CVEs from 2017
Total
11,662
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-10755 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address co… | |||
| CVE-2017-10754 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address co… | |||
| CVE-2017-10753 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address co… | |||
| CVE-2017-10752 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address co… | |||
| CVE-2017-10751 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address co… | |||
| CVE-2017-10750 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at ntdll_7… | |||
| CVE-2017-10749 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at wow64!W… | |||
| CVE-2017-10748 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x00000000… | |||
| CVE-2017-10747 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x00000000… | |||
| CVE-2017-10746 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!Rt… | |||
| CVE-2017-10745 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at… | |||
| CVE-2017-10744 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting a… | |||
| CVE-2017-10743 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at… | |||
| CVE-2017-10742 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at … | |||
| CVE-2017-10741 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!Rt… | |||
| CVE-2017-10740 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!Rt… | |||
| CVE-2017-10739 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at … | |||
| CVE-2017-10738 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at … | |||
| CVE-2017-10737 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!Rt… | |||
| CVE-2017-10736 | high | 7.8 | 7.8 | 9y ago | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memze… | |||
| CVE-2017-10735 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Br… | |||
| CVE-2017-10734 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wo… | |||
| CVE-2017-10733 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Br… | |||
| CVE-2017-10732 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Br… | |||
| CVE-2017-10731 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x00… | |||
| CVE-2017-10730 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x00… | |||
| CVE-2017-10729 | high | 7.8 | 7.8 | 9y ago | IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnC… | |||
| CVE-2017-10728 | high | 7.8 | 7.8 | 9y ago | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDeb… | |||
| CVE-2017-10727 | high | 7.8 | 7.8 | 9y ago | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Branch Selection sta… | |||
| CVE-2017-10726 | high | 7.8 | 7.8 | 9y ago | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address may be used as a return value… | |||
| CVE-2017-10929 | high | 7.8 | 7.8 | 9y ago | The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecifie… | |||
| CVE-2017-10686 | high | 7.8 | 7.8 | 9y ago | In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function… | |||
| CVE-2017-3748 | high | 7.8 | 7.8 | 9y ago | On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly k… | |||
| CVE-2017-10671 | high | 7.8 | 7.8 | 9y ago | Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impa… | |||
| CVE-2017-9996 | high | 7.8 | 7.8 | 9y ago | The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY forma… | |||
| CVE-2017-9995 | high | 7.8 | 7.8 | 9y ago | libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application c… | |||
| CVE-2017-9994 | high | 7.8 | 7.8 | 9y ago | libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cau… | |||
| CVE-2017-9991 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows r… | |||
| CVE-2017-9986 | high | 7.8 | 7.8 | 9y ago | The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by c… | |||
| CVE-2017-9985 | high | 7.8 | 7.8 | 9y ago | The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecifi… | |||
| CVE-2017-9984 | high | 7.8 | 7.8 | 9y ago | The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecifie… | |||
| CVE-2017-9949 | high | 7.8 | 7.8 | 9y ago | The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecif… | |||
| CVE-2017-6669 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a us… | |||
| CVE-2017-9871 | high | 7.8 | 7.8 | 9y ago | The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and ap… | |||
| CVE-2017-9776 | high | 7.8 | 7.8 | 9y ago | Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspe… | |||
| CVE-2017-7918 | medium | 6.8 | 7.8 | 9y ago | An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups u… | |||
| CVE-2017-2813 | high | 7.8 | 7.8 | 9y ago | An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory … | |||
| CVE-2017-9780 | high | 7.8 | 7.8 | 9y ago | In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with… | |||
| CVE-2017-3745 | high | 7.8 | 7.8 | 9y ago | In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authent… | |||
| CVE-2017-1000365 | high | 7.8 | 7.8 | 9y ago | The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment poin… | |||
| CVE-2017-4985 | high | 7.8 | 7.8 | 9y ago | In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization … | |||
| CVE-2017-9755 | high | 7.8 | 7.8 | 9y ago | opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or p… | |||
| CVE-2017-9754 | high | 7.8 | 7.8 | 9y ago | The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attac… | |||
| CVE-2017-9753 | high | 7.8 | 7.8 | 9y ago | The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which all… | |||
| CVE-2017-9752 | high | 7.8 | 7.8 | 9y ago | bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application cr… | |||
| CVE-2017-9751 | high | 7.8 | 7.8 | 9y ago | opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspec… | |||
| CVE-2017-9745 | high | 7.8 | 7.8 | 9y ago | The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service… | |||
| CVE-2017-9744 | high | 7.8 | 7.8 | 9y ago | The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of s… | |||
| CVE-2017-9743 | high | 7.8 | 7.8 | 9y ago | The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecif… | |||
| CVE-2017-9670 | high | 7.8 | 7.8 | 9y ago | An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly hav… | |||
| CVE-2017-8552 | high | 7.8 | 7.8 | 9y ago | A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of p… | |||
| CVE-2017-8513 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability". | |||
| CVE-2017-8511 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique … | |||
| CVE-2017-8507 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability". | |||
| CVE-2017-8506 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique … | |||
| CVE-2017-8468 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Win… | |||
| CVE-2017-8466 | high | 7.8 | 7.8 | 9y ago | Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevat… | |||
| CVE-2017-8465 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Win… | |||
| CVE-2017-0296 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attack… | |||
| CVE-2017-0294 | high | 7.8 | 7.8 | 9y ago | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attack… | |||
| CVE-2017-0292 | high | 7.8 | 7.8 | 9y ago | Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafte… | |||
| CVE-2017-0291 | high | 7.8 | 7.8 | 9y ago | Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafte… | |||
| CVE-2017-0260 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique … | |||
| CVE-2017-0193 | high | 7.8 | 7.8 | 9y ago | Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 201… | |||
| CVE-2017-0663 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated a… | |||
| CVE-2017-0648 | high | 7.8 | 7.8 | 9y ago | An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High d… | |||
| CVE-2017-0638 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issu… | |||
| CVE-2017-0637 | high | 7.8 | 7.8 | 9y ago | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is… | |||
| CVE-2017-8241 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length. | |||
| CVE-2017-8240 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability. | |||
| CVE-2017-8238 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function. | |||
| CVE-2017-8237 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image. | |||
| CVE-2017-8236 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver. | |||
| CVE-2017-8234 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function. | |||
| CVE-2017-8233 | high | 7.8 | 7.8 | 9y ago | In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write. | |||
| CVE-2017-7373 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver. | |||
| CVE-2017-7371 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth. | |||
| CVE-2017-7369 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption. | |||
| CVE-2017-7367 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image. | |||
| CVE-2017-7365 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated. | |||
| CVE-2017-9552 | high | 7.8 | 7.8 | 9y ago | A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user progr… | |||
| CVE-2017-4966 | high | 7.8 | 7.8 | 9y ago | An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x v… | |||
| CVE-2017-9527 | high | 7.8 | 7.8 | 9y ago | The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impac… | |||
| CVE-2017-2219 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2213 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2212 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2211 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2210 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2017-2209 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 M… | |||
| CVE-2017-2193 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |