Skip to main content
CVE-2016-4893 HIGH This Week

SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Setucocms
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-0192 MEDIUM PATCH This Month

The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.9%.

Microsoft Adobe Information Disclosure Windows 10 Windows 7 +6
NVD
CVSS 3.0
4.3
EPSS
22.9%
CVE-2017-0207 MEDIUM PATCH This Month

Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.7%.

Microsoft Information Disclosure Outlook
NVD
CVSS 3.0
6.5
EPSS
11.7%
CVE-2016-4891 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Setucocms
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-3011 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2017-3044 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Adobe RCE Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
4.0%
CVE-2017-3049 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2017-0166 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2017-3034 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.0%
CVE-2017-3024 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.0%
CVE-2017-3048 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2017-3027 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2017-3026 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2017-3055 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3042 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3036 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3023 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3051 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Information Disclosure Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3050 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Adobe RCE Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3028 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3018 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3017 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3015 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2017-3057 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2017-3047 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2017-3035 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2017-3013 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader Dc +1
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2017-3012 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader Dc +1
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2017-3056 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3041 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3025 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3019 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Information Disclosure Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3065 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3054 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3040 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3039 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3030 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3014 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2017-3058 HIGH This Week

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2017-3038 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2017-5936 HIGH PATCH This Week

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Ubuntu Linux Nova Lxd
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2017-7747 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-7746 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-6059 HIGH PATCH This Week

Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Mod Auth Openidc
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2017-0189 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-3005 HIGH This Week

Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Information Disclosure Photoshop Cc
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-3007 HIGH This Week

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Information Disclosure Creative Cloud
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0204 MEDIUM PATCH This Month

Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 11.7%.

Microsoft Authentication Bypass Outlook
NVD
CVSS 3.0
5.5
EPSS
11.7%
CVE-2016-4459 HIGH This Week

Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mod Cluster Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2017-0180 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy