CVEs from 2017
Total
11,679
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14055 | medium | 6.5 | 6.5 | 9y ago | In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "… | |||
| CVE-2017-14054 | medium | 6.5 | 6.5 | 9y ago | In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" fiel… | |||
| CVE-2017-13670 | medium | 6.5 | 6.5 | 9y ago | In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file. | |||
| CVE-2017-14042 | medium | 6.5 | 6.5 | 9y ago | A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of … | |||
| CVE-2017-9945 | medium | 6.5 | 6.5 | 9y ago | In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local E… | |||
| CVE-2017-13777 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts o… | |||
| CVE-2017-13776 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts o… | |||
| CVE-2017-13775 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the r… | |||
| CVE-2017-13769 | medium | 6.5 | 6.5 | 9y ago | The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. | |||
| CVE-2017-13768 | medium | 6.5 | 6.5 | 9y ago | Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. | |||
| CVE-2017-13758 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c. | |||
| CVE-2017-13673 | medium | 6.5 | 6.5 | 9y ago | The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot… | |||
| CVE-2017-12875 | medium | 6.5 | 6.5 | 9y ago | The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file. | |||
| CVE-2017-12422 | medium | 6.5 | 6.5 | 9y ago | NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors. | |||
| CVE-2017-13744 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0. | |||
| CVE-2017-13743 | medium | 6.5 | 6.5 | 9y ago | There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack. | |||
| CVE-2017-13742 | medium | 6.5 | 6.5 | 9y ago | There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile() in compileTranslationTable.c, that will lead to a remote denial of service attack. | |||
| CVE-2017-13741 | medium | 6.5 | 6.5 | 9y ago | There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack. | |||
| CVE-2017-13737 | medium | 6.5 | 6.5 | 9y ago | There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | |||
| CVE-2017-13736 | medium | 6.5 | 6.5 | 9y ago | There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | |||
| CVE-2017-13734 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack. | |||
| CVE-2017-13733 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | |||
| CVE-2017-13732 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | |||
| CVE-2017-13731 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. | |||
| CVE-2017-13730 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | |||
| CVE-2017-13729 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack. | |||
| CVE-2017-13727 | medium | 6.5 | 6.5 | 9y ago | There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of servic… | |||
| CVE-2017-13726 | medium | 6.5 | 6.5 | 9y ago | There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service atta… | |||
| CVE-2017-1110 | medium | 6.5 | 6.5 | 9y ago | IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. IBM X-Force … | |||
| CVE-2017-10834 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | |||
| CVE-2017-12925 | medium | 6.5 | 6.5 | 9y ago | Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image. | |||
| CVE-2017-12924 | medium | 6.5 | 6.5 | 9y ago | CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted fpx image. | |||
| CVE-2017-12923 | medium | 6.5 | 6.5 | 9y ago | OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||
| CVE-2017-12922 | medium | 6.5 | 6.5 | 9y ago | wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||
| CVE-2017-12921 | medium | 6.5 | 6.5 | 9y ago | PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||
| CVE-2017-12920 | medium | 6.5 | 6.5 | 9y ago | CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. | |||
| CVE-2017-12919 | medium | 6.5 | 6.5 | 9y ago | Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image. | |||
| CVE-2017-12877 | medium | 6.5 | 6.5 | 9y ago | Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-12876 | medium | 6.5 | 6.5 | 9y ago | Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-7693 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in viewer_script.jsp in Riverbed OPNET App Response Xpert (ARX) version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files. | |||
| CVE-2017-12074 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name… | |||
| CVE-2017-13658 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exi… | |||
| CVE-2017-13648 | medium | 6.5 | 6.5 | 9y ago | In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | |||
| CVE-2017-12809 | medium | 6.5 | 6.5 | 9y ago | QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process… | |||
| CVE-2017-13145 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash. | |||
| CVE-2017-13144 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder. | |||
| CVE-2017-13142 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. | |||
| CVE-2017-13141 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. | |||
| CVE-2017-13140 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a P… | |||
| CVE-2017-13134 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted fi… | |||
| CVE-2017-13133 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. | |||
| CVE-2017-13132 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denia… | |||
| CVE-2017-13131 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList … | |||
| CVE-2017-12843 | medium | 6.5 | 6.5 | 9y ago | Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command. | |||
| CVE-2017-13066 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | |||
| CVE-2017-13065 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | |||
| CVE-2017-13064 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | |||
| CVE-2017-13063 | medium | 6.5 | 6.5 | 9y ago | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | |||
| CVE-2017-13062 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via … | |||
| CVE-2017-13061 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exh… | |||
| CVE-2017-13060 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-13059 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) … | |||
| CVE-2017-13058 | medium | 6.5 | 6.5 | 9y ago | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. | |||
| CVE-2017-7424 | medium | 6.5 | 6.5 | 9y ago | A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote auth… | |||
| CVE-2017-12966 | medium | 6.5 | 6.5 | 9y ago | The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file. | |||
| CVE-2017-12967 | medium | 6.5 | 6.5 | 9y ago | The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer… | |||
| CVE-2017-12957 | medium | 6.5 | 6.5 | 9y ago | There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service. | |||
| CVE-2017-12956 | medium | 6.5 | 6.5 | 9y ago | There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | |||
| CVE-2017-6778 | medium | 6.5 | 6.5 | 9y ago | A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. The vulnera… | |||
| CVE-2017-12445 | medium | 6.5 | 6.5 | 9y ago | The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||
| CVE-2017-12444 | medium | 6.5 | 6.5 | 9y ago | The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||
| CVE-2017-12443 | medium | 6.5 | 6.5 | 9y ago | The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||
| CVE-2017-12442 | medium | 6.5 | 6.5 | 9y ago | The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||
| CVE-2017-12441 | medium | 6.5 | 6.5 | 9y ago | The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file. | |||
| CVE-2017-12855 | medium | 6.5 | 6.5 | 9y ago | Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is fre… | |||
| CVE-2017-11149 | medium | 6.5 | 6.5 | 9y ago | Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary loc… | |||
| CVE-2017-3122 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-3118 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious … | |||
| CVE-2017-3115 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a P… | |||
| CVE-2017-11265 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphi… | |||
| CVE-2017-11258 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11255 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11252 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphi… | |||
| CVE-2017-11249 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11248 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11246 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11245 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11244 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11243 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine.… | |||
| CVE-2017-11242 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11239 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11238 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11236 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal han… | |||
| CVE-2017-11233 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11232 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanc… | |||
| CVE-2017-11230 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 en… | |||
| CVE-2017-11217 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11210 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing… | |||
| CVE-2017-11209 | medium | 6.5 | 6.5 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when re… | |||
| CVE-2017-11148 | medium | 6.5 | 6.5 | 9y ago | Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors. |