9063 matches found
CVE-2017-10772
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!memcmp+0x0000000000000018" with RPC initializati...
CVE-2017-10755
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpInitializeThread+0x000000000000010b."...
Design/Logic Flaw
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!memcmp+0x0000000000000018" with RPC initializati...
Memory corruption
Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...
CVE-2017-10810
Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...
DEBIAN-CVE-2017-10810
Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...
UBUNTU-CVE-2017-10810
Memory leak in the virtiogpuobjectcreate function in drivers/gpu/drm/virtio/virtgpuobject.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service memory consumption by triggering object-initialization failures...
CVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric GE Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Versio...
CVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric GE Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Versio...
CVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric GE Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Versio...
(Pwn2Own) Microsoft Windows XPS Document Writer Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
ALPINE-CVE-2015-9099
The lameinitparams function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service invalid read and application crash via a crafted audio file with a negative sample rate...
Microsoft Graphics Component Elevation of Privilege Vulnerability
An Elevation of Privilege vulnerability exists when the Windows Graphics component improperly initializes contents in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...
WebKit JSC - arrayProtoFuncSplice does not Initialize all Indices
WebKit JSC - arrayProtoFuncSplice does not Initialize all Indices lexicalGlobalObject-arrayStructureForIndexingTypeDuringAllocationArrayWithUndecided, actualDeleteCount; if !result return JSValue::encodethrowOutOfMemoryErrorexec, scope; for unsigned k = 0; k initializeIndexvm, k, v;...
CVE-2017-8477
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly...
CVE-2017-8475
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka...
CVE-2017-8471
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly...
CVE-2017-8472
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique fr...
CVE-2017-8473
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k...
CVE-2017-8470
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly...