Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7232 | 1 Netplex-tech | 1 Xtacacsd | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command. | |||||
| CVE-2008-6821 | 1 Ibm | 1 Db2 | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, a different vulnerability than CVE-2007-3676 and CVE-2008-3853. | |||||
| CVE-2008-7162 | 1 Heroshare | 1 Hero Super Player 3000 | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be related to CVE-2008-4504. | |||||
| CVE-2008-7004 | 1 Elog | 1 Elog | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. | |||||
| CVE-2008-6415 | 1 Youngzsoft | 1 Ccproxy | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname. | |||||
| CVE-2017-8518 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2017-08-16 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". | |||||
| CVE-2017-8273 | 1 Google | 1 Android | 2017-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur. | |||||
| CVE-2017-11280 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11278 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11277 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11276 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11275 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier has an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3091 | 1 Adobe | 1 Digital Editions | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions 4.5.4 and earlier versions 4.5.4 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-0083 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2017-08-16 | 9.3 HIGH | 8.8 HIGH |
| Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, CVE-2017-0089, and CVE-2017-0090. | |||||
| CVE-2016-7134 | 1 Php | 1 Php | 2017-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call. | |||||
| CVE-2017-0108 | 1 Microsoft | 9 Live Meeting, Lync, Office and 6 more | 2017-08-16 | 9.3 HIGH | 7.8 HIGH |
| The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. | |||||
| CVE-2017-8852 | 1 Sap | 1 Sapcar | 2017-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560. | |||||
| CVE-2017-0202 | 1 Microsoft | 1 Internet Explorer | 2017-08-16 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2017-2457 | 1 Apple | 2 Iphone Os, Safari | 2017-08-16 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-0084 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2017-08-16 | 9.3 HIGH | 8.8 HIGH |
| Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, CVE-2017-0089, and CVE-2017-0090. | |||||