds.
CVE-2017-11357 unrestricted upload of file with dangerous type in User Interface (Ui) For Asp.Net Ajax. Runnable upgrade commands and verifi
CVE-2017-12149 is a deserialization of untrusted data in jbossas. This page lists verified fix commands and short-term mitigations you can r
CVE-2017-12240 is an improper input validation in Cisco IOS and IOS XE. This page lists verified fix commands and short-term mitigations you
CVE-2017-15944 is a improper input validation in Pan-Os. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2017-18362: SQL Injection in Kaseya Virtual System/Server Administrator (VSA). Runnable fix commands and patched builds.
CVE-2017-18368 improper neutralization of special elements used in an os command ('os command i in P660Hn-T1A Routers. Runnable upgrade comm
CVE-2017-3066 - Insecure Deserialization in Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, Cold
CVE-2017-3881: Improper Input Validation in Cisco IOS and IOS XE. Runnable fix commands and patched builds.
CVE-2017-5638 is a vulnerability in Apache Struts. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-5689 is an improper privilege management in Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Mana
CVE-2017-6077: OS Command Injection in NETGEAR Wireless Router DGN2200. Runnable fix commands and patched builds.
CVE-2017-6316 is a n/a flaw in Citrix NetScaler SD-WAN Enterprise. Actively exploited per CISA KEV. Verified patched builds and runnable fix
CVE-2017-6862 buffer copy without checking size of input ('classic buffer overflow') in Netgear All Versions Prior To Wnr2000V3 1.1.2.14, Wn
CVE-2017-7269 is a n/a in the vendor n/a. CVSS 9.8 Critical. Patch commands, mitigations, and verification.
CVE-2017-7494 improper control of generation of code ('code injection') in Samba. Runnable upgrade commands and verification steps for sysad
CVE-2017-7921 - Authentication Bypass in Hikvision Cameras. Runnable patch commands, mitigation snippets, and verification steps on this pag
CVE-2017-8543: Improper Preservation of Permissions in Microsoft Windows. Runnable fix commands and patched builds.
CVE-2017-9248 is a n/a in the vendor n/a. CVSS 9.8 Critical. Patch commands, mitigations, and verification.
CVE-2017-9791 is an improper input validation in Apache Struts. This page lists verified fix commands and short-term mitigations you can run
CVE-2017-9841 is a code injection in PHP. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-0001 is a security vulnerability in Windows GDI. This page lists verified fix commands and short-term mitigations you can run today
CVE-2017-0005 is a Elevation of Privilege flaw in Microsoft Windows. Actively exploited per CISA KEV. Verified patched builds and runnable f
CVE-2017-0037: Type Confusion in Microsoft Edge and Internet Explorer. Runnable fix commands and patched builds.
CVE-2017-0101 is a Memory Corruption flaw in Microsoft Windows. Actively exploited per CISA KEV. Verified patched builds and runnable fix co
CVE-2017-0143 is a remote code execution in Microsoft Corporation Windows SMB. CVSS 8.8 High. Patch commands, mitigations, and verification.
CVE-2017-0144 is a security vulnerability in Windows SMB. This page lists verified fix commands and short-term mitigations you can run today
CVE-2017-0145 is a security vulnerability in Windows SMB. This page lists verified fix commands and short-term mitigations you can run today
CVE-2017-0146 is a Remote Code Execution flaw in Microsoft Windows. Actively exploited per CISA KEV. Verified patched builds and runnable fi
CVE-2017-0147: Information Disclosure in Microsoft SMBv1 server. Runnable fix commands and patched builds.
CVE-2017-0148: Improper Input Validation in Microsoft SMBv1 server. Runnable fix commands and patched builds.
CVE-2017-0149: Out-of-Bounds Write in Microsoft Internet Explorer. Runnable fix commands and patched builds.
CVE-2017-0199 is a remote code execution in Microsoft Corporation Office/WordPad. CVSS 7.8 High. Patch commands, mitigations, and verificati
CVE-2017-0210: Elevation of Privilege in Microsoft Internet Explorer. Runnable fix commands and patched builds.
CVE-2017-0213 is a Elevation of Privilege flaw in Microsoft Windows. Actively exploited per CISA KEV. Verified patched builds and runnable f
CVE-2017-0222 is an out-of-bounds write in Internet Explorer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2017-0261 is an use-after-free in Microsoft Office. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-0262 is a security vulnerability in Microsoft Office. This page lists verified fix commands and short-term mitigations you can run
CVE-2017-0263 is an use-after-free in Microsoft Windows. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-1000253 - Security Vulnerability in Kernel. Runnable patch commands, mitigation snippets, and verification steps on this page.
CVE-2017-10271 is a missing authentication in WebLogic Server. This page lists verified fix commands and short-term mitigations you can run
CVE-2017-11292 is an access of resource using incompatible type in Adobe Flash Player version 27.0.0.159 and earlier. This page lists verifi
CVE-2017-11774 is a security feature bypass in Microsoft Corporation Microsoft Outlook. CVSS 7.8 High. Patch commands, mitigations, and veri
CVE-2017-11826 is a buffer overflow in Microsoft Office. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-11882 is a remote code execution in Microsoft Corporation Microsoft Office. CVSS 7.8 High. Patch commands, mitigations, and verific
CVE-2017-12231 is a cwe-399 in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-12233 is an improper input validation in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run to
CVE-2017-12234 is an improper input validation in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run to
CVE-2017-12235 is an improper input validation in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run to
CVE-2017-12237 is a cwe-399 in Cisco IOS and IOS XE. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-12615 is a Unrestricted File Upload flaw in Apache Tomcat. Actively exploited per CISA KEV. Verified patched builds and runnable fi
CVE-2017-12617 is a Unrestricted File Upload flaw in Apache Tomcat. Actively exploited per CISA KEV. Verified patched builds and runnable fi
CVE-2017-12637 - Path Traversal in NetWeaver. Runnable patch commands, mitigation snippets, and verification steps on this page.
CVE-2017-16651 is a n/a in the vendor n/a. CVSS 7.8 High. Patch commands, mitigations, and verification.
CVE-2017-17562 is a security vulnerability in Embedthis GoAhead. This page lists verified fix commands and short-term mitigations you can ru
CVE-2017-3506 - Command Injection in WebLogic Server. Runnable patch commands, mitigation snippets, and verification steps on this page.
CVE-2017-5030 out-of-bounds read in Google Chrome Prior To 57.0.2987.98 For Linux, Windows And Mac, And 57.0.2987.108 For Android. Runnable
CVE-2017-5070 access of resource using incompatible type ('type confusion') in Google Chrome Prior To 59.0.3071.86 For Linux, Windows And Ma
CVE-2017-5521 is a security vulnerability in Multiple Devices. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2017-6327 is a code execution in Symantec Corporation Messaging Gateway. CVSS 8.8 High. Patch commands, mitigations, and verification.
CVE-2017-6334: OS Command Injection in NETGEAR DGN2200 Devices. Runnable fix commands and patched builds.
CVE-2017-6627 is a cwe-399 in Cisco IOS and Cisco IOS XE. This page lists verified fix commands and short-term mitigations you can run today
CVE-2017-6736 is a buffer overflow in IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6737 is a buffer overflow in IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6738 is a buffer overflow in Cisco IOS XE Software. This page lists verified fix commands and short-term mitigations you can run to
CVE-2017-6739 is a buffer overflow in Universal Product. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6740 is a buffer overflow in IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6742 improper restriction of operations within the bounds of a memory buffer in Cisco Ios Xe Software. Runnable upgrade commands an
CVE-2017-6743 is a buffer overflow in IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6744 is a buffer overflow in IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-6884 improper neutralization of special elements used in an os command ('os command i in Emg2926 Routers. Runnable upgrade commands
CVE-2017-8291 is a Type Confusion flaw in Artifex Ghostscript. Actively exploited per CISA KEV. Verified patched builds and runnable fix com
CVE-2017-8464 is a security vulnerability in Windows Shell. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2017-8540 is an out-of-bounds write in Malware Protection Engine. This page lists verified fix commands and short-term mitigations you c
CVE-2017-8570 is a security vulnerability in Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft
CVE-2017-8759 is a remote code execution in Microsoft Corporation Microsoft .NET Framework. CVSS 7.8 High. Patch commands, mitigations, and
CVE-2017-9805 is a deserialization of untrusted data in Apache Struts. This page lists verified fix commands and short-term mitigations you
CVE-2017-9822: Remote Code Execution via untrusted deserialization of Xml data in DotNetNuke CMS Fixed in 9.1.1. Patch commands and verifica
CVE-2017-0022: Memory Corruption in Microsoft XML Core Services. Runnable fix commands and patched builds.
CVE-2017-0059: Information Disclosure in Microsoft Internet Explorer. Runnable fix commands and patched builds.
CVE-2017-12232 is a cwe-399 in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-12238 is a cwe-399 in Cisco IOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2017-12319 is an improper input validation in Cisco IOS XE. This page lists verified fix commands and short-term mitigations you can run
CVE-2017-6663 is a security vulnerability in Cisco IOS and IOS XE. This page lists verified fix commands and short-term mitigations you can