Vulnerabilities (CVE)

Total 243345 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7877 1 Flatcore 1 Flatcore-cms 2023-12-10 6.8 MEDIUM 8.8 HIGH
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.
CVE-2016-7231 1 Microsoft 4 Excel, Excel For Mac, Excel Viewer and 1 more 2023-12-10 9.3 HIGH 7.8 HIGH
Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2017-6390 1 Soruly 1 Whatanime.ga 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "whatanime.ga-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
CVE-2016-0645 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none
CVE-2010-4140 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none
CVE-2016-10209 1 Libarchive 1 Libarchive 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
CVE-2016-2908 1 Ibm 5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 2 more 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
CVE-2014-8218 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none
CVE-2017-0183 1 Microsoft 5 Windows 10, Windows 8.1, Windows Server 2008 and 2 more 2023-12-10 6.3 MEDIUM 5.8 MEDIUM
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
CVE-2016-8780 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 6800 and 5 more 2023-12-10 6.8 MEDIUM 6.5 MEDIUM
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.
CVE-2016-4840 1 Toshiba 1 Coordinate Plus 2023-12-10 4.3 MEDIUM 5.9 MEDIUM
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.
CVE-2017-2478 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2023-12-10 7.6 HIGH 7.0 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2008-4022 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none
CVE-2014-9812 1 Imagemagick 1 Imagemagick 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
CVE-2016-10247 2 Artifex, Debian 2 Mupdf, Debian Linux 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVE-2010-5134 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none
CVE-2009-3679 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none
CVE-2016-2615 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none
CVE-2017-4915 2 Linux, Vmware 3 Linux Kernel, Workstation Player, Workstation Pro 2023-12-10 7.2 HIGH 7.8 HIGH
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
CVE-2016-7258 1 Microsoft 2 Windows 10, Windows Server 2016 2023-12-10 2.1 LOW 5.5 MEDIUM
The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 mishandles page-fault system calls, which allows local users to obtain sensitive information from arbitrary processes via a crafted application, aka "Windows Kernel Memory Address Information Disclosure Vulnerability."