CVEs from 2017
Total
11,664
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15783 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address control… | |||
| CVE-2017-15782 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x000000… | |||
| CVE-2017-15781 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting a… | |||
| CVE-2017-15780 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15779 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Wri… | |||
| CVE-2017-15778 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15777 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImag… | |||
| CVE-2017-15776 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be … | |||
| CVE-2017-15775 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address control… | |||
| CVE-2017-15774 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow star… | |||
| CVE-2017-15773 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting a… | |||
| CVE-2017-15772 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be … | |||
| CVE-2017-15769 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W… | |||
| CVE-2017-15768 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch … | |||
| CVE-2017-15767 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15766 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15765 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15764 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15763 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15762 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15761 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting… | |||
| CVE-2017-15760 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15759 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15758 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15757 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15756 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15755 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15754 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NUL… | |||
| CVE-2017-15753 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15752 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15751 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15750 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15749 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15748 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting… | |||
| CVE-2017-15747 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention V… | |||
| CVE-2017-15746 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15745 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15744 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Co… | |||
| CVE-2017-15743 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Fau… | |||
| CVE-2017-15742 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15741 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stac… | |||
| CVE-2017-15740 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15739 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address co… | |||
| CVE-2017-15738 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15737 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access… | |||
| CVE-2017-15803 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render … | |||
| CVE-2017-15802 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render … | |||
| CVE-2017-15801 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render … | |||
| CVE-2017-12628 | high | 7.8 | 7.8 | 9y ago | Apache James Privilege Escalation | |||
| CVE-2017-14017 | high | 7.8 | 7.8 | 9y ago | An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote… | |||
| CVE-2017-15588 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry. | |||
| CVE-2017-15587 | high | 7.8 | 7.8 | 9y ago | An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | |||
| CVE-2017-6273 | high | 7.8 | 7.8 | 9y ago | NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may le… | |||
| CVE-2017-15385 | high | 7.8 | 7.8 | 9y ago | The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possi… | |||
| CVE-2017-0316 | high | 7.8 | 7.8 | 9y ago | In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, … | |||
| CVE-2017-15383 | high | 7.8 | 7.8 | 9y ago | Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory. | |||
| CVE-2017-15369 | high | 7.8 | 7.8 | 9y ago | The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a de… | |||
| CVE-2017-15368 | high | 7.8 | 7.8 | 9y ago | The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecif… | |||
| CVE-2017-15303 | high | 7.8 | 7.8 | 9y ago | In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an… | |||
| CVE-2017-15302 | high | 7.8 | 7.8 | 9y ago | In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver (e.g., cpuz143_x64.sys for version 1.43) that can result in information disclosure or elevation of privileges, be… | |||
| CVE-2017-8718 | high | 7.8 | 7.8 | 9y ago | The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 … | |||
| CVE-2017-8717 | high | 7.8 | 7.8 | 9y ago | The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 … | |||
| CVE-2017-11825 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how… | |||
| CVE-2017-11782 | high | 7.8 | 7.8 | 9y ago | The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the … | |||
| CVE-2017-11769 | high | 7.8 | 7.8 | 9y ago | The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, … | |||
| CVE-2017-10865 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note thi… | |||
| CVE-2017-10864 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-10863 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note thi… | |||
| CVE-2017-15264 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one o… | |||
| CVE-2017-15263 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15262 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address con… | |||
| CVE-2017-15261 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Sta… | |||
| CVE-2017-15260 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15259 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15258 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access … | |||
| CVE-2017-15257 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address con… | |||
| CVE-2017-15256 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15255 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access … | |||
| CVE-2017-15254 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access … | |||
| CVE-2017-15253 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting … | |||
| CVE-2017-15252 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Blo… | |||
| CVE-2017-15251 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address con… | |||
| CVE-2017-15250 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access … | |||
| CVE-2017-15249 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address con… | |||
| CVE-2017-15248 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address con… | |||
| CVE-2017-15247 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15246 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Blo… | |||
| CVE-2017-15245 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15244 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code … | |||
| CVE-2017-15243 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Sta… | |||
| CVE-2017-15242 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting … | |||
| CVE-2017-15241 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faul… | |||
| CVE-2017-15240 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access … | |||
| CVE-2017-15239 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Add… | |||
| CVE-2017-12188 | high | 7.8 | 7.8 | 9y ago | arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest… | |||
| CVE-2017-9714 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNI… | |||
| CVE-2017-9706 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver. | |||
| CVE-2017-9687 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that co… | |||
| CVE-2017-9686 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging i… | |||
| CVE-2017-9683 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offse… |