CVEs from 2017
Total
11,796
critical
critical 1,647
high
high 5,043
medium
medium 4,165
low
low 159
% Critical
14.0%
% with KEV
0.7%
% with exploit
0.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2017-0790 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101. | |
| CVE-2017-0789 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. References: B-V2017053102. | |
| CVE-2017-0788 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722328. References: B-V2017053103. | |
| CVE-2017-0787 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104. | |
| CVE-2017-0786 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101. | |
| CVE-2017-0784 | high | 8.8 | 8.8 | 9y ago | A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958. | |
| CVE-2017-14167 | high | 8.8 | 8.8 | 9y ago | Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header addr… | |
| CVE-2017-12216 | high | 8.8 | 8.8 | 9y ago | A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vu… | |
| CVE-2017-13713 | high | 8.8 | 8.8 | 9y ago | T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg. | |
| CVE-2017-12838 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that (1) send manas via a request to mybonus.php or (2) add … | |
| CVE-2017-11567 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to… | |
| CVE-2017-14169 | high | 8.8 | 8.8 | 9y ago | In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xfffff… | |
| CVE-2017-14164 | high | 8.8 | 8.8 | 9y ago | A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-b… | |
| CVE-2017-1097 | high | 8.8 | 8.8 | 9y ago | IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tra… | |
| CVE-2017-2822 | high | 8.8 | 8.8 | 9y ago | An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a c… | |
| CVE-2017-2821 | high | 8.8 | 8.8 | 9y ago | An exploitable use-after-free exists in the PDF parsing functionality of Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resultin… | |
| CVE-2017-14152 | high | 8.8 | 8.8 | 9y ago | A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of serv… | |
| CVE-2017-14151 | high | 8.8 | 8.8 | 9y ago | An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of … | |
| CVE-2017-14146 | high | 8.8 | 8.8 | 9y ago | HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory. | |
| CVE-2017-14123 | high | 8.8 | 8.8 | 9y ago | Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the serv… | |
| CVE-2017-14119 | high | 8.8 | 8.8 | 9y ago | In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers to execute arbitrary commands via shell… | |
| CVE-2017-14118 | high | 8.8 | 8.8 | 9y ago | In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote attackers to execute arbitrary commands via shell… | |
| CVE-2017-12421 | high | 8.8 | 8.8 | 9y ago | NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage controller via unspecified vectors. | |
| CVE-2017-14103 | high | 8.8 | 8.8 | 9y ago | The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct … | |
| CVE-2017-14050 | high | 8.8 | 8.8 | 9y ago | In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file. | |
| CVE-2017-14048 | high | 8.8 | 8.8 | 9y ago | BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. NOTE: this can be exploited via… | |
| CVE-2017-14041 | high | 8.8 | 8.8 | 9y ago | A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of ser… | |
| CVE-2017-14040 | high | 8.8 | 8.8 | 9y ago | An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspec… | |
| CVE-2017-14039 | high | 8.8 | 8.8 | 9y ago | A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denia… | |
| CVE-2017-1442 | high | 8.8 | 8.8 | 9y ago | IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the web… | |
| CVE-2017-1440 | high | 8.8 | 8.8 | 9y ago | IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a malicious file from a remote sys… | |
| CVE-2017-12704 | high | 8.8 | 8.8 | 9y ago | A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validati… | |
| CVE-2017-12702 | high | 8.8 | 8.8 | 9y ago | An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, w… | |
| CVE-2017-12763 | high | 8.8 | 8.8 | 9y ago | An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files. | |
| CVE-2017-11455 | high | 8.8 | 8.8 | 9y ago | diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack … | |
| CVE-2017-10952 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the tar… | |
| CVE-2017-10951 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the ta… | |
| CVE-2017-13740 | high | 8.8 | 8.8 | 9y ago | There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. | |
| CVE-2017-13739 | high | 8.8 | 8.8 | 9y ago | There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It wi… | |
| CVE-2017-13738 | high | 8.8 | 8.8 | 9y ago | There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. | |
| CVE-2017-10844 | high | 8.8 | 8.8 | 9y ago | Code Injection in baserCMS | |
| CVE-2017-10839 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |
| CVE-2017-10835 | high | 8.8 | 8.8 | 9y ago | "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to conduct code injection attacks via unspecified vectors. | |
| CVE-2017-7926 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-u… | |
| CVE-2017-12857 | high | 8.8 | 8.8 | 9y ago | Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application.… | |
| CVE-2017-12703 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verif… | |
| CVE-2017-12137 | high | 8.8 | 8.8 | 9y ago | arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | |
| CVE-2017-12135 | high | 8.8 | 8.8 | 9y ago | Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. | |
| CVE-2017-12134 | high | 8.8 | 8.8 | 9y ago | The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cau… | |
| CVE-2017-13147 | high | 8.8 | 8.8 | 9y ago | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | |
| CVE-2017-12970 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack the authentication of authenticated users for requests that (1) add or (2) delete user accounts… | |
| CVE-2017-12904 | high | 8.8 | 8.8 | 9y ago | Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by cra… | |
| CVE-2017-11610 | high | 8.8 | 8.8 | 9y ago | The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC req… | |
| CVE-2017-13146 | high | 8.8 | 8.8 | 9y ago | In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c. | |
| CVE-2017-5208 | high | 8.8 | 8.8 | 9y ago | Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of servic… | |
| CVE-2017-7557 | high | 8.8 | 8.8 | 9y ago | dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack. | |
| CVE-2017-7423 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow… | |
| CVE-2017-5187 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 U… | |
| CVE-2017-12983 | high | 8.8 | 8.8 | 9y ago | Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ot… | |
| CVE-2017-12976 | high | 8.8 | 8.8 | 9y ago | git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a rel… | |
| CVE-2017-12955 | high | 8.8 | 8.8 | 9y ago | There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or… | |
| CVE-2017-12949 | high | 8.8 | 8.8 | 9y ago | lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitab… | |
| CVE-2017-12881 | high | 8.8 | 8.8 | 9y ago | Spring Batch Admin vulnerable to Cross-site request forgery (CSRF) in the file upload functionality | |
| CVE-2017-12593 | high | 8.8 | 8.8 | 9y ago | ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. | |
| CVE-2017-12592 | high | 8.8 | 8.8 | 9y ago | ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their priv… | |
| CVE-2017-12589 | high | 8.8 | 8.8 | 9y ago | ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack. | |
| CVE-2017-12420 | high | 8.8 | 8.8 | 9y ago | Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrar… | |
| CVE-2017-12937 | high | 8.8 | 8.8 | 9y ago | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | |
| CVE-2017-12936 | high | 8.8 | 8.8 | 9y ago | The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | |
| CVE-2017-12935 | high | 8.8 | 8.8 | 9y ago | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | |
| CVE-2017-7556 | high | 8.8 | 8.8 | 9y ago | Cross-Site Request Forgery in hawtio | |
| CVE-2017-7547 | high | 8.8 | 8.8 | 9y ago | PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by… | |
| CVE-2017-6421 | high | 8.8 | 8.8 | 9y ago | In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow. | |
| CVE-2017-12863 | high | 8.8 | 8.8 | 9y ago | Integer Overflow or Wraparound in OpenCV | |
| CVE-2017-12426 | high | 8.8 | 8.8 | 9y ago | GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote … | |
| CVE-2017-12853 | high | 8.8 | 8.8 | 9y ago | The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authentic… | |
| CVE-2017-12851 | high | 8.8 | 8.8 | 9y ago | An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46. | |
| CVE-2017-12850 | high | 8.8 | 8.8 | 9y ago | An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46. | |
| CVE-2017-9660 | high | 8.8 | 8.8 | 9y ago | A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a cras… | |
| CVE-2017-9659 | high | 8.8 | 8.8 | 9y ago | A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may ca… | |
| CVE-2017-6328 | high | 8.8 | 8.8 | 9y ago | The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious… | |
| CVE-2017-3123 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-3121 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Met… | |
| CVE-2017-3120 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing eng… | |
| CVE-2017-3119 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 1… | |
| CVE-2017-3117 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that hand… | |
| CVE-2017-3116 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessib… | |
| CVE-2017-3113 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine w… | |
| CVE-2017-3106 | high | 8.8 | 8.8 | 9y ago | Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-3016 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploit… | |
| CVE-2017-11271 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11270 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11269 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11268 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11267 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11263 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal dat… | |
| CVE-2017-11262 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11261 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11260 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |
| CVE-2017-11259 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… |