CVEs from 2017
Total
11,665
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13814 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial… | |||
| CVE-2017-13813 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a den… | |||
| CVE-2017-13812 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a den… | |||
| CVE-2017-13811 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged conte… | |||
| CVE-2017-13809 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted… | |||
| CVE-2017-13808 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privilege… | |||
| CVE-2017-13807 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial o… | |||
| CVE-2017-13800 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or … | |||
| CVE-2017-13799 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the … | |||
| CVE-2017-16797 | high | 7.8 | 7.8 | 9y ago | In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (… | |||
| CVE-2017-16796 | high | 7.8 | 7.8 | 9y ago | In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application cras… | |||
| CVE-2017-16793 | high | 7.8 | 7.8 | 9y ago | The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer ov… | |||
| CVE-2017-16757 | high | 7.8 | 7.8 | 9y ago | Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file. | |||
| CVE-2017-16667 | high | 7.8 | 7.8 | 9y ago | backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell com… | |||
| CVE-2017-12824 | high | 7.8 | 7.8 | 9y ago | Special crafted InPage document leads to arbitrary code execution in InPage reader. | |||
| CVE-2017-16659 | high | 7.8 | 7.8 | 9y ago | The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows local users to gain privileges by leveraging access to the assp user account to install a Trojan horse /usr/share/assp/assp.pl scrip… | |||
| CVE-2017-13681 | high | 7.8 | 7.8 | 9y ago | Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources t… | |||
| CVE-2017-14031 | high | 7.8 | 7.8 | 9y ago | An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privileges to read and write to the file system of the target machine. | |||
| CVE-2017-14029 | high | 7.8 | 7.8 | 9y ago | An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine. | |||
| CVE-2017-16526 | high | 7.8 | 7.8 | 9y ago | drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafte… | |||
| CVE-2017-12261 | high | 7.8 | 7.8 | 9y ago | A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated… | |||
| CVE-2017-10870 | high | 7.8 | 7.8 | 9y ago | Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2… | |||
| CVE-2017-10825 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-16358 | high | 7.8 | 7.8 | 9y ago | In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search. | |||
| CVE-2017-16357 | high | 7.8 | 7.8 | 9y ago | In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This … | |||
| CVE-2017-15566 | high | 7.8 | 7.8 | 9y ago | Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog… | |||
| CVE-2017-14376 | high | 7.8 | 7.8 | 9y ago | EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. | |||
| CVE-2017-9450 | high | 7.8 | 7.8 | 9y ago | The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the abili… | |||
| CVE-2017-15997 | high | 7.8 | 7.8 | 9y ago | In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attac… | |||
| CVE-2017-15996 | high | 7.8 | 7.8 | 9y ago | elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that trig… | |||
| CVE-2017-15951 | high | 7.8 | 7.8 | 9y ago | The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local… | |||
| CVE-2017-15945 | high | 7.8 | 7.8 | 9y ago | The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writab… | |||
| CVE-2017-15932 | high | 7.8 | 7.8 | 9y ago | In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing t… | |||
| CVE-2017-15931 | high | 7.8 | 7.8 | 9y ago | In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit syst… | |||
| CVE-2017-15924 | high | 7.8 | 7.8 | 9y ago | In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related t… | |||
| CVE-2017-5996 | high | 7.8 | 7.8 | 9y ago | The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions. | |||
| CVE-2017-12705 | high | 7.8 | 7.8 | 9y ago | A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an … | |||
| CVE-2017-15567 | high | 7.8 | 7.8 | 9y ago | The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via … | |||
| CVE-2017-7149 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APF… | |||
| CVE-2017-7137 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi… | |||
| CVE-2017-7136 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi… | |||
| CVE-2017-7135 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi… | |||
| CVE-2017-7134 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi… | |||
| CVE-2017-7127 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is… | |||
| CVE-2017-7114 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel"… | |||
| CVE-2017-7077 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged c… | |||
| CVE-2017-7076 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi… | |||
| CVE-2017-15789 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x000000… | |||
| CVE-2017-15788 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x000000… | |||
| CVE-2017-15787 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at … | |||
| CVE-2017-15786 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15785 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL st… | |||
| CVE-2017-15784 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnvie… | |||
| CVE-2017-15783 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address control… | |||
| CVE-2017-15782 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x000000… | |||
| CVE-2017-15781 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting a… | |||
| CVE-2017-15780 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15779 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Wri… | |||
| CVE-2017-15778 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15777 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImag… | |||
| CVE-2017-15776 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be … | |||
| CVE-2017-15775 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address control… | |||
| CVE-2017-15774 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow star… | |||
| CVE-2017-15773 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15772 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be … | |||
| CVE-2017-15769 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W… | |||
| CVE-2017-15768 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch … | |||
| CVE-2017-15767 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15766 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15765 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15764 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15763 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15762 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15761 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting… | |||
| CVE-2017-15760 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15759 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15758 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15757 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15756 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15755 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15754 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15753 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15752 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15751 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15750 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15749 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15748 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting… | |||
| CVE-2017-15747 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention V… | |||
| CVE-2017-15746 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15745 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15744 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Co… | |||
| CVE-2017-15743 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15742 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15741 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stac… | |||
| CVE-2017-15740 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15739 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15738 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15737 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15803 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render … | |||
| CVE-2017-15802 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render … |