CVEs from 2017
Total
11,683
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7861 | critical | 9.8 | 9.8 | 9y ago | Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. | |||
| CVE-2017-7860 | critical | 9.8 | 9.8 | 9y ago | Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. | |||
| CVE-2017-7859 | critical | 9.8 | 9.8 | 9y ago | FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | |||
| CVE-2017-7858 | critical | 9.8 | 9.8 | 9y ago | FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | |||
| CVE-2017-7857 | critical | 9.8 | 9.8 | 9y ago | FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfob… | |||
| CVE-2017-7856 | critical | 9.8 | 9.8 | 9y ago | LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | |||
| CVE-2017-7628 | critical | 9.8 | 9.8 | 9y ago | The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability). | |||
| CVE-2017-7280 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code… | |||
| CVE-2017-7279 | critical | 9.8 | 9.8 | 9y ago | An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login. | |||
| CVE-2017-7719 | critical | 9.8 | 9.8 | 9y ago | SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_function… | |||
| CVE-2017-3063 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code executio… | |||
| CVE-2017-3062 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbi… | |||
| CVE-2017-3061 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3060 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3059 | critical | 9.8 | 9.8 | 9y ago | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-3037 | critical | 9.8 | 9.8 | 9y ago | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploita… | |||
| CVE-2017-7588 | critical | 9.8 | 9.8 | 9y ago | On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW… | |||
| CVE-2017-7695 | critical | 9.8 | 9.8 | 9y ago | Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code. | |||
| CVE-2017-7691 | critical | 9.8 | 9.8 | 9y ago | A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. | |||
| CVE-2017-7689 | critical | 9.8 | 9.8 | 9y ago | A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. | |||
| CVE-2017-7462 | critical | 9.8 | 9.8 | 9y ago | Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | |||
| CVE-2017-7625 | critical | 9.8 | 9.8 | 9y ago | In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code. | |||
| CVE-2017-7239 | critical | 9.8 | 9.8 | 9y ago | Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename. | |||
| CVE-2017-5983 | critical | 9.8 | 9.8 | 9y ago | The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, … | |||
| CVE-2017-7614 | critical | 9.8 | 9.8 | 9y ago | elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote a… | |||
| CVE-2017-0561 | critical | 9.8 | 9.8 | 9y ago | A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due … | |||
| CVE-2017-7577 | critical | 9.8 | 9.8 | 9y ago | XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. | |||
| CVE-2017-7576 | critical | 9.8 | 9.8 | 9y ago | DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credent… | |||
| CVE-2017-7575 | critical | 9.8 | 9.8 | 9y ago | Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus p… | |||
| CVE-2017-7574 | critical | 9.8 | 9.8 | 9y ago | Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized… | |||
| CVE-2017-3834 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete contr… | |||
| CVE-2017-7237 | critical | 9.8 | 9.8 | 9y ago | The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of th… | |||
| CVE-2017-0305 | critical | 9.8 | 9.8 | 9y ago | F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, an… | |||
| CVE-2017-7450 | critical | 9.8 | 9.8 | 9y ago | AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the management interface. It is possible to extract all information including the Wi-Fi password, reboot,… | |||
| CVE-2017-7540 | critical | 9.8 | 9.8 | 9y ago | Safemode Gem Has Incomplete List of Disallowed Inputs | |||
| CVE-2017-7410 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, … | |||
| CVE-2017-7402 | critical | 9.8 | 9.8 | 9y ago | Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, … | |||
| CVE-2017-5642 | critical | 9.8 | 9.8 | 9y ago | During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs. | |||
| CVE-2017-5949 | critical | 9.8 | 9.8 | 9y ago | JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possib… | |||
| CVE-2017-2477 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corrup… | |||
| CVE-2017-2434 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the presenc… | |||
| CVE-2017-2428 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nght… | |||
| CVE-2017-2423 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass int… | |||
| CVE-2017-2402 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multi… | |||
| CVE-2017-3010 | critical | 9.8 | 9.8 | 9y ago | Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitat… | |||
| CVE-2017-6182 | critical | 9.8 | 9.8 | 9y ago | In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | |||
| CVE-2017-7324 | critical | 9.8 | 9.8 | 9y ago | setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the core_path parameter. | |||
| CVE-2017-7321 | critical | 9.8 | 9.8 | 9y ago | setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the config_key parameter to the setup/index.php?action=welcome URI. | |||
| CVE-2017-7318 | critical | 9.8 | 9.8 | 9y ago | Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as… | |||
| CVE-2017-7191 | critical | 9.8 | 9.8 | 9y ago | The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. | |||
| CVE-2017-6542 | critical | 9.8 | 9.8 | 9y ago | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect… | |||
| CVE-2017-6013 | critical | 9.8 | 9.8 | 9y ago | Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter. | |||
| CVE-2017-2641 | critical | 9.8 | 9.8 | 9y ago | Moodle SQL injection via user preferences | |||
| CVE-2017-5511 | critical | 9.8 | 9.8 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | |||
| CVE-2017-5337 | critical | 9.8 | 9.8 | 9y ago | Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |||
| CVE-2017-5336 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted Op… | |||
| CVE-2017-5334 | critical | 9.8 | 9.8 | 9y ago | Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language in… | |||
| CVE-2017-6950 | critical | 9.8 | 9.8 | 9y ago | SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616. | |||
| CVE-2017-6895 | critical | 9.8 | 9.8 | 9y ago | USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml. | |||
| CVE-2017-6517 | critical | 9.8 | 9.8 | 9y ago | Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dl… | |||
| CVE-2017-6361 | critical | 9.8 | 9.8 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. | |||
| CVE-2017-6360 | critical | 9.8 | 9.8 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. | |||
| CVE-2017-6359 | critical | 9.8 | 9.8 | 9y ago | QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. | |||
| CVE-2017-5897 | critical | 9.8 | 9.8 | 9y ago | The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds … | |||
| CVE-2017-5538 | critical | 9.8 | 9.8 | 9y ago | The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified i… | |||
| CVE-2017-6972 | critical | 9.8 | 9.8 | 9y ago | AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulne… | |||
| CVE-2017-3853 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow rem… | |||
| CVE-2017-7214 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level lo… | |||
| CVE-2017-6550 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) … | |||
| CVE-2017-7174 | critical | 9.8 | 9.8 | 9y ago | The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5. | |||
| CVE-2017-6880 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command. | |||
| CVE-2017-6023 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE ver… | |||
| CVE-2017-3831 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full a… | |||
| CVE-2017-5522 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary… | |||
| CVE-2017-5496 | critical | 9.8 | 9.8 | 9y ago | Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash. | |||
| CVE-2017-5358 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (… | |||
| CVE-2017-5668 | critical | 9.8 | 9.8 | 9y ago | bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact … | |||
| CVE-2017-6080 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerabilit… | |||
| CVE-2017-5929 | critical | 9.8 | 9.8 | 9y ago | QOS.ch Logback vulnerable to Deserialization of Untrusted Data | |||
| CVE-2017-5674 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - … | |||
| CVE-2017-5619 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password strin… | |||
| CVE-2017-5626 | critical | 9.8 | 9.8 | 9y ago | OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking… | |||
| CVE-2017-5624 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot … | |||
| CVE-2017-6506 | critical | 9.8 | 9.8 | 9y ago | In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that se… | |||
| CVE-2017-5859 | critical | 9.8 | 9.8 | 9y ago | On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183. | |||
| CVE-2017-6558 | critical | 9.8 | 9.8 | 9y ago | iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router… | |||
| CVE-2017-6548 | critical | 9.8 | 9.8 | 9y ago | Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-A… | |||
| CVE-2017-5178 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is insta… | |||
| CVE-2017-3159 | critical | 9.8 | 9.8 | 9y ago | Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization | |||
| CVE-2017-5830 | critical | 9.8 | 9.8 | 9y ago | Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. | |||
| CVE-2017-6409 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access. | |||
| CVE-2017-6403 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. | |||
| CVE-2017-5885 | critical | 9.8 | 9.8 | 9y ago | Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly e… | |||
| CVE-2017-5581 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer bound… | |||
| CVE-2017-6350 | critical | 9.8 | 9.8 | 9y ago | An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,… | |||
| CVE-2017-6349 | critical | 9.8 | 9.8 | 9y ago | An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, whic… | |||
| CVE-2017-6342 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPS… | |||
| CVE-2017-5946 | critical | 9.8 | 9.8 | 9y ago | The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "… | |||
| CVE-2017-2790 | critical | 9.8 | 9.8 | 9y ago | When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses … | |||
| CVE-2017-2789 | critical | 9.8 | 9.8 | 9y ago | When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the… |