CVEs from 2017
Total
11,679
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14103 | high | 8.8 | 8.8 | 9y ago | The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct … | |||
| CVE-2017-14050 | high | 8.8 | 8.8 | 9y ago | In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file. | |||
| CVE-2017-14048 | high | 8.8 | 8.8 | 9y ago | BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. NOTE: this can be exploited via… | |||
| CVE-2017-14041 | high | 8.8 | 8.8 | 9y ago | A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of ser… | |||
| CVE-2017-14040 | high | 8.8 | 8.8 | 9y ago | An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspec… | |||
| CVE-2017-14039 | high | 8.8 | 8.8 | 9y ago | A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denia… | |||
| CVE-2017-1442 | high | 8.8 | 8.8 | 9y ago | IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the web… | |||
| CVE-2017-1440 | high | 8.8 | 8.8 | 9y ago | IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a malicious file from a remote sys… | |||
| CVE-2017-12704 | high | 8.8 | 8.8 | 9y ago | A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validati… | |||
| CVE-2017-12702 | high | 8.8 | 8.8 | 9y ago | An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, w… | |||
| CVE-2017-11455 | high | 8.8 | 8.8 | 9y ago | diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack … | |||
| CVE-2017-10952 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the tar… | |||
| CVE-2017-10951 | high | 8.8 | 8.8 | 9y ago | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the ta… | |||
| CVE-2017-13740 | high | 8.8 | 8.8 | 9y ago | There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. | |||
| CVE-2017-13739 | high | 8.8 | 8.8 | 9y ago | There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It wi… | |||
| CVE-2017-13738 | high | 8.8 | 8.8 | 9y ago | There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. | |||
| CVE-2017-10844 | high | 8.8 | 8.8 | 9y ago | Code Injection in baserCMS | |||
| CVE-2017-10839 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2017-10835 | high | 8.8 | 8.8 | 9y ago | "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to conduct code injection attacks via unspecified vectors. | |||
| CVE-2017-9650 | high | 7.8 | 8.8 | 9y ago | An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; AL… | |||
| CVE-2017-7926 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-u… | |||
| CVE-2017-12857 | high | 8.8 | 8.8 | 9y ago | Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application.… | |||
| CVE-2017-12703 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verif… | |||
| CVE-2017-12137 | high | 8.8 | 8.8 | 9y ago | arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | |||
| CVE-2017-12135 | high | 8.8 | 8.8 | 9y ago | Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. | |||
| CVE-2017-12134 | high | 8.8 | 8.8 | 9y ago | The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cau… | |||
| CVE-2017-13147 | high | 8.8 | 8.8 | 9y ago | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | |||
| CVE-2017-12904 | high | 8.8 | 8.8 | 9y ago | Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by cra… | |||
| CVE-2017-13146 | high | 8.8 | 8.8 | 9y ago | In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c. | |||
| CVE-2017-5208 | high | 8.8 | 8.8 | 9y ago | Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of servic… | |||
| CVE-2017-7557 | high | 8.8 | 8.8 | 9y ago | dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack. | |||
| CVE-2017-7423 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow… | |||
| CVE-2017-5187 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 U… | |||
| CVE-2017-12983 | high | 8.8 | 8.8 | 9y ago | Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ot… | |||
| CVE-2017-12976 | high | 8.8 | 8.8 | 9y ago | git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a rel… | |||
| CVE-2017-12955 | high | 8.8 | 8.8 | 9y ago | There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or… | |||
| CVE-2017-12949 | high | 8.8 | 8.8 | 9y ago | lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitab… | |||
| CVE-2017-12881 | high | 8.8 | 8.8 | 9y ago | Spring Batch Admin vulnerable to Cross-site request forgery (CSRF) in the file upload functionality | |||
| CVE-2017-12593 | high | 8.8 | 8.8 | 9y ago | ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. | |||
| CVE-2017-12592 | high | 8.8 | 8.8 | 9y ago | ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their priv… | |||
| CVE-2017-12589 | high | 8.8 | 8.8 | 9y ago | ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack. | |||
| CVE-2017-12420 | high | 8.8 | 8.8 | 9y ago | Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrar… | |||
| CVE-2017-12937 | high | 8.8 | 8.8 | 9y ago | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | |||
| CVE-2017-12936 | high | 8.8 | 8.8 | 9y ago | The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | |||
| CVE-2017-12935 | high | 8.8 | 8.8 | 9y ago | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | |||
| CVE-2017-7556 | high | 8.8 | 8.8 | 9y ago | Cross-Site Request Forgery in hawtio | |||
| CVE-2017-7547 | high | 8.8 | 8.8 | 9y ago | PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by… | |||
| CVE-2017-6421 | high | 8.8 | 8.8 | 9y ago | In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow. | |||
| CVE-2017-8665 | high | 7.8 | 8.8 | 9y ago | The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability." | |||
| CVE-2017-12863 | high | 8.8 | 8.8 | 9y ago | Integer Overflow or Wraparound in OpenCV | |||
| CVE-2017-12426 | high | 8.8 | 8.8 | 9y ago | GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote … | |||
| CVE-2017-12853 | high | 8.8 | 8.8 | 9y ago | The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authentic… | |||
| CVE-2017-12851 | high | 8.8 | 8.8 | 9y ago | An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46. | |||
| CVE-2017-12850 | high | 8.8 | 8.8 | 9y ago | An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46. | |||
| CVE-2017-9660 | high | 8.8 | 8.8 | 9y ago | A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a cras… | |||
| CVE-2017-9659 | high | 8.8 | 8.8 | 9y ago | A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may ca… | |||
| CVE-2017-3123 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-3121 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Met… | |||
| CVE-2017-3120 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing eng… | |||
| CVE-2017-3119 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 1… | |||
| CVE-2017-3117 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that hand… | |||
| CVE-2017-3116 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessib… | |||
| CVE-2017-3113 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine w… | |||
| CVE-2017-3016 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploit… | |||
| CVE-2017-11271 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11270 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11269 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11268 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11267 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11263 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal dat… | |||
| CVE-2017-11262 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11261 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11260 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11259 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11257 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engi… | |||
| CVE-2017-11256 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating conten… | |||
| CVE-2017-11254 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader'… | |||
| CVE-2017-11251 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 pa… | |||
| CVE-2017-11241 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion… | |||
| CVE-2017-11237 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing… | |||
| CVE-2017-11235 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversio… | |||
| CVE-2017-11234 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11231 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rend… | |||
| CVE-2017-11229 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Forma… | |||
| CVE-2017-11228 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11227 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11226 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image proces… | |||
| CVE-2017-11224 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engi… | |||
| CVE-2017-11223 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA… | |||
| CVE-2017-11222 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Repr… | |||
| CVE-2017-11221 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation func… | |||
| CVE-2017-11220 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data str… | |||
| CVE-2017-11219 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering e… | |||
| CVE-2017-11218 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event managemen… | |||
| CVE-2017-11216 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11214 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11212 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conver… | |||
| CVE-2017-11211 | high | 8.8 | 8.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Suc… | |||
| CVE-2017-1174 | high | 8.8 | 8.8 | 9y ago | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or … | |||
| CVE-2017-9799 | high | 8.8 | 8.8 | 9y ago | Apache Storm it is possible for the owner of a topology to trick the supervisor to launch a worker as a different, non-root, user |