Lucene search
K

6686 matches found

Microsoft KB
Microsoft KB
added 2017/11/14 8:0 a.m.67 views

October 10, 2017—KB4042895 (OS Build 10240.17643)

October 10, 2017—KB4042895 OS Build 10240.17643 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include the following: Addressed issue in which the Universal CRT splitpath was not handling multibyt...

10CVSS7.4AI score0.69163EPSS
Exploits34
Fedora
Fedora
added 2017/11/11 1:43 p.m.28 views

[SECURITY] Fedora 27 Update: poppler-0.57.0-5.fc27

poppler is a PDF rendering library...

7.8CVSS2.3AI score0.01542EPSS
Exploits3
Fedora
Fedora
added 2017/11/11 3:25 a.m.32 views

[SECURITY] Fedora 27 Update: poppler-0.57.0-5.fc27

poppler is a PDF rendering library...

7.8CVSS2.3AI score0.01542EPSS
Exploits3
Fedora
Fedora
added 2017/11/07 10:21 p.m.35 views

[SECURITY] Fedora 26 Update: poppler-0.52.0-9.fc26

poppler is a PDF rendering library...

7.8CVSS2.3AI score0.01542EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/10/30 12:47 p.m.57 views

USN-3467-1: poppler vulnerability

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...

8.8CVSS7.5AI score0.02059EPSS
Exploits1
CNVD
CNVD
added 2017/10/30 12:0 a.m.2 views

Google Chrome Type Obfuscation Vulnerability (CNVD-2017-33592)

Google Chrome for Linux, Windows, Mac and Android is the United States Google Google company developed a Linux, Windows, Mac and Android platform based on the Web browser. PDFium is one of the open source PDF rendering engine. PDFium in Google Chrome on Mac, Windows, Linux and Android platforms...

8.8CVSS6.7AI score0.01476EPSS
Exploits0References1
OSV
OSV
added 2017/10/27 5:29 a.m.2 views

CVE-2017-5107

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

5.3CVSS6.7AI score0.01652EPSS
Exploits0References6
NVD
NVD
added 2017/10/27 5:29 a.m.13 views

CVE-2017-5107

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

5.3CVSS5.2AI score0.01652EPSS
Exploits0References6
OSV
OSV
added 2017/10/27 5:29 a.m.5 views

UBUNTU-CVE-2017-5107

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

5.3CVSS6.7AI score0.01652EPSS
Exploits0References3
Prion
Prion
added 2017/10/27 5:29 a.m.15 views

Input validation

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

2.6CVSS5.5AI score0.01652EPSS
Exploits0References6Affected Software4
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.27 views

CVE-2017-5107

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

5.3CVSS6.8AI score0.01652EPSS
Exploits0References2
CVE
CVE
added 2017/10/27 5:0 a.m.110 views

CVE-2017-5107

The CVE-2017-5107 entry describes a timing-based information disclosure in Google Chrome's SVG rendering prior to 60.0.3112.78, enabling a remote attacker to extract pixel values from a cross-origin page loaded in an iframe on Linux/Windows/macOS. The connected sources corroborate Chrome/Chromium...

5.3CVSS5.6AI score0.01652EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/10/27 5:0 a.m.20 views

CVE-2017-5107

Removed by vendor...

5.3CVSS7.4AI score0.01652EPSS
Exploits0
Cvelist
Cvelist
added 2017/10/27 5:0 a.m.23 views

CVE-2017-5107

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...

5.8AI score0.01652EPSS
Exploits0References6
Prion
Prion
added 2017/10/22 7:29 p.m.18 views

Design/Logic Flaw

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a...

6.8CVSS8AI score0.00767EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/10/22 7:29 p.m.5 views

CVE-2017-15801

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS5.8AI score0.00767EPSS
Exploits0References1
OSV
OSV
added 2017/10/22 7:29 p.m.5 views

CVE-2017-15802

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS5.8AI score0.00767EPSS
Exploits0References1
OSV
OSV
added 2017/10/22 7:29 p.m.4 views

CVE-2017-15803

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a...

7.8CVSS5.8AI score0.00767EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/10/22 7:0 p.m.24 views

CVE-2017-15801

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

8.1AI score0.00767EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/10/18 2:29 a.m.19 views

CVE-2017-15577

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...

7.5CVSS7.2AI score0.01624EPSS
Exploits0References4
Rows per page
Query Builder