Total
7332 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7111 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
CVE-2017-10741 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121." | |||||
CVE-2017-7127 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Mac Os X and 3 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-5101 | 6 Apple, Debian, Google and 3 more | 8 Macos, Debian Linux, Chrome and 5 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | |||||
CVE-2017-11262 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2017-11294 | 2 Adobe, Microsoft | 2 Shockwave, Windows | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2017-6267 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service. | |||||
CVE-2017-11229 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF). | |||||
CVE-2017-7096 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
CVE-2017-15803 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150." | |||||
CVE-2017-10779 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at xnview+0x0000000000013a20." | |||||
CVE-2017-7098 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
CVE-2017-10766 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAnalyse+0x00000000000001c8." | |||||
CVE-2017-7087 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
CVE-2017-15782 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb." | |||||
CVE-2017-14272 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d." | |||||
CVE-2017-10776 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at ntdll_77df0000!LdrShutdownProcess+0x0000000000000130." | |||||
CVE-2017-12615 | 2 Apache, Microsoft | 2 Tomcat, Windows | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | |||||
CVE-2017-11256 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2017-7023 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |