CVEs from 2017
Total
11,665
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2693 | high | 7.8 | 7.8 | 9y ago | ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150… | |||
| CVE-2017-2692 | high | 7.8 | 7.8 | 9y ago | The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earl… | |||
| CVE-2017-5711 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to e… | |||
| CVE-2017-5710 | high | 7.8 | 7.8 | 9y ago | Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector. | |||
| CVE-2017-5709 | high | 7.8 | 7.8 | 9y ago | Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. | |||
| CVE-2017-5708 | high | 7.8 | 7.8 | 9y ago | Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector. | |||
| CVE-2017-5707 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code. | |||
| CVE-2017-5706 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. | |||
| CVE-2017-5705 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. | |||
| CVE-2017-2919 | high | 7.8 | 7.8 | 9y ago | An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execu… | |||
| CVE-2017-2897 | high | 7.8 | 7.8 | 9y ago | An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An atta… | |||
| CVE-2017-2896 | high | 7.8 | 7.8 | 9y ago | An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution.… | |||
| CVE-2017-12111 | high | 7.8 | 7.8 | 9y ago | An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code ex… | |||
| CVE-2017-12110 | high | 7.8 | 7.8 | 9y ago | An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution. | |||
| CVE-2017-12608 | high | 7.8 | 7.8 | 9y ago | A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory… | |||
| CVE-2017-12607 | high | 7.8 | 7.8 | 9y ago | A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and appl… | |||
| CVE-2017-9806 | high | 7.8 | 7.8 | 9y ago | A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory… | |||
| CVE-2017-16882 | high | 7.8 | 7.8 | 9y ago | Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a… | |||
| CVE-2017-4939 | high | 7.8 | 7.8 | 9y ago | VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL… | |||
| CVE-2017-4937 | high | 7.8 | 7.8 | 9y ago | VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m… | |||
| CVE-2017-4936 | high | 7.8 | 7.8 | 9y ago | VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m… | |||
| CVE-2017-4935 | high | 7.8 | 7.8 | 9y ago | VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this … | |||
| CVE-2017-10887 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-16869 | high | 7.8 | 7.8 | 9y ago | p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related … | |||
| CVE-2017-1000229 | high | 7.8 | 7.8 | 9y ago | Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service. | |||
| CVE-2017-1000187 | high | 7.8 | 7.8 | 9y ago | In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF() | |||
| CVE-2017-0865 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195. | |||
| CVE-2017-0864 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Product: Android. Versions: Android kernel. Android ID: A-37277147. References: M-ALPS03394571. | |||
| CVE-2017-0863 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Upstream kernel video driver. Product: Android. Versions: Android kernel. Android ID: A-37950620. | |||
| CVE-2017-0862 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-36006779. | |||
| CVE-2017-0861 | high | 7.8 | 7.8 | 9y ago | Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. | |||
| CVE-2017-0843 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek ccci. Product: Android. Versions: Android kernel. Android ID: A-62670819. References: M-ALPS03361488. | |||
| CVE-2017-0842 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37502513. | |||
| CVE-2017-0841 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026. | |||
| CVE-2017-0838 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-63522818. | |||
| CVE-2017-0836 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226. | |||
| CVE-2017-0835 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63316832. | |||
| CVE-2017-0834 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953. | |||
| CVE-2017-0833 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384. | |||
| CVE-2017-0832 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820. | |||
| CVE-2017-0831 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (window manager). Product: Android. Versions: 8.0. Android ID: A-37442941. | |||
| CVE-2017-0830 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62623498. | |||
| CVE-2017-9721 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image. | |||
| CVE-2017-9719 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame siz… | |||
| CVE-2017-9702 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly accessed in a camera driver. | |||
| CVE-2017-9690 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vuln… | |||
| CVE-2017-11092 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can pote… | |||
| CVE-2017-11091 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free co… | |||
| CVE-2017-11085 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msm_… | |||
| CVE-2017-11073 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qcacld pktlog allows mapping memory via /proc/ath_pktlog/cld to user space. | |||
| CVE-2017-11038 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header, range checks can be bypassed by supplying diffe… | |||
| CVE-2017-11035 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr… | |||
| CVE-2017-11032 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in … | |||
| CVE-2017-11029 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux d… | |||
| CVE-2017-11027 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header s… | |||
| CVE-2017-11026 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be c… | |||
| CVE-2017-11024 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After Fr… | |||
| CVE-2017-11023 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in acc… | |||
| CVE-2017-11018 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel | |||
| CVE-2017-11017 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or acce… | |||
| CVE-2017-11015 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in… | |||
| CVE-2017-11014 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overf… | |||
| CVE-2017-11013 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boun… | |||
| CVE-2017-11012 | high | 7.8 | 7.8 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 … | |||
| CVE-2017-0866 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kerne… | |||
| CVE-2017-4932 | high | 7.8 | 7.8 | 9y ago | VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Su… | |||
| CVE-2017-4931 | high | 7.8 | 7.8 | 9y ago | VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this… | |||
| CVE-2017-1087 | high | 7.8 | 7.8 | 9y ago | In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory… | |||
| CVE-2017-12314 | high | 7.8 | 7.8 | 9y ago | A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device avail… | |||
| CVE-2017-13135 | high | 7.8 | 7.8 | 9y ago | A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure. | |||
| CVE-2017-16837 | high | 7.8 | 7.8 | 9y ago | Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module… | |||
| CVE-2017-16834 | high | 7.8 | 7.8 | 9y ago | PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows local users to gain privileges by leveraging acc… | |||
| CVE-2017-15115 | high | 7.8 | 7.8 | 9y ago | The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of… | |||
| CVE-2017-15288 | high | 7.8 | 7.8 | 9y ago | High severity vulnerability that affects org.scala-lang:scala-compiler | |||
| CVE-2017-16832 | high | 7.8 | 7.8 | 9y ago | The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dic… | |||
| CVE-2017-16831 | high | 7.8 | 7.8 | 9y ago | coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of servi… | |||
| CVE-2017-16830 | high | 7.8 | 7.8 | 9y ago | The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (seg… | |||
| CVE-2017-16829 | high | 7.8 | 7.8 | 9y ago | The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, whi… | |||
| CVE-2017-16828 | high | 7.8 | 7.8 | 9y ago | The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or p… | |||
| CVE-2017-16827 | high | 7.8 | 7.8 | 9y ago | The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service… | |||
| CVE-2017-16826 | high | 7.8 | 7.8 | 9y ago | The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service … | |||
| CVE-2017-11884 | high | 7.8 | 7.8 | 9y ago | Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corru… | |||
| CVE-2017-11878 | high | 7.8 | 7.8 | 9y ago | Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibi… | |||
| CVE-2017-11847 | high | 7.8 | 7.8 | 9y ago | Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Ser… | |||
| CVE-2017-6264 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution … | |||
| CVE-2017-14020 | high | 7.8 | 7.8 | 9y ago | In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number E… | |||
| CVE-2017-14388 | high | 7.8 | 7.8 | 9y ago | Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an… | |||
| CVE-2017-3767 | high | 7.8 | 7.8 | 9y ago | A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. An attacker with local privileges could execute co… | |||
| CVE-2017-3166 | high | 7.8 | 7.8 | 9y ago | Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main | |||
| CVE-2017-10885 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-7132 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a den… | |||
| CVE-2017-13843 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context o… | |||
| CVE-2017-13838 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context … | |||
| CVE-2017-13834 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corrupt… | |||
| CVE-2017-13833 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged contex… | |||
| CVE-2017-13830 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or c… | |||
| CVE-2017-13829 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged contex… | |||
| CVE-2017-13825 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denia… | |||
| CVE-2017-13824 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary co… | |||
| CVE-2017-13816 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a den… |