Skip to main content
CVE-2017-15235 HIGH POC THREAT Act Now

The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.7%.

Authentication Bypass Groupware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
12.7%
CVE-2017-2888 HIGH POC This Week

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Buffer Overflow Simple Directmedia Layer Ubuntu Linux +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2017-15236 HIGH POC This Week

Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tiandy Ip Camera Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
4.4%
CVE-2017-15267 HIGH POC This Week

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libextractor
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-2887 HIGH This Week

An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption RCE Sdl Image Debian Linux
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2017-15238 HIGH PATCH This Week

ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Graphicsmagick Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-5700 HIGH PATCH This Week

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Intel Authentication Bypass Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-5721 HIGH PATCH This Week

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via. Rated high severity (CVSS 7.5).

RCE Intel Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.5
EPSS
4.0%
CVE-2017-15257 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15253 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15252 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15251 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15249 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15248 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15246 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15242 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15262 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15260 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15259 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15258 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15256 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15255 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15254 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15250 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15247 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15245 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15244 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15243 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15241 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15240 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Pdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15239 HIGH This Week

IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15264 HIGH This Week

IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15263 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-15261 HIGH This Week

IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pdf Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-12188 HIGH PATCH This Week

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest. Rated high severity (CVSS 7.8).

Denial Of Service Linux Buffer Overflow RCE Stack Overflow +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2017-8025 HIGH This Week

RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

File Upload Archer Grc Platform
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2017-5722 HIGH PATCH This Week

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass. Rated high severity (CVSS 7.5). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Intel Privilege Escalation Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.5
EPSS
0.0%
CVE-2017-5701 HIGH PATCH This Week

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Intel Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-13722 HIGH PATCH This Week

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libxfont
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-13720 HIGH PATCH This Week

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Libxfont
NVD
CVSS 3.0
7.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy