CVEs from 2017
Total
11,693
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9152 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41. | |||
| CVE-2017-9151 | critical | 9.8 | 9.8 | 9y ago | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12. | |||
| CVE-2017-6821 | critical | 9.8 | 9.8 | 9y ago | Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2017-6813 | critical | 9.8 | 9.8 | 9y ago | A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations. | |||
| CVE-2017-2527 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "CoreAnimation" component. It allows remote attackers to execute arbitrary code or cause a … | |||
| CVE-2017-2524 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2523 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2522 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2520 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2519 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2518 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-2513 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve… | |||
| CVE-2017-9119 | critical | 9.8 | 9.8 | 9y ago | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact b… | |||
| CVE-2017-7504 | critical | 9.8 | 9.8 | 9y ago | HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes fo… | |||
| CVE-2017-6027 | critical | 9.8 | 9.8 | 9y ago | An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizati… | |||
| CVE-2017-6025 | critical | 9.8 | 9.8 | 9y ago | A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizatio… | |||
| CVE-2017-5174 | critical | 9.8 | 9.8 | 9y ago | An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architectu… | |||
| CVE-2017-5173 | critical | 9.8 | 9.8 | 9y ago | An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnera… | |||
| CVE-2017-6622 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privil… | |||
| CVE-2017-7503 | critical | 9.8 | 9.8 | 9y ago | It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read fil… | |||
| CVE-2017-9058 | critical | 9.8 | 9.8 | 9y ago | In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. | |||
| CVE-2017-9055 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read. | |||
| CVE-2017-9054 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer was dereferenced just before it was checked for being in bounds, leading to… | |||
| CVE-2017-9052 | critical | 9.8 | 9.8 | 9y ago | An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few pl… | |||
| CVE-2017-9051 | critical | 9.8 | 9.8 | 9y ago | libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. | |||
| CVE-2017-6195 | critical | 9.8 | 9.8 | 9y ago | Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20. | |||
| CVE-2017-9031 | critical | 9.8 | 9.8 | 9y ago | The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. | |||
| CVE-2017-5215 | critical | 9.8 | 9.8 | 9y ago | The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution. | |||
| CVE-2017-9026 | critical | 9.8 | 9.8 | 9y ago | Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted f… | |||
| CVE-2017-6079 | critical | 9.8 | 9.8 | 9y ago | The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use th… | |||
| CVE-2017-6886 | critical | 9.8 | 9.8 | 9y ago | An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory. | |||
| CVE-2017-6885 | critical | 9.8 | 9.8 | 9y ago | An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 t… | |||
| CVE-2017-6890 | critical | 9.8 | 9.8 | 9y ago | A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer … | |||
| CVE-2017-6889 | critical | 9.8 | 9.8 | 9y ago | An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. | |||
| CVE-2017-0252 | critical | 9.8 | 9.8 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-0223 | critical | 9.8 | 9.8 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-8923 | critical | 9.8 | 9.8 | 9y ago | The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial… | |||
| CVE-2017-7474 | critical | 9.8 | 9.8 | 9y ago | keycloak-connect and keycloak-js improperly handle invalid tokens | |||
| CVE-2017-8911 | critical | 9.8 | 9.8 | 9y ago | An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. | |||
| CVE-2017-8898 | critical | 9.8 | 9.8 | 9y ago | Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack use… | |||
| CVE-2017-8798 | critical | 9.8 | 9.8 | 9y ago | Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||
| CVE-2017-5461 | critical | 9.8 | 9.8 | 9y ago | Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of… | |||
| CVE-2017-7888 | critical | 9.8 | 9.8 | 9y ago | Dolibarr ERP and CRM Insecure Encryption | |||
| CVE-2017-7886 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter | |||
| CVE-2017-8859 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | |||
| CVE-2017-8858 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | |||
| CVE-2017-8857 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | |||
| CVE-2017-8856 | critical | 9.8 | 9.8 | 9y ago | In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | |||
| CVE-2017-4982 | critical | 9.8 | 9.8 | 9y ago | EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise t… | |||
| CVE-2017-7925 | critical | 9.8 | 9.8 | 9y ago | A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX,… | |||
| CVE-2017-7909 | critical | 9.8 | 9.8 | 9y ago | A Use of Client-Side Authentication issue was discovered in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior. The web interface uses JavaScript to check client authentication and red… | |||
| CVE-2017-8799 | critical | 9.8 | 9.8 | 9y ago | Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. To … | |||
| CVE-2017-8796 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/communication_p2p.php allows SQL injection with the app_id parameter. | |||
| CVE-2017-8790 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection. | |||
| CVE-2017-8789 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists. | |||
| CVE-2017-8303 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter. | |||
| CVE-2017-8786 | critical | 9.8 | 9.8 | 9y ago | pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. | |||
| CVE-2017-8768 | critical | 9.8 | 9.8 | 9y ago | Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree… | |||
| CVE-2017-8775 | critical | 9.8 | 9.8 | 9y ago | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | |||
| CVE-2017-8774 | critical | 9.8 | 9.8 | 9y ago | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | |||
| CVE-2017-8773 | critical | 9.8 | 9.8 | 9y ago | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validatio… | |||
| CVE-2017-7432 | critical | 9.8 | 9.8 | 9y ago | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. | |||
| CVE-2017-7476 | critical | 9.8 | 9.8 | 9y ago | Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c. | |||
| CVE-2017-6551 | critical | 9.8 | 9.8 | 9y ago | Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. | |||
| CVE-2017-8399 | critical | 9.8 | 9.8 | 9y ago | PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures." | |||
| CVE-2017-8378 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspe… | |||
| CVE-2017-8366 | critical | 9.8 | 9.8 | 9y ago | The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other imp… | |||
| CVE-2017-8359 | critical | 9.8 | 9.8 | 9y ago | Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c. | |||
| CVE-2017-8358 | critical | 9.8 | 9.8 | 9y ago | LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | |||
| CVE-2017-7945 | critical | 9.8 | 9.8 | 9y ago | The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempt… | |||
| CVE-2017-2142 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-7895 | critical | 9.8 | 9.8 | 9y ago | The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possi… | |||
| CVE-2017-8305 | critical | 9.8 | 9.8 | 9y ago | The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy. | |||
| CVE-2017-8307 | critical | 9.8 | 9.8 | 9y ago | In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulner… | |||
| CVE-2017-8297 | critical | 9.8 | 9.8 | 9y ago | A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component). | |||
| CVE-2017-8289 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attac… | |||
| CVE-2017-8287 | critical | 9.8 | 9.8 | 9y ago | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. | |||
| CVE-2017-8283 | critical | 9.8 | 9.8 | 9y ago | dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct dire… | |||
| CVE-2017-8225 | critical | 9.8 | 9.8 | 9y ago | On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and… | |||
| CVE-2017-8224 | critical | 9.8 | 9.8 | 9y ago | Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. | |||
| CVE-2017-8218 | critical | 9.8 | 9.8 | 9y ago | vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password,… | |||
| CVE-2017-3234 | critical | 9.8 | 9.8 | 9y ago | Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulner… | |||
| CVE-2017-8105 | critical | 9.8 | 9.8 | 9y ago | FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. | |||
| CVE-2017-8076 | critical | 9.8 | 9.8 | 9y ago | On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | |||
| CVE-2017-8075 | critical | 9.8 | 9.8 | 9y ago | On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | |||
| CVE-2017-8074 | critical | 9.8 | 9.8 | 9y ago | On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmw… | |||
| CVE-2017-7991 | critical | 9.8 | 9.8 | 9y ago | Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php. | |||
| CVE-2017-8051 | critical | 9.8 | 9.8 | 9y ago | Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote… | |||
| CVE-2017-5158 | critical | 9.8 | 9.8 | 9y ago | An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parame… | |||
| CVE-2017-5645 | critical | 9.8 | 9.8 | 9y ago | Deserialization of Untrusted Data in Log4j | |||
| CVE-2017-5651 | critical | 9.8 | 9.8 | 9y ago | Expected Behavior Violation in Apache Tomcat | |||
| CVE-2017-7882 | critical | 9.8 | 9.8 | 9y ago | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |||
| CVE-2017-7878 | critical | 9.8 | 9.8 | 9y ago | SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | |||
| CVE-2017-7875 | critical | 9.8 | 9.8 | 9y ago | In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer o… | |||
| CVE-2017-7870 | critical | 9.8 | 9.8 | 9y ago | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | |||
| CVE-2017-7866 | critical | 9.8 | 9.8 | 9y ago | FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | |||
| CVE-2017-7865 | critical | 9.8 | 9.8 | 9y ago | FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align… | |||
| CVE-2017-7864 | critical | 9.8 | 9.8 | 9y ago | FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | |||
| CVE-2017-7863 | critical | 9.8 | 9.8 | 9y ago | FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | |||
| CVE-2017-7862 | critical | 9.8 | 9.8 | 9y ago | FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. |