Latest CVE Feed
-
7.8
HIGHCVE-2017-0345
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel ... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-0344
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape may allow users to gain access to arbitrary physical memory, leading to escalation of privileges.... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.0
HIGHCVE-2017-0343
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escal... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-0342
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to denial of service or potential escalation of privilege... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-0341
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input can trigger an access to a pointer that has not been initialized which may lead to den... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8855
wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.... Read more
Affected Products : wolfssl- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-8854
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.... Read more
Affected Products : wolfssl- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-5527
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized ... Read more
- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-7967
All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the... Read more
Affected Products : vampset- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8853
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.... Read more
Affected Products : fiyo_cms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3073
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3072
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3070
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-3068
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux enterprise_linux_desktop enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.... Read more
Affected Products : experience_manager_forms- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2017-6137
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie ... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +1 more products- Published: May. 09, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-0302
In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 09, 2017
- Modified: Apr. 20, 2025