Latest CVE Feed
-
9.8
CRITICALCVE-2017-5374
Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51.... Read more
Affected Products : firefox- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-47575
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet For... Read more
- Actively Exploited
- Published: Oct. 23, 2024
- Modified: Nov. 08, 2024
-
9.8
CRITICALCVE-2017-5373
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects T... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2017-5377
A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51.... Read more
Affected Products : firefox- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5344
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist wer... Read more
Affected Products : dotcms- Published: Feb. 17, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2017-5376
Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-47539
GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memo... Read more
Affected Products : gstreamer- Published: Dec. 12, 2024
- Modified: Dec. 18, 2024
-
9.8
CRITICALCVE-2017-5336
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.... Read more
- Published: Mar. 24, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5212
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.... Read more
Affected Products : open-xchange_appsuite- Published: May. 23, 2019
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5390
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.... Read more
- Published: Jun. 11, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-5202
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2024-47540
GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst... Read more
Affected Products : gstreamer- Published: Dec. 12, 2024
- Modified: Dec. 18, 2024
-
9.8
CRITICALCVE-2017-5225
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.... Read more
Affected Products : libtiff- Published: Jan. 12, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5203
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2024-47538
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64... Read more
Affected Products : gstreamer- Published: Dec. 12, 2024
- Modified: Dec. 19, 2024
-
9.8
CRITICALCVE-2017-5205
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5204
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5174
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control th... Read more
- Published: May. 19, 2017
- Modified: Apr. 20, 2025