CVEs from 2017
Total
11,681
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9363 | critical | 9.8 | 9.8 | 9y ago | Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request. | |||
| CVE-2017-9360 | critical | 9.8 | 9.8 | 9y ago | WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php. | |||
| CVE-2017-9294 | critical | 9.8 | 9.8 | 9y ago | RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. | |||
| CVE-2017-9148 | critical | 9.8 | 9.8 | 9y ago | The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, … | |||
| CVE-2017-7915 | critical | 9.8 | 9.8 | 9y ago | An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 0912… | |||
| CVE-2017-7913 | critical | 9.8 | 9.8 | 9y ago | A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions,… | |||
| CVE-2017-9265 | critical | 9.8 | 9.8 | 9y ago | In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. | |||
| CVE-2017-9264 | critical | 9.8 | 9.8 | 9y ago | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extr… | |||
| CVE-2017-9034 | critical | 9.8 | 9.8 | 9y ago | Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate soft… | |||
| CVE-2017-9228 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular ex… | |||
| CVE-2017-9227 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular express… | |||
| CVE-2017-9226 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regu… | |||
| CVE-2017-9225 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str… | |||
| CVE-2017-9224 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression… | |||
| CVE-2017-2801 | critical | 9.8 | 9.8 | 9y ago | A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially c… | |||
| CVE-2017-9214 | critical | 9.8 | 9.8 | 9y ago | In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pu… | |||
| CVE-2017-6131 | critical | 9.8 | 9.8 | 9y ago | In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. … | |||
| CVE-2017-9200 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. | |||
| CVE-2017-9199 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. | |||
| CVE-2017-9198 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. | |||
| CVE-2017-9197 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. | |||
| CVE-2017-9196 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. | |||
| CVE-2017-9195 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27. | |||
| CVE-2017-9194 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29. | |||
| CVE-2017-9193 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33. | |||
| CVE-2017-9192 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7. | |||
| CVE-2017-9191 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15. | |||
| CVE-2017-9188 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63. | |||
| CVE-2017-9187 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. | |||
| CVE-2017-9186 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17. | |||
| CVE-2017-9185 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. | |||
| CVE-2017-9184 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. | |||
| CVE-2017-9183 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7. | |||
| CVE-2017-9173 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29. | |||
| CVE-2017-9172 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29. | |||
| CVE-2017-9171 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24. | |||
| CVE-2017-9170 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25. | |||
| CVE-2017-9169 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25. | |||
| CVE-2017-9168 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25. | |||
| CVE-2017-9167 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25. | |||
| CVE-2017-9166 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11. | |||
| CVE-2017-9165 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11. | |||
| CVE-2017-9164 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11. | |||
| CVE-2017-9163 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54. | |||
| CVE-2017-9162 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2. | |||
| CVE-2017-9161 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23. | |||
| CVE-2017-9160 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12. | |||
| CVE-2017-9153 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13. | |||
| CVE-2017-9152 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41. | |||
| CVE-2017-9151 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12. | |||
| CVE-2017-6821 | critical | 9.8 | 9.8 | 9y ago | Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2017-6813 | critical | 9.8 | 9.8 | 9y ago | A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations. | |||
| CVE-2017-2520 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2519 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2518 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2513 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-9119 | critical | 9.8 | 9.8 | 9y ago | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact b… | |||
| CVE-2017-7504 | critical | 9.8 | 9.8 | 9y ago | HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes fo… | |||
| CVE-2017-6027 | critical | 9.8 | 9.8 | 9y ago | An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizati… | |||
| CVE-2017-6025 | critical | 9.8 | 9.8 | 9y ago | A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizatio… | |||
| CVE-2017-7503 | critical | 9.8 | 9.8 | 9y ago | It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read fil… | |||
| CVE-2017-9058 | critical | 9.8 | 9.8 | 9y ago | In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. | |||
| CVE-2017-9055 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read. | |||
| CVE-2017-9054 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer was dereferenced just before it was checked for being in bounds, leading to… | |||
| CVE-2017-9052 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few pl… | |||
| CVE-2017-9051 | critical | 9.8 | 9.8 | 9y ago | libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. | |||
| CVE-2017-6195 | critical | 9.8 | 9.8 | 9y ago | Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20. | |||
| CVE-2017-9031 | critical | 9.8 | 9.8 | 9y ago | The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. | |||
| CVE-2017-5215 | critical | 9.8 | 9.8 | 9y ago | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution. | |||
| CVE-2017-9026 | critical | 9.8 | 9.8 | 9y ago | Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted f… | |||
| CVE-2017-6079 | critical | 9.8 | 9.8 | 9y ago | The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use th… | |||
| CVE-2017-6886 | critical | 9.8 | 9.8 | 9y ago | An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory. | |||
| CVE-2017-6885 | critical | 9.8 | 9.8 | 9y ago | An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 t… | |||
| CVE-2017-6890 | critical | 9.8 | 9.8 | 9y ago | A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer … | |||
| CVE-2017-6889 | critical | 9.8 | 9.8 | 9y ago | An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. | |||
| CVE-2017-0252 | critical | 9.8 | 9.8 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-0223 | critical | 9.8 | 9.8 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-8923 | critical | 9.8 | 9.8 | 9y ago | RHSA-2023:2903: php:7.4 security update (Moderate) | |||
| CVE-2017-7474 | critical | 9.8 | 9.8 | 9y ago | keycloak-connect and keycloak-js improperly handle invalid tokens | |||
| CVE-2017-8911 | critical | 9.8 | 9.8 | 9y ago | An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. | |||
| CVE-2017-8898 | critical | 9.8 | 9.8 | 9y ago | Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack use… | |||
| CVE-2017-5461 | critical | 9.8 | 9.8 | 9y ago | Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of… | |||
| CVE-2017-7888 | critical | 9.8 | 9.8 | 9y ago | Dolibarr ERP and CRM Insecure Encryption | |||
| CVE-2017-7886 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter | |||
| CVE-2017-8859 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | |||
| CVE-2017-8858 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | |||
| CVE-2017-8857 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | |||
| CVE-2017-8856 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | |||
| CVE-2017-4982 | critical | 9.8 | 9.8 | 9y ago | EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise t… | |||
| CVE-2017-7925 | critical | 9.8 | 9.8 | 9y ago | A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX,… | |||
| CVE-2017-7909 | critical | 9.8 | 9.8 | 9y ago | A Use of Client-Side Authentication issue was discovered in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior. The web interface uses JavaScript to check client authentication and red… | |||
| CVE-2017-8799 | critical | 9.8 | 9.8 | 9y ago | Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. To … | |||
| CVE-2017-8796 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/communication_p2p.php allows SQL injection with the app_id parameter. | |||
| CVE-2017-8790 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection. | |||
| CVE-2017-8789 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists. | |||
| CVE-2017-8303 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter. | |||
| CVE-2017-8786 | critical | 9.8 | 9.8 | 9y ago | pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. | |||
| CVE-2017-8768 | critical | 9.8 | 9.8 | 9y ago | Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree… | |||
| CVE-2017-8775 | critical | 9.8 | 9.8 | 9y ago | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | |||
| CVE-2017-8774 | critical | 9.8 | 9.8 | 9y ago | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. |