Skip to main content
CVE-2017-15768 HIGH This Week

IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15766 HIGH This Week

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Babacad4Image
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15765 HIGH This Week

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Cadimage
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15764 HIGH This Week

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview Babacad4Image
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15786 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15783 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15780 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15778 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15776 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15775 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15773 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15772 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15803 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15802 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-15801 HIGH This Week

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Xnview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-5699 HIGH This Week

The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cumulus Linux
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-15721 HIGH PATCH This Week

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-15723 HIGH PATCH This Week

In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-15228 HIGH PATCH This Week

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-15227 HIGH PATCH This Week

Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-12317 MEDIUM This Month

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Cisco Advanced Malware Protection
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-15736 MEDIUM This Month

Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Spip
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-15722 MEDIUM PATCH This Month

In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
5.9
EPSS
0.7%
CVE-2017-15728 MEDIUM This Month

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Phpmyfaq
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy