VYPR

CVEs

96,314 total · page 1678 of 1,927

  • CVE-2017-2904HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…

  • CVE-2017-2903HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-2902HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-2901HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-2900HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-2899HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-2840HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.

  • CVE-2017-2835HigApr 24, 2018
    risk 0.53cvss 8.1epss 0.01

    An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in…

  • CVE-2017-2834HigApr 24, 2018
    risk 0.46cvss 7.0epss 0.02

    An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man…

  • CVE-2017-2833HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.05

    An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command…

  • CVE-2017-2832HigApr 24, 2018
    risk 0.47cvss 7.2epss 0.06

    An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password…

  • CVE-2017-2812HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise.

  • CVE-2017-2811HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise.

  • CVE-2017-2804HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger…

  • CVE-2017-2803HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to…

  • CVE-2017-2802HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to…

  • CVE-2017-14450HigApr 24, 2018
    risk 0.46cvss 7.1epss 0.02

    A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

  • CVE-2017-14449HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.02

    A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14448HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14442HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14441HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.03

    An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted…

  • CVE-2017-14440HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this…

  • CVE-2017-12122HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-12109HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.03

    An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to…

  • CVE-2017-12108HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.03

    An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to…

  • CVE-2017-12107HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02. A specially crafted .PCX file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .PCX file to trigger this vulnerability.

  • CVE-2017-12105HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…

  • CVE-2017-12104HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of…

  • CVE-2017-12103HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…

  • CVE-2017-12102HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2017-12101HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…

  • CVE-2017-12100HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…

  • CVE-2017-12099HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under…

  • CVE-2017-12086HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…

  • CVE-2017-12082HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code…

  • CVE-2017-12081HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…

  • CVE-2016-9043HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.03

    An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a…

  • CVE-2016-9038HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.00

    An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to…

  • CVE-2016-8732HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.01

    Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the protection mechanisms…

  • CVE-2016-8730HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the…

  • CVE-2016-8729HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and…

  • CVE-2016-8728HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code…

  • CVE-2016-8384HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter.

  • CVE-2016-8383HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger…

  • CVE-2016-8382HigApr 24, 2018
    risk 0.54cvss 8.3epss 0.02

    An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this…

  • CVE-2018-4832HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions),…

  • CVE-2016-9587HigApr 24, 2018
    risk 0.50cvss 8.1epss 0.18

    Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use…

  • CVE-2018-7932HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.00

    Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded…

  • CVE-2017-9654HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

  • CVE-2017-17258HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.01

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…