Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3092 | 1 Google | 1 Chrome | 2017-12-29 | 10.0 HIGH | N/A |
| The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-2318 | 1 Pidgin | 1 Pidgin | 2017-12-29 | 5.0 MEDIUM | N/A |
| msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message. | |||||
| CVE-2014-3941 | 1 Typo3 | 1 Typo3 | 2017-12-29 | 5.0 MEDIUM | N/A |
| TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing." | |||||
| CVE-2011-3095 | 1 Google | 1 Chrome | 2017-12-29 | 10.0 HIGH | N/A |
| The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
| CVE-2011-3094 | 1 Google | 1 Chrome | 2017-12-29 | 5.0 MEDIUM | N/A |
| Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2012-2268 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 5.0 MEDIUM | N/A |
| master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923. | |||||
| CVE-2017-13858 | 1 Apple | 1 Mac Os X | 2017-12-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2017-13848 | 1 Apple | 1 Mac Os X | 2017-12-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2014-1539 | 2 Apple, Mozilla | 3 Mac Os X, Firefox, Thunderbird | 2017-12-28 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image. | |||||
| CVE-2017-10897 | 1 Buffalo | 4 Bbr-4hg, Bbr-4hg Firmware, Bbr-4mg and 1 more | 2017-12-20 | 5.5 MEDIUM | 4.5 MEDIUM |
| Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors. | |||||
| CVE-2017-14914 | 1 Google | 1 Android | 2017-12-20 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale. | |||||
| CVE-2017-14909 | 1 Google | 1 Android | 2017-12-19 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated. | |||||
| CVE-2017-14908 | 1 Google | 1 Android | 2017-12-19 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify. | |||||
| CVE-2017-0878 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291. | |||||
| CVE-2017-0876 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675. | |||||
| CVE-2017-0877 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937. | |||||
| CVE-2017-0872 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323. | |||||
| CVE-2017-0874 | 1 Google | 1 Android | 2017-12-19 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63315932. | |||||
| CVE-2017-0873 | 1 Google | 1 Android | 2017-12-19 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63316255. | |||||
| CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||