CVEs from 2017
Total
11,662
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14553 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14552 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14551 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14550 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Possible Stack Corruption starting at STDUDjVuFile!… | |||
| CVE-2017-14549 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x00000000000… | |||
| CVE-2017-14548 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "User Mode Write AV starting at STDUDjVuFile!DllUnregisterServer+0x0… | |||
| CVE-2017-14547 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .mobi file, related to a "Read Access Violation starting at STDUMOBIFile!DllU… | |||
| CVE-2017-14546 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64Not… | |||
| CVE-2017-14545 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14544 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address is used as one or more arg… | |||
| CVE-2017-14543 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection … | |||
| CVE-2017-14542 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!D… | |||
| CVE-2017-14541 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address control… | |||
| CVE-2017-14540 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14539 | high | 7.8 | 7.8 | 9y ago | IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selectio… | |||
| CVE-2017-14538 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Wri… | |||
| CVE-2017-14520 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files. | |||
| CVE-2017-14518 | high | 7.8 | 7.8 | 9y ago | In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document. | |||
| CVE-2017-14497 | high | 7.8 | 7.8 | 9y ago | The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and m… | |||
| CVE-2017-10860 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable f… | |||
| CVE-2017-10859 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified di… | |||
| CVE-2017-10858 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-10855 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2809 | high | 7.8 | 7.8 | 9y ago | An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An… | |||
| CVE-2017-13779 | high | 7.8 | 7.8 | 9y ago | GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions.… | |||
| CVE-2017-14428 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions. | |||
| CVE-2017-14427 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/storage_account_root permissions. | |||
| CVE-2017-14426 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions. | |||
| CVE-2017-14425 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/etc/hnapasswd permissions. | |||
| CVE-2017-14424 | high | 7.8 | 7.8 | 9y ago | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/passwd permissions. | |||
| CVE-2017-12612 | high | 7.8 | 7.8 | 9y ago | Apache Spark Deserialization of Untrusted Data vulnerability | |||
| CVE-2017-7441 | high | 7.8 | 7.8 | 9y ago | In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak… | |||
| CVE-2017-14398 | high | 7.8 | 7.8 | 9y ago | rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalM… | |||
| CVE-2017-14412 | high | 7.8 | 7.8 | 9y ago | An invalid memory write was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a denial of service (segmentation fault and application crash… | |||
| CVE-2017-14411 | high | 7.8 | 7.8 | 9y ago | A stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of… | |||
| CVE-2017-14409 | high | 7.8 | 7.8 | 9y ago | A buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of … | |||
| CVE-2017-8744 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT … | |||
| CVE-2017-8743 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, a… | |||
| CVE-2017-8742 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013… | |||
| CVE-2017-8725 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft… | |||
| CVE-2017-8720 | high | 7.8 | 7.8 | 9y ago | The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and… | |||
| CVE-2017-8714 | high | 7.8 | 7.8 | 9y ago | The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to proper… | |||
| CVE-2017-8632 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Offic… | |||
| CVE-2017-8631 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT … | |||
| CVE-2017-8630 | high | 7.8 | 7.8 | 9y ago | Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique fr… | |||
| CVE-2017-8567 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution". | |||
| CVE-2017-1452 | high | 7.8 | 7.8 | 9y ago | IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180. | |||
| CVE-2017-1451 | high | 7.8 | 7.8 | 9y ago | IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178. | |||
| CVE-2017-14333 | high | 7.8 | 7.8 | 9y ago | The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have un… | |||
| CVE-2017-14312 | high | 7.8 | 7.8 | 9y ago | Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by … | |||
| CVE-2017-14310 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllU… | |||
| CVE-2017-14309 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllU… | |||
| CVE-2017-14308 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllU… | |||
| CVE-2017-14307 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14306 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllU… | |||
| CVE-2017-14305 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14304 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllG… | |||
| CVE-2017-14303 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllG… | |||
| CVE-2017-14302 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s… | |||
| CVE-2017-14301 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14300 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14299 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14298 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14297 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2Fil… | |||
| CVE-2017-14296 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting … | |||
| CVE-2017-14295 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2Fil… | |||
| CVE-2017-14294 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x0… | |||
| CVE-2017-14293 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Heap Corruption starting at wow64!Wow64LdrpInitialize+0x00000000000008… | |||
| CVE-2017-14292 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x0… | |||
| CVE-2017-14291 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x0… | |||
| CVE-2017-14290 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x00000000000000… | |||
| CVE-2017-14289 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000… | |||
| CVE-2017-14288 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000… | |||
| CVE-2017-14287 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "Read Access Violation on Control Flow starting at STDUJBIG2File+0x00… | |||
| CVE-2017-14286 | high | 7.8 | 7.8 | 9y ago | STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x0… | |||
| CVE-2017-14285 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address control… | |||
| CVE-2017-14284 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address control… | |||
| CVE-2017-14283 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting a… | |||
| CVE-2017-14282 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting a… | |||
| CVE-2017-14281 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address is used… | |||
| CVE-2017-14280 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address control… | |||
| CVE-2017-14279 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting a… | |||
| CVE-2017-14278 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting a… | |||
| CVE-2017-14277 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting a… | |||
| CVE-2017-14276 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Possible Stack Corruption starting… | |||
| CVE-2017-14275 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV near NULL starting at wow64!W… | |||
| CVE-2017-14274 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Wri… | |||
| CVE-2017-14273 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!Rt… | |||
| CVE-2017-14272 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000… | |||
| CVE-2017-14271 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!Rt… | |||
| CVE-2017-14270 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!Rt… | |||
| CVE-2017-14261 | high | 7.8 | 7.8 | 9y ago | In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted… | |||
| CVE-2017-14260 | high | 7.8 | 7.8 | 9y ago | In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arb… | |||
| CVE-2017-14259 | high | 7.8 | 7.8 | 9y ago | In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arb… | |||
| CVE-2017-14258 | high | 7.8 | 7.8 | 9y ago | In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbit… | |||
| CVE-2017-14257 | high | 7.8 | 7.8 | 9y ago | In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by op… | |||
| CVE-2017-0804 | high | 7.8 | 7.8 | 9y ago | A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487. | |||
| CVE-2017-0803 | high | 7.8 | 7.8 | 9y ago | A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36136137. References: M-ALPS03361477. | |||
| CVE-2017-0802 | high | 7.8 | 7.8 | 9y ago | A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36232120. References: M-ALPS03384818. | |||
| CVE-2017-0801 | high | 7.8 | 7.8 | 9y ago | A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Product: Android. Versions: Android kernel. Android ID: A-38447970. References: M-ALPS03337980. |