Skip to main content
CVE-2017-3012 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader Dc +1
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2017-3056 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3041 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3025 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3019 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Information Disclosure Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3065 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3054 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3040 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3039 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3030 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2017-3014 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2017-3058 HIGH This Week

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2017-3038 HIGH This Week

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2017-5936 HIGH PATCH This Week

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Ubuntu Linux Nova Lxd
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2017-7747 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-7746 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-6059 HIGH PATCH This Week

Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Mod Auth Openidc
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2017-0189 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-3005 HIGH This Week

Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Information Disclosure Photoshop Cc
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-3007 HIGH This Week

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Information Disclosure Creative Cloud
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-4459 HIGH This Week

Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mod Cluster Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2017-0180 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0163 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0181 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0162 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-7703 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-7705 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-7702 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-7704 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-7701 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-0155 HIGH PATCH This Week

The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD
CVSS 3.0
7.0
EPSS
3.0%
CVE-2016-7958 HIGH PATCH This Week

In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-7957 HIGH PATCH This Week

In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-7748 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-7745 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-0156 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2016-5856 HIGH PATCH This Week

Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Google Privilege Escalation Linux Kernel Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy