CVEs from 2017
Total
11,665
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7263 | high | 7.8 | 7.8 | 9y ago | The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other… | |||
| CVE-2017-5510 | high | 7.8 | 7.8 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | |||
| CVE-2017-5509 | high | 7.8 | 7.8 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | |||
| CVE-2017-5506 | high | 7.8 | 7.8 | 9y ago | Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. | |||
| CVE-2017-7246 | high | 7.8 | 7.8 | 9y ago | Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unsp… | |||
| CVE-2017-7245 | high | 7.8 | 7.8 | 9y ago | Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspec… | |||
| CVE-2017-7199 | high | 7.8 | 7.8 | 9y ago | Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issu… | |||
| CVE-2017-5207 | high | 7.8 | 7.8 | 9y ago | Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. | |||
| CVE-2017-7231 | high | 7.8 | 7.8 | 9y ago | pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of th… | |||
| CVE-2017-5618 | high | 7.8 | 7.8 | 9y ago | GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. | |||
| CVE-2017-1134 | high | 7.8 | 7.8 | 9y ago | IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access. IBM Reference #: 1998459. | |||
| CVE-2017-7187 | high | 7.8 | 7.8 | 9y ago | The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact v… | |||
| CVE-2017-7184 | high | 7.8 | 7.8 | 9y ago | The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain r… | |||
| CVE-2017-0102 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let … | |||
| CVE-2017-0082 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is … | |||
| CVE-2017-0081 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a … | |||
| CVE-2017-0080 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnera… | |||
| CVE-2017-0079 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevati… | |||
| CVE-2017-0078 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a … | |||
| CVE-2017-0056 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 160… | |||
| CVE-2017-0053 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or… | |||
| CVE-2017-0052 | high | 7.8 | 7.8 | 9y ago | Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (… | |||
| CVE-2017-0050 | high | 7.8 | 7.8 | 9y ago | The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows … | |||
| CVE-2017-0047 | high | 7.8 | 7.8 | 9y ago | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol… | |||
| CVE-2017-0039 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validat… | |||
| CVE-2017-0031 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf… | |||
| CVE-2017-0030 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attack… | |||
| CVE-2017-0026 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnera… | |||
| CVE-2017-0025 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; a… | |||
| CVE-2017-0024 | high | 7.8 | 7.8 | 9y ago | The kernel-mode drivers in Microsoft Windows 10 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vu… | |||
| CVE-2017-0020 | high | 7.8 | 7.8 | 9y ago | Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr… | |||
| CVE-2017-0019 | high | 7.8 | 7.8 | 9y ago | Microsoft Word 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." … | |||
| CVE-2017-0006 | high | 7.8 | 7.8 | 9y ago | Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (… | |||
| CVE-2017-6429 | high | 7.8 | 7.8 | 9y ago | Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | |||
| CVE-2017-6852 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image. | |||
| CVE-2017-6844 | high | 7.8 | 7.8 | 9y ago | Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||
| CVE-2017-6843 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||
| CVE-2017-6828 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WA… | |||
| CVE-2017-6827 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impa… | |||
| CVE-2017-6903 | high | 7.8 | 7.8 | 9y ago | In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engin… | |||
| CVE-2017-2983 | high | 7.8 | 7.8 | 9y ago | Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to escalation of privilege. | |||
| CVE-2017-6798 | high | 7.8 | 7.8 | 9y ago | Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. | |||
| CVE-2017-0528 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as H… | |||
| CVE-2017-0522 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High … | |||
| CVE-2017-0510 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic… | |||
| CVE-2017-0509 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit… | |||
| CVE-2017-0508 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Criti… | |||
| CVE-2017-0507 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Criti… | |||
| CVE-2017-0506 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0505 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0504 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0503 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0502 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0501 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0500 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic… | |||
| CVE-2017-0481 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be … | |||
| CVE-2017-0480 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec… | |||
| CVE-2017-0479 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec… | |||
| CVE-2017-0478 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This is… | |||
| CVE-2017-0477 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as… | |||
| CVE-2017-0476 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated a… | |||
| CVE-2017-0475 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0474 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0473 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0472 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0471 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0470 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0469 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0468 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0467 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0466 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C… | |||
| CVE-2017-0455 | high | 7.8 | 7.8 | 9y ago | An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is … | |||
| CVE-2017-0338 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0337 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0335 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0333 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0307 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-0306 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2017-5613 | high | 7.8 | 7.8 | 9y ago | Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. | |||
| CVE-2017-5235 | high | 7.8 | 7.8 | 9y ago | Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current wor… | |||
| CVE-2017-5234 | high | 7.8 | 7.8 | 9y ago | Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working dir… | |||
| CVE-2017-5233 | high | 7.8 | 7.8 | 9y ago | Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working direc… | |||
| CVE-2017-5232 | high | 7.8 | 7.8 | 9y ago | All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current worki… | |||
| CVE-2017-6401 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat. | |||
| CVE-2017-6319 | high | 7.8 | 7.8 | 9y ago | The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified ot… | |||
| CVE-2017-6347 | high | 7.8 | 7.8 | 9y ago | The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service … | |||
| CVE-2017-6345 | high | 7.8 | 7.8 | 9y ago | The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possi… | |||
| CVE-2017-5886 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||
| CVE-2017-5853 | high | 7.8 | 7.8 | 9y ago | Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | |||
| CVE-2017-5884 | high | 7.8 | 7.8 | 9y ago | gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) … | |||
| CVE-2017-2791 | high | 7.8 | 7.8 | 9y ago | JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function… | |||
| CVE-2017-5669 | high | 7.8 | 7.8 | 9y ago | The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and conseque… | |||
| CVE-2017-6310 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an… | |||
| CVE-2017-6309 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. | |||
| CVE-2017-6308 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. | |||
| CVE-2017-6307 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacke… | |||
| CVE-2017-6306 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c." | |||
| CVE-2017-6305 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write." | |||
| CVE-2017-6304 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read." | |||
| CVE-2017-6303 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow." |