CVEs from 2017
Total
11,651
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2361 | medium | 6.1 | 7.1 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Help Viewer" component, which allows XSS attacks via a crafted web site. | |||
| CVE-2017-2584 | high | 7.1 | 7.1 | 10y ago | arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application … | |||
| CVE-2017-17712 | high | 7.0 | 7.0 | 9y ago | multiple issues in linux-lts | |||
| CVE-2017-6262 | high | 7.0 | 7.0 | 9y ago | NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevatio… | |||
| CVE-2017-14902 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can pote… | |||
| CVE-2017-9718 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite. | |||
| CVE-2017-9708 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a… | |||
| CVE-2017-9703 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition. | |||
| CVE-2017-11049 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer overf… | |||
| CVE-2017-11045 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free… | |||
| CVE-2017-11044 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free c… | |||
| CVE-2017-17053 | high | 7.0 | 7.0 | 9y ago | The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing … | |||
| CVE-2017-16933 | high | 7.0 | 7.0 | 9y ago | etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_… | |||
| CVE-2017-11025 | high | 7.0 | 7.0 | 9y ago | In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption… | |||
| CVE-2017-10278 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Difficult to exploit vul… | |||
| CVE-2017-15265 | high | 7.0 | 7.0 | 9y ago | Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/… | |||
| CVE-2017-8694 | high | 7.0 | 7.0 | 9y ago | The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and… | |||
| CVE-2017-8689 | high | 7.0 | 7.0 | 9y ago | The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and… | |||
| CVE-2017-11824 | high | 7.0 | 7.0 | 9y ago | The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, a… | |||
| CVE-2017-11783 | high | 7.0 | 7.0 | 9y ago | Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles call… | |||
| CVE-2017-11780 | high | 7.0 | 7.0 | 9y ago | The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 170… | |||
| CVE-2017-9697 | high | 7.0 | 7.0 | 9y ago | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registr… | |||
| CVE-2017-14088 | high | 7.0 | 7.0 | 9y ago | Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved fo… | |||
| CVE-2017-13676 | high | 7.0 | 7.0 | 9y ago | Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious … | |||
| CVE-2017-8280 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a… | |||
| CVE-2017-9607 | high | 7.0 | 7.0 | 9y ago | The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of … | |||
| CVE-2017-8702 | high | 7.0 | 7.0 | 9y ago | Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows an attacker to gain greater access to sensitive information and system functionality, due to… | |||
| CVE-2017-8699 | high | 7.0 | 7.0 | 9y ago | Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows… | |||
| CVE-2017-8675 | high | 7.0 | 7.0 | 9y ago | The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, an… | |||
| CVE-2017-12146 | high | 7.0 | 7.0 | 9y ago | The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a sto… | |||
| CVE-2017-10950 | high | 7.0 | 7.0 | 9y ago | This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-priv… | |||
| CVE-2017-9684 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. | |||
| CVE-2017-8270 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. | |||
| CVE-2017-8267 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. | |||
| CVE-2017-8266 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | |||
| CVE-2017-8265 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. | |||
| CVE-2017-8262 | high | 7.0 | 7.0 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condit… | |||
| CVE-2017-9661 | high | 7.0 | 7.0 | 9y ago | An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allo… | |||
| CVE-2017-8593 | high | 7.0 | 7.0 | 9y ago | Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 all… | |||
| CVE-2017-10225 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulne… | |||
| CVE-2017-11756 | high | 7.0 | 7.0 | 9y ago | In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4… | |||
| CVE-2017-6005 | high | 7.0 | 7.0 | 9y ago | Waves MaxxAudio, as installed on Dell laptops, adds a "WavesSysSvc" Windows service with File Version 1.1.6.0. This service has a vulnerability known as Unquoted Service Path. This could potentially … | |||
| CVE-2017-11600 | high | 7.0 | 7.0 | 9y ago | net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local… | |||
| CVE-2017-1181 | high | 7.0 | 7.0 | 9y ago | IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID… | |||
| CVE-2017-6249 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Modera… | |||
| CVE-2017-8588 | high | 7.0 | 7.0 | 9y ago | Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows… | |||
| CVE-2017-8581 | high | 7.0 | 7.0 | 9y ago | Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 all… | |||
| CVE-2017-8580 | high | 7.0 | 7.0 | 9y ago | Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 all… | |||
| CVE-2017-8577 | high | 7.0 | 7.0 | 9y ago | Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 all… | |||
| CVE-2017-8574 | high | 7.0 | 7.0 | 9y ago | Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Compone… | |||
| CVE-2017-8573 | high | 7.0 | 7.0 | 9y ago | Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 a… | |||
| CVE-2017-8566 | high | 7.0 | 7.0 | 9y ago | Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM clas… | |||
| CVE-2017-8562 | high | 7.0 | 7.0 | 9y ago | Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows impr… | |||
| CVE-2017-8561 | high | 7.0 | 7.0 | 9y ago | Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability… | |||
| CVE-2017-8556 | high | 7.0 | 7.0 | 9y ago | Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 a… | |||
| CVE-2017-8467 | high | 7.0 | 7.0 | 9y ago | Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows … | |||
| CVE-2017-6728 | high | 7.0 | 7.0 | 9y ago | A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary code at the root privilege level on an affected system, because of Incorrect Perm… | |||
| CVE-2017-6248 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Modera… | |||
| CVE-2017-8579 | high | 7.0 | 7.0 | 9y ago | The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application… | |||
| CVE-2017-8576 | high | 7.0 | 7.0 | 9y ago | The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted applicatio… | |||
| CVE-2017-7496 | high | 7.0 | 7.0 | 9y ago | fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary direc… | |||
| CVE-2017-1000376 | high | 7.0 | 7.0 | 9y ago | libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was… | |||
| CVE-2017-0649 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2017-0636 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated… | |||
| CVE-2017-7372 | high | 7.0 | 7.0 | 9y ago | In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location. | |||
| CVE-2017-7370 | high | 7.0 | 7.0 | 9y ago | In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | |||
| CVE-2017-7368 | high | 7.0 | 7.0 | 9y ago | In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver. | |||
| CVE-2017-5176 | high | 7.0 | 7.0 | 9y ago | A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and ea… | |||
| CVE-2017-9067 | high | 7.0 | 7.0 | 9y ago | MODX Revolution Directory Traversal Vulnerability | |||
| CVE-2017-8244 | high | 7.0 | 7.0 | 9y ago | In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at … | |||
| CVE-2017-0623 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High be… | |||
| CVE-2017-0622 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as … | |||
| CVE-2017-0621 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2017-0620 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue… | |||
| CVE-2017-0619 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rate… | |||
| CVE-2017-0618 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated… | |||
| CVE-2017-0617 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0616 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This … | |||
| CVE-2017-0615 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0614 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the… | |||
| CVE-2017-0613 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the… | |||
| CVE-2017-0612 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the… | |||
| CVE-2017-0611 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0610 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0609 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0608 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0607 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0606 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2017-0465 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi… | |||
| CVE-2017-0279 | high | 7.0 | 7.0 | 9y ago | The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 15… | |||
| CVE-2017-0278 | high | 7.0 | 7.0 | 9y ago | The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 15… | |||
| CVE-2017-0277 | high | 7.0 | 7.0 | 9y ago | The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 15… | |||
| CVE-2017-0246 | high | 7.0 | 7.0 | 9y ago | The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, … | |||
| CVE-2017-0343 | high | 7.0 | 7.0 | 9y ago | All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two fun… | |||
| CVE-2017-6051 | high | 7.0 | 7.0 | 9y ago | An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may a… | |||
| CVE-2017-8284 | high | 7.0 | 7.0 | 9y ago | The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain pri… | |||
| CVE-2017-7477 | high | 7.0 | 7.0 | 9y ago | Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by … | |||
| CVE-2017-3617 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3616 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… | |||
| CVE-2017-3615 | high | 7.0 | 7.0 | 9y ago | Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with log… |