Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13838 | 1 Apple | 1 Mac Os X | 2017-11-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13834 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary. | |||||
| CVE-2017-13820 | 1 Apple | 1 Mac Os X | 2017-11-27 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font. | |||||
| CVE-2017-13824 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandled by osadecompile. | |||||
| CVE-2017-13829 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13830 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13816 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file. | |||||
| CVE-2017-13814 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file. | |||||
| CVE-2017-13813 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file. | |||||
| CVE-2017-13812 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted archive file. | |||||
| CVE-2017-13811 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13808 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13800 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-16513 | 1 Ipswitch | 1 Ws Ftp | 2017-11-27 | 4.6 MEDIUM | 7.8 HIGH |
| Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729. | |||||
| CVE-2017-16796 | 1 Swftools | 1 Swftools | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file. | |||||
| CVE-2017-16793 | 1 Swftools | 1 Swftools | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-1000174 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools, an address access exception was found in swfdump swf_GetBits(). | |||||
| CVE-2017-1000176 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools, a memcpy buffer overflow was found in swfc. | |||||
| CVE-2017-1000185 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools, a memcpy buffer overflow was found in gif2swf. | |||||
| CVE-2017-1000186 | 1 Swftools | 1 Swftools | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SWFTools, a stack overflow was found in pdf2swf. | |||||