CVEs from 2017
Total
11,665
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14692 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000… | |||
| CVE-2017-14691 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14690 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14689 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14688 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllU… | |||
| CVE-2017-14687 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st… | |||
| CVE-2017-14686 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x… | |||
| CVE-2017-14685 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st… | |||
| CVE-2017-9725 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed wh… | |||
| CVE-2017-9724 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writ… | |||
| CVE-2017-9720 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur. | |||
| CVE-2017-9677 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, w… | |||
| CVE-2017-8278 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | |||
| CVE-2017-8277 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not … | |||
| CVE-2017-8251 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not che… | |||
| CVE-2017-8250 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. An integer overf… | |||
| CVE-2017-8247 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would l… | |||
| CVE-2017-11041 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. | |||
| CVE-2017-11000 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. | |||
| CVE-2017-10999 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing … | |||
| CVE-2017-10998 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is … | |||
| CVE-2017-10997 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory. | |||
| CVE-2017-12252 | high | 7.8 | 7.8 | 9y ago | A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availabil… | |||
| CVE-2017-14617 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files. | |||
| CVE-2017-14610 | high | 7.8 | 7.8 | 9y ago | bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary pro… | |||
| CVE-2017-14609 | high | 7.8 | 7.8 | 9y ago | The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to thi… | |||
| CVE-2017-14580 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.41 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000… | |||
| CVE-2017-14579 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "Read Access Violation on Control Flow starting at STDUJBIG2File!DllG… | |||
| CVE-2017-14578 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14577 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Control Flow starting at Unknown Symbol @ 0… | |||
| CVE-2017-14576 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Possible Stack Corruption starting at Unknown Symbol… | |||
| CVE-2017-14575 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14574 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x0000000004940490." | |||
| CVE-2017-14573 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14572 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x000000000479049b c… | |||
| CVE-2017-14571 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14570 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64LdrpInitialize+0… | |||
| CVE-2017-14569 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Read Access Violation starting at STDUXPSFile!DllUnr… | |||
| CVE-2017-14568 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14567 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14566 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x00000000039d76c4 c… | |||
| CVE-2017-14565 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Possible Stack Corruption starting at Unknown Symbol… | |||
| CVE-2017-14564 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14563 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at STDUXPSFile!Dll… | |||
| CVE-2017-14562 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64Noti… | |||
| CVE-2017-14561 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14560 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14559 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at STDUXPSFile!Dll… | |||
| CVE-2017-14558 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14557 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14556 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14555 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14554 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!… | |||
| CVE-2017-14553 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14552 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14551 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14550 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!… | |||
| CVE-2017-14549 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x00000000000… | |||
| CVE-2017-14548 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14547 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mobi file, related to a "Read Access Violation starting at STDUMOBIFile!DllU… | |||
| CVE-2017-14546 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64Not… | |||
| CVE-2017-14545 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14544 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14543 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14542 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!D… | |||
| CVE-2017-14541 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address control… | |||
| CVE-2017-14540 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14539 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14538 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Wri… | |||
| CVE-2017-14520 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files. | |||
| CVE-2017-14518 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document. | |||
| CVE-2017-14497 | high | 7.8 | 7.8 | 9y ago | The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and m… | |||
| CVE-2017-10860 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable f… | |||
| CVE-2017-10859 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified di… | |||
| CVE-2017-10858 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-10855 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2809 | high | 7.8 | 7.8 | 9y ago | An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An… | |||
| CVE-2017-13779 | high | 7.8 | 7.8 | 9y ago | GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions.… | |||
| CVE-2017-14428 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions. | |||
| CVE-2017-14427 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/storage_account_root permissions. | |||
| CVE-2017-14426 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions. | |||
| CVE-2017-14425 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/etc/hnapasswd permissions. | |||
| CVE-2017-14424 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/passwd permissions. | |||
| CVE-2017-12612 | high | 7.8 | 7.8 | 9y ago | Apache Spark Deserialization of Untrusted Data vulnerability | |||
| CVE-2017-7441 | high | 7.8 | 7.8 | 9y ago | In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak… | |||
| CVE-2017-14398 | high | 7.8 | 7.8 | 9y ago | rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalM… | |||
| CVE-2017-14412 | high | 7.8 | 7.8 | 9y ago | An invalid memory write was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a denial of service (segmentation fault and application crash… | |||
| CVE-2017-14411 | high | 7.8 | 7.8 | 9y ago | A stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of… | |||
| CVE-2017-14409 | high | 7.8 | 7.8 | 9y ago | A buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of … | |||
| CVE-2017-8744 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT … | |||
| CVE-2017-8743 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, a… | |||
| CVE-2017-8742 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013… | |||
| CVE-2017-8725 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft… | |||
| CVE-2017-8720 | high | 7.8 | 7.8 | 9y ago | The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and… | |||
| CVE-2017-8714 | high | 7.8 | 7.8 | 9y ago | The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to proper… | |||
| CVE-2017-8632 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Offic… | |||
| CVE-2017-8631 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT … | |||
| CVE-2017-8630 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique fr… | |||
| CVE-2017-8567 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution". | |||
| CVE-2017-1452 | high | 7.8 | 7.8 | 9y ago | IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180. |