CVEs from 2017
Total
11,610
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14489 | medium | 5.5 | 6.5 | 9y ago | The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. | |||
| CVE-2017-8687 | medium | 5.5 | 6.5 | 9y ago | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and W… | |||
| CVE-2017-8685 | medium | 5.5 | 6.5 | 9y ago | Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure… | |||
| CVE-2017-8684 | medium | 5.5 | 6.5 | 9y ago | Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses ke… | |||
| CVE-2017-8683 | medium | 5.5 | 6.5 | 9y ago | Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Serve… | |||
| CVE-2017-8681 | medium | 5.5 | 6.5 | 9y ago | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and W… | |||
| CVE-2017-8680 | medium | 5.5 | 6.5 | 9y ago | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerab… | |||
| CVE-2017-8678 | medium | 5.5 | 6.5 | 9y ago | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and W… | |||
| CVE-2017-8918 | medium | 5.5 | 6.5 | 9y ago | XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file. | |||
| CVE-2017-9095 | medium | 5.5 | 6.5 | 9y ago | XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. | |||
| CVE-2017-11548 | medium | 5.5 | 6.5 | 9y ago | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file. | |||
| CVE-2017-11359 | medium | 5.5 | 6.5 | 9y ago | The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conve… | |||
| CVE-2017-11358 | medium | 5.5 | 6.5 | 9y ago | The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | |||
| CVE-2017-11333 | medium | 5.5 | 6.5 | 9y ago | The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. | |||
| CVE-2017-11332 | medium | 5.5 | 6.5 | 9y ago | The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. | |||
| CVE-2017-11331 | medium | 5.5 | 6.5 | 9y ago | The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. | |||
| CVE-2017-11330 | medium | 5.5 | 6.5 | 9y ago | The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in DivFix++ v0.34 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted avi fil… | |||
| CVE-2017-9412 | medium | 5.5 | 6.5 | 9y ago | The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file. | |||
| CVE-2017-9260 | medium | 5.5 | 6.5 | 9y ago | The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c… | |||
| CVE-2017-9259 | medium | 5.5 | 6.5 | 9y ago | The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application cra… | |||
| CVE-2017-9258 | medium | 5.5 | 6.5 | 9y ago | The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wa… | |||
| CVE-2017-7064 | medium | 5.5 | 6.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affe… | |||
| CVE-2017-8564 | medium | 5.5 | 6.5 | 9y ago | Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server … | |||
| CVE-2017-7950 | medium | 5.5 | 6.5 | 9y ago | Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file. | |||
| CVE-2017-9869 | medium | 5.5 | 6.5 | 9y ago | The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application cr… | |||
| CVE-2017-9130 | medium | 5.5 | 6.5 | 9y ago | The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted… | |||
| CVE-2017-9129 | medium | 5.5 | 6.5 | 9y ago | The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (large loop) via a crafted wav file. | |||
| CVE-2017-8469 | medium | 5.5 | 6.5 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an… | |||
| CVE-2017-4905 | medium | 5.5 | 6.5 | 9y ago | VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch … | |||
| CVE-2017-8537 | medium | 5.5 | 6.5 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-8536 | medium | 5.5 | 6.5 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-8535 | medium | 5.5 | 6.5 | 9y ago | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… | |||
| CVE-2017-9150 | medium | 5.5 | 6.5 | 9y ago | The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which all… | |||
| CVE-2017-6982 | medium | 5.5 | 6.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Notifications" component. It allows attackers to cause a denial of service via a crafted app. | |||
| CVE-2017-2509 | medium | 5.5 | 6.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a c… | |||
| CVE-2017-7472 | medium | 5.5 | 6.5 | 9y ago | The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring cal… | |||
| CVE-2017-0211 | medium | 5.5 | 6.5 | 9y ago | An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when … | |||
| CVE-2017-0167 | medium | 5.5 | 6.5 | 9y ago | An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory… | |||
| CVE-2017-2671 | medium | 5.5 | 6.5 | 9y ago | The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which al… | |||
| CVE-2017-2489 | medium | 5.5 | 6.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from… | |||
| CVE-2017-2388 | medium | 5.5 | 6.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointe… | |||
| CVE-2017-0060 | medium | 5.5 | 6.5 | 9y ago | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol… | |||
| CVE-2017-0045 | medium | 5.5 | 6.5 | 9y ago | Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise … | |||
| CVE-2017-0038 | medium | 5.5 | 6.5 | 9y ago | gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windo… | |||
| CVE-2017-5223 | medium | 5.5 | 6.5 | 10y ago | Local file disclosure in PHPMailer | |||
| CVE-2017-16819 | medium | 5.4 | 6.4 | 9y ago | A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name)… | |||
| CVE-2017-16843 | medium | 5.4 | 6.4 | 9y ago | Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic. | |||
| CVE-2017-16807 | medium | 5.4 | 6.4 | 9y ago | Kirby XSS Vulnerability | |||
| CVE-2017-16781 | medium | 5.4 | 6.4 | 9y ago | The installer in MyBB before 1.8.13 has XSS. | |||
| CVE-2017-16568 | medium | 5.4 | 6.4 | 9y ago | Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, w… | |||
| CVE-2017-16567 | medium | 5.4 | 6.4 | 9y ago | Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malic… | |||
| CVE-2017-15727 | medium | 5.4 | 6.4 | 9y ago | In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment. | |||
| CVE-2017-15284 | medium | 5.4 | 6.4 | 9y ago | OctoberCMS Cross-Site Scripting | |||
| CVE-2017-14717 | medium | 5.4 | 6.4 | 9y ago | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter. | |||
| CVE-2017-14712 | medium | 5.4 | 6.4 | 9y ago | In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter. | |||
| CVE-2017-3131 | medium | 5.4 | 6.4 | 9y ago | A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under … | |||
| CVE-2017-13754 | medium | 5.4 | 6.4 | 9y ago | Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the … | |||
| CVE-2017-9767 | medium | 5.4 | 6.4 | 9y ago | Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Name or (2) Description parameter … | |||
| CVE-2017-10046 | medium | 5.4 | 6.4 | 9y ago | Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 1… | |||
| CVE-2017-8550 | medium | 5.4 | 6.4 | 9y ago | A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka "Skype for Business Remote Code Execution Vulnerability". | |||
| CVE-2017-9516 | medium | 5.4 | 6.4 | 9y ago | Craft CMS XSS Vulnerability | |||
| CVE-2017-7953 | medium | 5.4 | 6.4 | 9y ago | INFOR EAM V11.0 Build 201410 has XSS via comment fields. | |||
| CVE-2017-3528 | medium | 5.4 | 6.4 | 9y ago | Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Supported versions that are affected are 12.… | |||
| CVE-2017-6340 | medium | 5.4 | 6.4 | 9y ago | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious J… | |||
| CVE-2017-11906 | medium | 5.3 | 6.3 | 9y ago | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv… | |||
| CVE-2017-15270 | medium | 5.3 | 6.3 | 9y ago | The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface… | |||
| CVE-2017-11830 | medium | 5.3 | 6.3 | 9y ago | Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security f… | |||
| CVE-2017-15223 | medium | 5.3 | 6.3 | 9y ago | Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an in… | |||
| CVE-2017-10355 | medium | 5.3 | 6.3 | 9y ago | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em… | |||
| CVE-2017-14085 | medium | 5.3 | 6.3 | 9y ago | Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version a… | |||
| CVE-2017-9978 | medium | 5.3 | 6.3 | 9y ago | On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system. An attacker could leverage this infor… | |||
| CVE-2017-9554 | medium | 5.3 | 6.3 | 9y ago | An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. | |||
| CVE-2017-3631 | medium | 5.3 | 6.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privilege… | |||
| CVE-2017-3630 | medium | 5.3 | 6.3 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low pri… | |||
| CVE-2017-8840 | medium | 5.3 | 6.3 | 9y ago | Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request t… | |||
| CVE-2017-6805 | medium | 5.3 | 6.3 | 9y ago | Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET command. | |||
| CVE-2017-0061 | medium | 5.3 | 6.3 | 9y ago | The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code i… | |||
| CVE-2017-5487 | medium | 5.3 | 6.3 | 10y ago | wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote… | |||
| CVE-2017-8492 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8491 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8490 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8489 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8488 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8485 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8484 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen… | |||
| CVE-2017-8483 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8482 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8481 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8480 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8479 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8478 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8477 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen… | |||
| CVE-2017-8476 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-8473 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allow an authenticated attacker to run a specially crafte… | |||
| CVE-2017-8472 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initiali… | |||
| CVE-2017-8471 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen… | |||
| CVE-2017-8470 | medium | 5.0 | 6.0 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen… | |||
| CVE-2017-8462 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-0300 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… | |||
| CVE-2017-0299 | medium | 5.0 | 6.0 | 9y ago | The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all… |