Total
11912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11674 | 1 Acunetix | 1 Web Vulnerability Scanner | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess." | |||||
| CVE-2017-11764 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2025-04-20 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-8756. | |||||
| CVE-2017-5112 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |||||
| CVE-2017-11243 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-9163 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54. | |||||
| CVE-2017-12707 | 1 Spidercontrol | 1 Scada Microbrowser | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow. | |||||
| CVE-2017-10781 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByName+0x00000000000000a5." | |||||
| CVE-2015-2675 | 1 Gnome | 1 Librest | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account. | |||||
| CVE-2017-11345 | 1 Asuswrt-merlin Project | 56 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac3100 and 53 more | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response. | |||||
| CVE-2017-14266 | 1 Broadcom | 1 Tcpreplay | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | |||||
| CVE-2017-10869 | 1 Dena | 1 H2o | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors. | |||||
| CVE-2017-15787 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063." | |||||
| CVE-2017-6983 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2016-7986 | 1 Tcpdump | 1 Tcpdump | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. | |||||
| CVE-2017-3824 | 1 Cisco | 2 Cbr-8 Converged Broadband Router, Ios Xe | 2025-04-20 | 5.4 MEDIUM | 6.8 MEDIUM |
| A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco cBR-8 Converged Broadband Routers running vulnerable versions of Cisco IOS XE are affected. More Information: CSCux40637. Known Affected Releases: 15.5(3)S 15.6(1)S. Known Fixed Releases: 15.5(3)S2 15.6(1)S1 15.6(2)S 15.6(2)SP 16.4(1). | |||||
| CVE-2017-9710 | 1 Google | 1 Android | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache. | |||||
| CVE-2017-11226 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2014-9976 | 1 Google | 1 Android | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing. | |||||
| CVE-2017-9678 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | |||||
| CVE-2017-15245 | 1 Irfanview | 2 Irfanview, Pdf | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlGetGlobalState+0x0000000000057b76." | |||||