CVEs from 2017
Total
11,662
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11067 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentia… | |||
| CVE-2017-11059 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to… | |||
| CVE-2017-11057 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel … | |||
| CVE-2017-11056 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kerne… | |||
| CVE-2017-11053 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qo… | |||
| CVE-2017-11050 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible s… | |||
| CVE-2017-11048 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur. | |||
| CVE-2017-11046 | high | 7.8 | 7.8 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentia… | |||
| CVE-2017-13723 | high | 7.8 | 7.8 | 9y ago | In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other proble… | |||
| CVE-2017-15056 | high | 7.8 | 7.8 | 9y ago | p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as… | |||
| CVE-2017-12730 | high | 7.8 | 7.8 | 9y ago | An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary… | |||
| CVE-2017-2920 | high | 7.8 | 7.8 | 9y ago | An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, w… | |||
| CVE-2017-2880 | high | 7.8 | 7.8 | 9y ago | An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execu… | |||
| CVE-2017-12106 | high | 7.8 | 7.8 | 9y ago | A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. A specially crafted .TGA file can cause an out of bounds write resulting in potential code… | |||
| CVE-2017-1378 | high | 7.8 | 7.8 | 9y ago | IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. I… | |||
| CVE-2017-1201 | high | 7.8 | 7.8 | 9y ago | IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676. | |||
| CVE-2017-15020 | high | 7.8 | 7.8 | 9y ago | dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application cr… | |||
| CVE-2017-15019 | high | 7.8 | 7.8 | 9y ago | LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call. | |||
| CVE-2017-13993 | high | 7.8 | 7.8 | 9y ago | An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has be… | |||
| CVE-2017-12728 | high | 7.8 | 7.8 | 9y ago | An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executable… | |||
| CVE-2017-1000111 | high | 7.8 | 7.8 | 9y ago | Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety… | |||
| CVE-2017-8048 | high | 7.8 | 7.8 | 9y ago | In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allo… | |||
| CVE-2017-0827 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-A… | |||
| CVE-2017-0826 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-34949781. | |||
| CVE-2017-0812 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231. | |||
| CVE-2017-0811 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177. | |||
| CVE-2017-0810 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066. | |||
| CVE-2017-0809 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128. | |||
| CVE-2017-0806 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805. | |||
| CVE-2017-14773 | high | 7.8 | 7.8 | 9y ago | Skybox Manager Client Application prior to 8.5.501 is prone to an elevation of privileges vulnerability during authentication of a valid user in a debugger-pause state. The vulnerability can only be … | |||
| CVE-2017-14947 | high | 7.8 | 7.8 | 9y ago | Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at … | |||
| CVE-2017-14946 | high | 7.8 | 7.8 | 9y ago | Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Bra… | |||
| CVE-2017-14945 | high | 7.8 | 7.8 | 9y ago | Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at K… | |||
| CVE-2017-13684 | high | 7.8 | 7.8 | 9y ago | Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE before 43.211 allow remote authenticated users to cause a denial of service (program crash) or have unspecified other impact via v… | |||
| CVE-2017-14749 | high | 7.8 | 7.8 | 9y ago | JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecog… | |||
| CVE-2017-14745 | high | 7.8 | 7.8 | 9y ago | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, w… | |||
| CVE-2017-9961 | high | 7.8 | 7.8 | 9y ago | A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. B… | |||
| CVE-2017-9958 | high | 7.8 | 7.8 | 9y ago | An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an improper handling of the system configuration can allow an attac… | |||
| CVE-2017-14730 | high | 7.8 | 7.8 | 9y ago | The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by… | |||
| CVE-2017-14729 | high | 7.8 | 7.8 | 9y ago | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote … | |||
| CVE-2017-1362 | high | 7.8 | 7.8 | 9y ago | IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801. | |||
| CVE-2017-14694 | high | 7.8 | 7.8 | 9y ago | Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a … | |||
| CVE-2017-6277 | high | 7.8 | 7.8 | 9y ago | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated … | |||
| CVE-2017-6272 | high | 7.8 | 7.8 | 9y ago | NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which m… | |||
| CVE-2017-6269 | high | 7.8 | 7.8 | 9y ago | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validatio… | |||
| CVE-2017-6268 | high | 7.8 | 7.8 | 9y ago | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated … | |||
| CVE-2017-14693 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selecti… | |||
| CVE-2017-14692 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000… | |||
| CVE-2017-14691 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14690 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14689 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14688 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllU… | |||
| CVE-2017-14687 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st… | |||
| CVE-2017-14686 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x… | |||
| CVE-2017-14685 | high | 7.8 | 7.8 | 9y ago | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st… | |||
| CVE-2017-9725 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed wh… | |||
| CVE-2017-9724 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writ… | |||
| CVE-2017-9720 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur. | |||
| CVE-2017-9677 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, w… | |||
| CVE-2017-8278 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | |||
| CVE-2017-8277 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not … | |||
| CVE-2017-8251 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not che… | |||
| CVE-2017-8250 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. An integer overf… | |||
| CVE-2017-8247 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would l… | |||
| CVE-2017-11041 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. | |||
| CVE-2017-11000 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. | |||
| CVE-2017-10999 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing … | |||
| CVE-2017-10998 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is … | |||
| CVE-2017-10997 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory. | |||
| CVE-2017-12252 | high | 7.8 | 7.8 | 9y ago | A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availabil… | |||
| CVE-2017-14617 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files. | |||
| CVE-2017-14610 | high | 7.8 | 7.8 | 9y ago | bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary pro… | |||
| CVE-2017-14609 | high | 7.8 | 7.8 | 9y ago | The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to thi… | |||
| CVE-2017-14580 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.41 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000… | |||
| CVE-2017-14579 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "Read Access Violation on Control Flow starting at STDUJBIG2File!DllG… | |||
| CVE-2017-14578 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14577 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Control Flow starting at Unknown Symbol @ 0… | |||
| CVE-2017-14576 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Possible Stack Corruption starting at Unknown Symbol… | |||
| CVE-2017-14575 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14574 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x0000000004940490." | |||
| CVE-2017-14573 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14572 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x000000000479049b c… | |||
| CVE-2017-14571 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14570 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64LdrpInitialize+0… | |||
| CVE-2017-14569 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Read Access Violation starting at STDUXPSFile!DllUnr… | |||
| CVE-2017-14568 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14567 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14566 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x00000000039d76c4 c… | |||
| CVE-2017-14565 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Possible Stack Corruption starting at Unknown Symbol… | |||
| CVE-2017-14564 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14563 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at STDUXPSFile!Dll… | |||
| CVE-2017-14562 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64Noti… | |||
| CVE-2017-14561 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000… | |||
| CVE-2017-14560 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14559 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at STDUXPSFile!Dll… | |||
| CVE-2017-14558 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14557 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14556 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14555 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14554 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!… |