CVEs from 2017
Total
11,611
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8841 | high | 8.1 | 9.1 | 9y ago | Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology … | |||
| CVE-2017-2447 | high | 8.1 | 9.1 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo… | |||
| CVE-2017-6412 | high | 8.1 | 9.1 | 9y ago | In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. | |||
| CVE-2017-6528 | high | 8.1 | 9.1 | 9y ago | An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file). | |||
| CVE-2017-6351 | high | 8.1 | 9.1 | 9y ago | The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device u… | |||
| CVE-2017-9410 | high | — | 9.0 | — | multiple issues in lame | |||
| CVE-2017-5123 | high | — | 9.0 | — | Insufficient data validation in waitid allowed an user to escape sandboxes on Linux. | |||
| CVE-2017-18078 | high | — | 9.0 | — | systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass… | |||
| CVE-2017-9411 | high | — | 9.0 | — | multiple issues in lame | |||
| CVE-2017-5715 | high | — | 9.0 | 4y ago | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel a… | |||
| CVE-2017-5262 | high | 8.0 | 9.0 | 9y ago | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference. | |||
| CVE-2017-13129 | high | 8.0 | 9.0 | 9y ago | Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators … | |||
| CVE-2017-1000251 | high | 8.0 | 9.0 | 9y ago | The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing … | |||
| CVE-2017-7571 | high | 8.0 | 9.0 | 9y ago | public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges. | |||
| CVE-2017-5633 | high | 8.0 | 9.0 | 9y ago | Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (… | |||
| CVE-2017-3575 | high | 7.9 | 8.9 | 9y ago | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" v… | |||
| CVE-2017-5149 | high | 8.9 | 8.9 | 9y ago | An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). Th… | |||
| CVE-2017-6952 | high | 8.8 | 8.8 | 4y ago | Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or p… | |||
| CVE-2017-17516 | high | 8.8 | 8.8 | 4y ago | scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote att… | |||
| CVE-2017-10784 | high | 8.8 | 8.8 | 4y ago | WEBrick RCE Vulnerability | |||
| CVE-2017-14683 | high | 8.8 | 8.8 | 4y ago | Gem in a Box vulnerable to Cross-site Request Forgery | |||
| CVE-2017-12864 | high | 8.8 | 8.8 | 5y ago | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or… | |||
| CVE-2017-12862 | high | 8.8 | 8.8 | 5y ago | In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code … | |||
| CVE-2017-12603 | high | 8.8 | 8.8 | 5y ago | OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::i… | |||
| CVE-2017-12598 | high | 8.8 | 8.8 | 5y ago | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by … | |||
| CVE-2017-7235 | high | 8.8 | 8.8 | 8y ago | An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. … | |||
| CVE-2017-17990 | high | 8.8 | 8.8 | 9y ago | Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. | |||
| CVE-2017-17983 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter. | |||
| CVE-2017-17973 | high | 8.8 | 8.8 | 9y ago | In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue | |||
| CVE-2017-17960 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. | |||
| CVE-2017-17950 | high | 8.8 | 8.8 | 9y ago | Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. | |||
| CVE-2017-17942 | high | 8.8 | 8.8 | 9y ago | In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | |||
| CVE-2017-17939 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. | |||
| CVE-2017-17936 | high | 8.8 | 8.8 | 9y ago | Vanguard Marketplace Digital Products PHP has CSRF via /search. | |||
| CVE-2017-13056 | high | 7.8 | 8.8 | 9y ago | The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | |||
| CVE-2017-7160 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-7157 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-7156 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-17930 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. | |||
| CVE-2017-17915 | high | 8.8 | 8.8 | 9y ago | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. | |||
| CVE-2017-17913 | high | 8.8 | 8.8 | 9y ago | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use … | |||
| CVE-2017-17912 | high | 8.8 | 8.8 | 9y ago | In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. | |||
| CVE-2017-17908 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. | |||
| CVE-2017-17905 | high | 8.8 | 8.8 | 9y ago | PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. | |||
| CVE-2017-17903 | high | 8.8 | 8.8 | 9y ago | FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. | |||
| CVE-2017-17894 | high | 8.8 | 8.8 | 9y ago | Readymade Job Site Script has CSRF via the /job URI. | |||
| CVE-2017-17891 | high | 8.8 | 8.8 | 9y ago | Readymade Video Sharing Script has CSRF via user-profile-edit.php. | |||
| CVE-2017-17888 | high | 8.8 | 8.8 | 9y ago | cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter… | |||
| CVE-2017-17880 | high | 8.8 | 8.8 | 9y ago | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. | |||
| CVE-2017-17879 | high | 8.8 | 8.8 | 9y ago | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. | |||
| CVE-2017-16995 | high | 7.8 | 8.8 | 9y ago | The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by lev… | |||
| CVE-2017-12736 | high | 8.8 | 8.8 | 9y ago | After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of … | |||
| CVE-2017-13876 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the … | |||
| CVE-2017-13875 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privi… | |||
| CVE-2017-13870 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-13867 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the … | |||
| CVE-2017-13866 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-13861 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows a… | |||
| CVE-2017-13856 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected… | |||
| CVE-2017-13847 | high | 7.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary co… | |||
| CVE-2017-15313 | high | 8.8 | 8.8 | 9y ago | Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An remote authenticated attacker could inject malicious CSV expression to the affected device. | |||
| CVE-2017-15311 | high | 8.8 | 8.8 | 9y ago | The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00… | |||
| CVE-2017-15308 | high | 8.8 | 8.8 | 9y ago | Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load maliciou… | |||
| CVE-2017-17410 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in t… | |||
| CVE-2017-17409 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in t… | |||
| CVE-2017-17408 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in t… | |||
| CVE-2017-17831 | high | 8.8 | 8.8 | 9y ago | GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within … | |||
| CVE-2017-17827 | high | 8.8 | 8.8 | 9y ago | Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration§ion=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin use… | |||
| CVE-2017-16731 | high | 8.8 | 8.8 | 9y ago | An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentic… | |||
| CVE-2017-1757 | high | 8.8 | 8.8 | 9y ago | IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in … | |||
| CVE-2017-1746 | high | 8.8 | 8.8 | 9y ago | IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from … | |||
| CVE-2017-1696 | high | 8.8 | 8.8 | 9y ago | IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to… | |||
| CVE-2017-1631 | high | 8.8 | 8.8 | 9y ago | IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from … | |||
| CVE-2017-17476 | high | 8.8 | 8.8 | 9y ago | Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequent… | |||
| CVE-2017-4941 | high | 8.8 | 8.8 | 9y ago | VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC … | |||
| CVE-2017-4933 | high | 8.8 | 8.8 | 9y ago | VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap ov… | |||
| CVE-2017-16587 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16586 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16585 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16583 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16582 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16581 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16578 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16577 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16576 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16575 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16572 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-16571 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14837 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14836 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1. User interaction is required to exploit this vulnerability in that the target m… | |||
| CVE-2017-14835 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14834 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14833 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14832 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14831 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14830 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14829 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14828 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14827 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-14826 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the ta… |