Skip to main content
CVE-2017-10928 HIGH POC This Week

In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Imagemagick
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2017-9925 HIGH This Week

In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV near NULL starting. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Denial Of Service Swftools
NVD GitHub
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-9924 HIGH This Week

In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Denial Of Service Swftools
NVD GitHub
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-9927 HIGH This Week

In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Swftools
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-9926 HIGH This Week

In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Swftools
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-2295 HIGH This Week

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization RCE Puppet Debian Linux
NVD
CVSS 3.0
8.2
EPSS
1.9%
CVE-2017-10914 HIGH This Week

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Xen
NVD
CVSS 3.0
8.1
EPSS
0.6%
CVE-2017-9528 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
1.6%
CVE-2017-8370 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Fpx Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
1.6%
CVE-2017-9914 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .bie file, related to a "Read Access Violation on Block Data Move starting at Xjbig+0x000000000000121b.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9903 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx+0x00000000000117ff.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9902 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9901 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls subsequent Write Address starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9900 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9899 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9898 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004cbb.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9897 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x000000000000dcab.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9896 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9895 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-9529 HIGH This Week

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-8766 HIGH This Week

IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-8781 HIGH This Week

XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-8381 HIGH This Week

XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-8282 HIGH This Week

XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mov file that is mishandled during the opening of a directory in "Browser" mode, because. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-9883 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9882 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Block Data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9881 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9880 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9536 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9535 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9534 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9533 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9532 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10731 HIGH This Week

IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10730 HIGH This Week

IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10729 HIGH This Week

IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9879 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9878 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9877 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9876 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9875 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9874 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9873 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-9531 HIGH This Week

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Fpx
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-8369 HIGH This Week

IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-7894 HIGH This Week

WinDjView 2.1 might allow user-assisted attackers to execute code via a crafted .djvu file, because of a "User Mode Write AV near NULL" in WinDjView.exe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Windjview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10929 HIGH PATCH This Week

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Radare2
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10728 HIGH This Week

Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Error Code (0xe06d7363) starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Winamp
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10727 HIGH This Week

Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Branch Selection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Winamp
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-10726 HIGH This Week

Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address may be used as a return value. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Winamp
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy