Latest CVE Feed
-
9.8
CRITICALCVE-2017-7858
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.... Read more
Affected Products : freetype- Published: Apr. 14, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7867
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.... Read more
- Published: Apr. 14, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-7940
The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.... Read more
- Published: Apr. 18, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-7850
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.... Read more
Affected Products : nessus- Published: Apr. 19, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-7951
WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context.... Read more
Affected Products : wondercms- Published: Apr. 21, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7861
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.... Read more
Affected Products : grpc- Published: Apr. 14, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7870
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.... Read more
Affected Products : libreoffice- Published: Apr. 14, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-7890
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized... Read more
Affected Products : php- Published: Aug. 02, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-7877
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.... Read more
Affected Products : flatcore-cms- Published: Apr. 14, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-7891
sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.... Read more
Affected Products : sourcebans-pp- Published: Apr. 17, 2017
- Modified: Apr. 20, 2025
-
8.4
HIGHCVE-2017-7884
In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicio... Read more
Affected Products : apc_ups_daemon- Published: Jun. 16, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7898
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-7999
Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote authenticated users with certain privileges to cause a denial of service (E2 service outage) via unspecified vectors.... Read more
Affected Products : eucalyptus- Published: Jun. 01, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-7887
Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter.... Read more
Affected Products : dolibarr_erp\/crm- Published: May. 10, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-7895
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, ... Read more
- Published: Apr. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7913
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previ... Read more
- Published: May. 29, 2017
- Modified: Apr. 20, 2025
-
6.3
MEDIUMCVE-2017-7936
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7899
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
7.3
HIGHCVE-2017-7965
A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.... Read more
- Published: Jun. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protect... Read more
Affected Products : multilin_sr_750_feeder_protection_relay_firmware multilin_sr_760_feeder_protection_relay_firmware multilin_sr_469_motor_protection_relay_firmware multilin_sr_489_generator_protection_relay_firmware multilin_sr_745_transformer_protection_relay_firmware multilin_sr_369_motor_protection_relay_firmware multilin_universal_relay_firmware multilin_urplus_d90_firmware multilin_urplus_c90_firmware multilin_urplus_b95_firmware +10 more products- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025