Skip to main content
CVE-2017-7857 CRITICAL PATCH Act Now

FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Freetype
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2017-7858 CRITICAL PATCH Act Now

FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Freetype
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-7864 CRITICAL PATCH Act Now

FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Freetype
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2017-7865 CRITICAL PATCH Act Now

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Ffmpeg Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.9%
CVE-2017-7863 CRITICAL PATCH Act Now

FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Ffmpeg Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.9%
CVE-2017-7856 CRITICAL PATCH Act Now

LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Libreoffice
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2017-7862 CRITICAL PATCH Act Now

FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Ffmpeg
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2017-7866 CRITICAL PATCH Act Now

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Ffmpeg
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2017-7860 CRITICAL PATCH Act Now

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Google Grpc
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2017-7861 CRITICAL PATCH Act Now

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Google Grpc
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2017-7870 CRITICAL PATCH Act Now

LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Libreoffice
NVD GitHub
CVSS 3.0
9.8
EPSS
1.3%
CVE-2017-7859 CRITICAL Act Now

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Ffmpeg
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2016-10328 CRITICAL PATCH Act Now

FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Freetype Outside In Technology
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2017-7875 CRITICAL PATCH Act Now

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Feh
NVD GitHub
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-10327 CRITICAL PATCH Act Now

LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Libreoffice
NVD GitHub
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-7878 CRITICAL PATCH Act Now

SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Flatcore Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-7357 CRITICAL PATCH Act Now

Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE File Upload Hipchat Server
NVD
CVSS 3.0
9.1
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy