VYPR

CVEs

100,472 total · page 1880 of 2,010

  • CVE-2017-8527HigJun 15, 2017
    risk 0.59cvss 8.8epss 0.19

    Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka…

  • CVE-2017-8524HigJun 15, 2017
    risk 0.50cvss 7.5epss 0.10

    Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the…

  • CVE-2017-8522HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to…

  • CVE-2017-8521HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.06

    Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8520HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.09

    Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8519HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.06

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in…

  • CVE-2017-8517HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user…

  • CVE-2017-8513HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.17

    A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability".

  • CVE-2017-8512HigJun 15, 2017
    risk 0.59cvss 8.8epss 0.22

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and…

  • CVE-2017-8511HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and…

  • CVE-2017-8510HigJun 15, 2017
    risk 0.59cvss 8.8epss 0.22

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and…

  • CVE-2017-8509HigJun 15, 2017
    risk 0.59cvss 8.8epss 0.18

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and…

  • CVE-2017-8507HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.20

    A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability".

  • CVE-2017-8506HigJun 15, 2017
    risk 0.53cvss 7.8epss 0.24

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and…

  • CVE-2017-8499HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.09

    Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8497HigJun 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8496HigJun 15, 2017
    risk 0.56cvss 7.5epss 0.51

    Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-8494HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.02

    Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of…

  • CVE-2017-8468HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of…

  • CVE-2017-8466HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".

  • CVE-2017-8465HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.02

    Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of…

  • CVE-2017-8464HigKEVJun 15, 2017
    risk 0.79cvss 8.8epss 0.90

    Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via…

  • CVE-2017-8460HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.03

    Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially crafted PDF file, aka "Windows PDF Information Disclosure Vulnerability".

  • CVE-2017-0298HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.02

    A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, when configured to run as the interactive user, allows an…

  • CVE-2017-0296HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior…

  • CVE-2017-0294HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.17

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files,…

  • CVE-2017-0292HigJun 15, 2017
    risk 0.53cvss 7.8epss 0.24

    Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID…

  • CVE-2017-0291HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.20

    Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID…

  • CVE-2017-0283HigJun 15, 2017
    risk 0.63cvss 8.8epss 0.39

    Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013…

  • CVE-2017-0260HigJun 15, 2017
    risk 0.52cvss 7.8epss 0.20

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and…

  • CVE-2017-0193HigJun 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to gain elevated privileges on a target guest operating…

  • CVE-2017-7914HigJun 14, 2017
    risk 0.56cvss 8.6epss 0.07

    A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429,…

  • CVE-2017-7910HigJun 14, 2017
    risk 0.49cvss 7.5epss 0.02

    A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.

  • CVE-2017-4981HigJun 14, 2017
    risk 0.49cvss 7.5epss 0.02

    EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability.

  • CVE-2017-8907HigJun 14, 2017
    risk 0.57cvss 8.8epss 0.02

    Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects…

  • CVE-2017-2810HigJun 14, 2017
    risk 0.42cvss 7.5epss 0.05

    An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability.

  • CVE-2017-0663HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that…

  • CVE-2017-0649HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of…

  • CVE-2017-0648HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require…

  • CVE-2017-0638HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High because it is a remote arbitrary code execution in an…

  • CVE-2017-0637HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0636HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-8241HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.

  • CVE-2017-8240HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.

  • CVE-2017-8238HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.

  • CVE-2017-8237HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.

  • CVE-2017-8236HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.

  • CVE-2017-8234HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.

  • CVE-2017-8233HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write.

  • CVE-2017-7373HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.