Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14572 | 1 Stdutility | 1 Stdu Viewer | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x000000000479049b called from Unknown Symbol @ 0x000000000d89645b." | |||||
| CVE-2017-14569 | 1 Stdutility | 1 Stdu Viewer | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to a "Read Access Violation starting at STDUXPSFile!DllUnregisterServer+0x0000000000005bd5." | |||||
| CVE-2017-14568 | 1 Stdutility | 1 Stdu Viewer | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000000297024c called from STDUXPSFile!DllUnregisterServer+0x0000000000025630." | |||||
| CVE-2017-14574 | 1 Stdutility | 1 Stdu Viewer | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x0000000004940490." | |||||
| CVE-2017-14566 | 1 Stdutility | 1 Stdu Viewer | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x00000000039d76c4 called from Unknown Symbol @ 0x0000000000049d2c." | |||||
| CVE-2017-8567 | 1 Microsoft | 1 Excel For Mac | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution". | |||||
| CVE-2017-8632 | 1 Microsoft | 4 Excel, Excel For Mac, Office Compatibility Pack and 1 more | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8631, and CVE-2017-8744. | |||||
| CVE-2017-14538 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008823." | |||||
| CVE-2017-14541 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e." | |||||
| CVE-2017-14580 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.41 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000870f." | |||||
| CVE-2017-6007 | 1 Sophos | 1 Hitmanpro | 2017-09-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call. | |||||
| CVE-2017-8749 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2017-09-21 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8747. | |||||
| CVE-2017-14515 | 1 Tenda | 2 W15e, W15e Firmware | 2017-09-21 | 5.0 MEDIUM | 7.5 HIGH |
| Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors. | |||||
| CVE-2017-3086 | 1 Adobe | 1 Shockwave Player | 2017-09-20 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2014-7912 | 2 Dhcpcd Project, Google | 2 Dhcpcd, Android | 2017-09-20 | 6.8 MEDIUM | N/A |
| The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a large length value of an option in a DHCPACK message. | |||||
| CVE-2014-7913 | 2 Dhcpcd Project, Google | 2 Dhcpcd, Android | 2017-09-20 | 6.8 MEDIUM | N/A |
| The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message. | |||||
| CVE-2015-3771 | 1 Apple | 1 Mac Os X | 2017-09-20 | 7.2 HIGH | N/A |
| IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772. | |||||
| CVE-2015-3789 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
| QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
| CVE-2015-3765 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
| QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
| CVE-2015-3773 | 1 Apple | 1 Mac Os X | 2017-09-20 | 7.5 HIGH | N/A |
| The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||