CVEs from 2017
Total
11,610
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13056 | high | 7.8 | 8.8 | 9y ago | The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | |||
| CVE-2017-16995 | high | 7.8 | 8.8 | 9y ago | The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by lev… | |||
| CVE-2017-13876 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the … | |||
| CVE-2017-13875 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privi… | |||
| CVE-2017-13867 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the … | |||
| CVE-2017-13861 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows a… | |||
| CVE-2017-13847 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary co… | |||
| CVE-2017-5717 | high | 7.8 | 8.8 | 9y ago | Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. | |||
| CVE-2017-13156 | high | 7.8 | 8.8 | 9y ago | An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. | |||
| CVE-2017-14355 | high | 7.8 | 8.8 | 9y ago | A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege. | |||
| CVE-2017-8824 | high | 7.8 | 8.8 | 9y ago | The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system… | |||
| CVE-2017-16895 | high | 7.8 | 8.8 | 9y ago | The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5) arqs3glacierrestorer helper apps in Arq 5.x before 5.10 for Mac allow local users to gain root privileges … | |||
| CVE-2017-16939 | high | 7.8 | 8.8 | 9y ago | The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCV… | |||
| CVE-2017-16777 | high | 7.8 | 8.8 | 9y ago | If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo h… | |||
| CVE-2017-14961 | high | 7.8 | 8.8 | 9y ago | In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. | |||
| CVE-2017-16001 | high | 7.8 | 8.8 | 9y ago | In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. | |||
| CVE-2017-16513 | high | 7.8 | 8.8 | 9y ago | Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729. | |||
| CVE-2017-16237 | high | 7.8 | 8.8 | 9y ago | In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C. | |||
| CVE-2017-12243 | high | 7.8 | 8.8 | 9y ago | A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authentica… | |||
| CVE-2017-15918 | high | 7.8 | 8.8 | 9y ago | Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks. | |||
| CVE-2017-15950 | high | 7.8 | 8.8 | 9y ago | Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destina… | |||
| CVE-2017-15649 | high | 7.8 | 8.8 | 9y ago | net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race co… | |||
| CVE-2017-12579 | high | 7.8 | 8.8 | 9y ago | An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. | |||
| CVE-2017-15221 | high | 7.8 | 8.8 | 9y ago | ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324. | |||
| CVE-2017-14627 | high | 7.8 | 8.8 | 9y ago | Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) a… | |||
| CVE-2017-14311 | high | 7.8 | 8.8 | 9y ago | The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows local users to gain privileges via a crafted 0x9C402088 IOCTL call. | |||
| CVE-2017-6008 | high | 7.8 | 8.8 | 9y ago | A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate p… | |||
| CVE-2017-14344 | high | 7.8 | 8.8 | 9y ago | This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system i… | |||
| CVE-2017-14266 | high | 7.8 | 8.8 | 9y ago | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | |||
| CVE-2017-14153 | high | 7.8 | 8.8 | 9y ago | This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system i… | |||
| CVE-2017-14075 | high | 7.8 | 8.8 | 9y ago | This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system i… | |||
| CVE-2017-1000083 | high | 7.8 | 8.8 | 9y ago | backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a fi… | |||
| CVE-2017-9650 | high | 7.8 | 8.8 | 9y ago | An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; AL… | |||
| CVE-2017-8665 | high | 7.8 | 8.8 | 9y ago | The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability." | |||
| CVE-2017-12653 | high | 7.8 | 8.8 | 9y ago | 360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory. | |||
| CVE-2017-7642 | high | 7.8 | 8.8 | 9y ago | The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the enco… | |||
| CVE-2017-8870 | high | 7.8 | 8.8 | 9y ago | Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file. | |||
| CVE-2017-8869 | high | 7.8 | 8.8 | 9y ago | Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file. | |||
| CVE-2017-11176 | high | 7.8 | 8.8 | 9y ago | The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to … | |||
| CVE-2017-8558 | high | 7.8 | 8.8 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows S… | |||
| CVE-2017-9872 | high | 7.8 | 8.8 | 9y ago | The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overfl… | |||
| CVE-2017-3629 | high | 7.8 | 8.8 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low pri… | |||
| CVE-2017-1000379 | high | 7.8 | 8.8 | 9y ago | The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Lin… | |||
| CVE-2017-1000371 | high | 7.8 | 8.8 | 9y ago | The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then t… | |||
| CVE-2017-1000370 | high | 7.8 | 8.8 | 9y ago | The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address… | |||
| CVE-2017-1000366 | high | 7.8 | 8.8 | 9y ago | glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note… | |||
| CVE-2017-9756 | high | 7.8 | 8.8 | 9y ago | The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspe… | |||
| CVE-2017-9750 | high | 7.8 | 8.8 | 9y ago | opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly… | |||
| CVE-2017-9749 | high | 7.8 | 8.8 | 9y ago | The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via … | |||
| CVE-2017-9748 | high | 7.8 | 8.8 | 9y ago | The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buff… | |||
| CVE-2017-9747 | high | 7.8 | 8.8 | 9y ago | The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buf… | |||
| CVE-2017-9746 | high | 7.8 | 8.8 | 9y ago | The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact… | |||
| CVE-2017-9742 | high | 7.8 | 8.8 | 9y ago | The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other… | |||
| CVE-2017-8487 | high | 7.8 | 8.8 | 9y ago | Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerabil… | |||
| CVE-2017-8461 | high | 7.8 | 8.8 | 9y ago | Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a … | |||
| CVE-2017-8541 | high | 7.8 | 8.8 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-8538 | high | 7.8 | 8.8 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-8311 | high | 7.8 | 8.8 | 9y ago | multiple issues in vlc | |||
| CVE-2017-4915 | high | 7.8 | 8.8 | 9y ago | VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to … | |||
| CVE-2017-6999 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6998 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6997 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6996 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6995 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6994 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6989 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component.… | |||
| CVE-2017-6978 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a pri… | |||
| CVE-2017-8849 | high | 7.8 | 8.8 | 9y ago | smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service. | |||
| CVE-2017-8422 | high | 7.8 | 8.8 | 9y ago | KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | |||
| CVE-2017-8927 | high | 7.8 | 8.8 | 9y ago | Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. | |||
| CVE-2017-8926 | high | 7.8 | 8.8 | 9y ago | Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. | |||
| CVE-2017-8852 | high | 7.8 | 8.8 | 9y ago | SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of da… | |||
| CVE-2017-0290 | high | 7.8 | 8.8 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-6953 | high | 7.8 | 8.8 | 9y ago | Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow with SEH Overwrite via long "Register a new card" input fields. There may be a risk of local code execution with untrusted inpu… | |||
| CVE-2017-7293 | high | 7.8 | 8.8 | 9y ago | The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCO… | |||
| CVE-2017-3622 | high | 7.8 | 8.8 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulner… | |||
| CVE-2017-7690 | high | 7.8 | 8.8 | 9y ago | Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program. | |||
| CVE-2017-7643 | high | 7.8 | 8.8 | 9y ago | Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program. | |||
| CVE-2017-3064 | high | 7.8 | 8.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-0165 | high | 7.8 | 8.8 | 9y ago | An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handle… | |||
| CVE-2017-0160 | high | 7.8 | 8.8 | 9y ago | Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability." | |||
| CVE-2017-2490 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2483 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2482 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2474 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2473 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2472 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the … | |||
| CVE-2017-2443 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privi… | |||
| CVE-2017-7310 | high | 7.8 | 8.8 | 9y ago | A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Se… | |||
| CVE-2017-7308 | high | 7.8 | 8.8 | 9y ago | The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (in… | |||
| CVE-2017-6191 | high | 7.8 | 8.8 | 9y ago | Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. | |||
| CVE-2017-6178 | high | 7.8 | 8.8 | 9y ago | The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference. | |||
| CVE-2017-0108 | high | 7.8 | 8.8 | 9y ago | The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows… | |||
| CVE-2017-0100 | high | 7.8 | 8.8 | 9y ago | A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 201… | |||
| CVE-2017-6060 | high | 7.8 | 8.8 | 9y ago | Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. | |||
| CVE-2017-5881 | high | 7.8 | 8.8 | 9y ago | GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file. | |||
| CVE-2017-2370 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involve… | |||
| CVE-2017-2360 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involve… | |||
| CVE-2017-2353 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged contex… | |||
| CVE-2017-6074 | high | 7.8 | 8.8 | 9y ago | The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain r… |