Total
243345 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7877 | 1 Flatcore | 1 Flatcore-cms | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations. | |||||
CVE-2016-7231 | 1 Microsoft | 4 Excel, Excel For Mac, Excel Viewer and 1 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
CVE-2017-6390 | 1 Soruly | 1 Whatanime.ga | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "whatanime.ga-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | |||||
CVE-2016-0645 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | |||||
CVE-2010-4140 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none | |||||
CVE-2016-10209 | 1 Libarchive | 1 Libarchive | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. | |||||
CVE-2016-2908 | 1 Ibm | 5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 2 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service. | |||||
CVE-2014-8218 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none | |||||
CVE-2017-0183 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2008 and 2 more | 2023-12-10 | 6.3 MEDIUM | 5.8 MEDIUM |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186. | |||||
CVE-2016-8780 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 6800 and 5 more | 2023-12-10 | 6.8 MEDIUM | 6.5 MEDIUM |
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition. | |||||
CVE-2016-4840 | 1 Toshiba | 1 Coordinate Plus | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates. | |||||
CVE-2017-2478 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 7.6 HIGH | 7.0 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2008-4022 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none | |||||
CVE-2014-9812 | 1 Imagemagick | 1 Imagemagick | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | |||||
CVE-2016-10247 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | |||||
CVE-2010-5134 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none | |||||
CVE-2009-3679 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none | |||||
CVE-2016-2615 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | |||||
CVE-2017-4915 | 2 Linux, Vmware | 3 Linux Kernel, Workstation Player, Workstation Pro | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine. | |||||
CVE-2016-7258 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 mishandles page-fault system calls, which allows local users to obtain sensitive information from arbitrary processes via a crafted application, aka "Windows Kernel Memory Address Information Disclosure Vulnerability." |