| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2904 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the… | ||
| CVE-2017-2903 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-2902 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-2901 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-2900 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-2899 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-2840 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability. | ||
| CVE-2017-2835 | Hig | 0.53 | 8.1 | 0.01 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in… | ||
| CVE-2017-2834 | Hig | 0.46 | 7.0 | 0.02 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man… | ||
| CVE-2017-2833 | — | Hig | 0.49 | 7.5 | 0.05 | Apr 24, 2018 | An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command… | |
| CVE-2017-2832 | — | Hig | 0.47 | 7.2 | 0.06 | Apr 24, 2018 | An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password… | |
| CVE-2017-2812 | — | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. | |
| CVE-2017-2811 | — | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. | |
| CVE-2017-2804 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger… | ||
| CVE-2017-2803 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to… | ||
| CVE-2017-2802 | — | Hig | 0.51 | 7.8 | 0.01 | Apr 24, 2018 | An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to… | |
| CVE-2017-14450 | Hig | 0.46 | 7.1 | 0.02 | Apr 24, 2018 | A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. | ||
| CVE-2017-14449 | Hig | 0.49 | 7.5 | 0.02 | Apr 24, 2018 | A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. | ||
| CVE-2017-14448 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | ||
| CVE-2017-14442 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | ||
| CVE-2017-14441 | Hig | 0.57 | 8.8 | 0.03 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted… | ||
| CVE-2017-14440 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this… | ||
| CVE-2017-12122 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | ||
| CVE-2017-12109 | Hig | 0.57 | 8.8 | 0.03 | Apr 24, 2018 | An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to… | ||
| CVE-2017-12108 | Hig | 0.57 | 8.8 | 0.03 | Apr 24, 2018 | An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to… | ||
| CVE-2017-12107 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02. A specially crafted .PCX file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .PCX file to trigger this vulnerability. | ||
| CVE-2017-12105 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution… | ||
| CVE-2017-12104 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of… | ||
| CVE-2017-12103 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution… | ||
| CVE-2017-12102 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2017-12101 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution… | ||
| CVE-2017-12100 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the… | ||
| CVE-2017-12099 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under… | ||
| CVE-2017-12086 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the… | ||
| CVE-2017-12082 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code… | ||
| CVE-2017-12081 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… | ||
| CVE-2016-9043 | Hig | 0.51 | 7.8 | 0.03 | Apr 24, 2018 | An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a… | ||
| CVE-2016-9038 | Hig | 0.51 | 7.8 | 0.00 | Apr 24, 2018 | An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to… | ||
| CVE-2016-8732 | Hig | 0.51 | 7.8 | 0.01 | Apr 24, 2018 | Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the protection mechanisms… | ||
| CVE-2016-8730 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the… | ||
| CVE-2016-8729 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and… | ||
| CVE-2016-8728 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code… | ||
| CVE-2016-8384 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. | ||
| CVE-2016-8383 | Hig | 0.57 | 8.8 | 0.02 | Apr 24, 2018 | An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger… | ||
| CVE-2016-8382 | Hig | 0.54 | 8.3 | 0.02 | Apr 24, 2018 | An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this… | ||
| CVE-2018-4832 | Hig | 0.49 | 7.5 | 0.02 | Apr 24, 2018 | A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions),… | ||
| CVE-2016-9587 | — | Hig | 0.50 | 8.1 | 0.18 | Apr 24, 2018 | Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use… | |
| CVE-2018-7932 | Hig | 0.57 | 8.8 | 0.00 | Apr 24, 2018 | Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded… | ||
| CVE-2017-9654 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. | ||
| CVE-2017-17258 | Hig | 0.49 | 7.5 | 0.01 | Apr 24, 2018 | Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,… |
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.
- risk 0.53cvss 8.1epss 0.01
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in…
- risk 0.46cvss 7.0epss 0.02
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man…
- risk 0.49cvss 7.5epss 0.05
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command…
- risk 0.47cvss 7.2epss 0.06
An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password…
- risk 0.57cvss 8.8epss 0.02
A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise.
- risk 0.57cvss 8.8epss 0.02
A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise.
- risk 0.57cvss 8.8epss 0.01
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger…
- risk 0.57cvss 8.8epss 0.01
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to…
- risk 0.51cvss 7.8epss 0.01
An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to…
- risk 0.46cvss 7.1epss 0.02
A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.
- risk 0.49cvss 7.5epss 0.02
A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.02
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.02
An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.03
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted…
- risk 0.57cvss 8.8epss 0.02
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this…
- risk 0.57cvss 8.8epss 0.02
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.03
An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to…
- risk 0.57cvss 8.8epss 0.03
An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to…
- risk 0.57cvss 8.8epss 0.01
An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02. A specially crafted .PCX file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .PCX file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…
- risk 0.51cvss 7.8epss 0.03
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a…
- risk 0.51cvss 7.8epss 0.00
An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to…
- risk 0.51cvss 7.8epss 0.01
Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the protection mechanisms…
- risk 0.51cvss 7.8epss 0.02
An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the…
- risk 0.51cvss 7.8epss 0.02
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and…
- risk 0.51cvss 7.8epss 0.02
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code…
- risk 0.57cvss 8.8epss 0.02
An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter.
- risk 0.57cvss 8.8epss 0.02
An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger…
- risk 0.54cvss 8.3epss 0.02
An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this…
- risk 0.49cvss 7.5epss 0.02
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions),…
- risk 0.50cvss 8.1epss 0.18
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use…
- risk 0.57cvss 8.8epss 0.00
Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded…
- risk 0.57cvss 8.8epss 0.01
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
- risk 0.49cvss 7.5epss 0.01
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…