Lucene search
K

1096 matches found

CNVD
CNVD
added 2017/09/25 12:0 a.m.3 views

Artifex MuPDF Denial of Service Vulnerability (CNVD-2017-35028)

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in Artifex MuPDF version 1.11. The vulnerability can be exploited by an attacker to cause a denial of service with the help of a specially crafted .xps file...

7.8CVSS6.7AI score0.01324EPSS
Exploits1References1
OSV
OSV
added 2017/09/22 6:29 a.m.2 views

DEBIAN-CVE-2017-14686

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because readzipdirimp in fitz/unzip.c does not check...

7.8CVSS7.8AI score0.0186EPSS
Exploits1References1
OSV
OSV
added 2017/09/22 6:29 a.m.2 views

DEBIAN-CVE-2017-14685

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...

7.8CVSS7.6AI score0.01324EPSS
Exploits1References1
OSV
OSV
added 2017/09/22 6:29 a.m.5 views

UBUNTU-CVE-2017-14687

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name...

7.8CVSS7.2AI score0.01324EPSS
Exploits1References4
CNVD
CNVD
added 2017/09/22 12:0 a.m.1 views

rbenv Directory Traversal Vulnerability

rbenv is a versioning tool for Ruty. A directory traversal vulnerability exists in the specification of the Ruby version in rbenv. A remote attacker can exploit this vulnerability to execute code...

9.8CVSS7.2AI score0.0371EPSS
Exploits0References1
OSV
OSV
added 2017/09/18 5:29 p.m.4 views

CVE-2017-14568

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000000297024c called from STDUXPSFile!DllUnregisterServer+0x0000000000025630."...

7.8CVSS6.1AI score0.00373EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2017/09/06 8:32 a.m.22 views

Exploit for Deserialization of Untrusted Data in Apache Struts

Description Apache Struts RCE tool for CVE 2017-9805 O...

8.1CVSS7.7AI score0.99461EPSS
Exploits23
OSV
OSV
added 2017/08/31 8:29 p.m.2 views

ALPINE-CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

7.5CVSS6.9AI score0.29442EPSS
Exploits2References1
OSV
OSV
added 2017/08/31 8:29 p.m.1 views

DEBIAN-CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

7.5CVSS8.4AI score0.29442EPSS
Exploits2References1
OSV
OSV
added 2017/08/31 8:29 p.m.35 views

CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

7.5CVSS9.3AI score
Exploits0References15
OSV
OSV
added 2017/08/31 12:0 a.m.2 views

UBUNTU-CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

7.5CVSS6.8AI score0.29442EPSS
Exploits2References8
NVD
NVD
added 2017/08/11 7:29 p.m.22 views

CVE-2017-11210

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...

6.5CVSS6.9AI score0.11468EPSS
Exploits0References4
Prion
Prion
added 2017/08/11 7:29 p.m.20 views

Memory corruption

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...

4.3CVSS7.3AI score0.11468EPSS
Exploits0References4Affected Software5
OSV
OSV
added 2017/08/11 7:29 p.m.2 views

CVE-2017-11210

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...

6.5CVSS6AI score0.11468EPSS
Exploits0References4
OSV
OSV
added 2017/08/11 7:29 p.m.2 views

CVE-2017-11209

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...

6.5CVSS6AI score0.11468EPSS
Exploits0References4
EUVD
EUVD
added 2017/08/11 7:0 p.m.5 views

EUVD-2017-2843

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...

6.5CVSS8.3AI score0.11468EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/08/11 7:0 p.m.24 views

CVE-2017-11210

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...

8.3AI score0.11468EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2017/08/08 12:0 a.m.4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11228)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to code stream specification components. A remote attacker might exploit this issue by creating an incomplete code stream which can cause memory corruption...

9.3CVSS9.1AI score0.07069EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/08/01 12:0 a.m.20 views

Mitsubishi Electric E-Designer SetupAlarm Font Property Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9.1AI score0.03636EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2017/07/27 5:19 a.m.14 views

3 New CIA-developed Hacking Tools For MacOS & Linux Exposed

WikiLeaks has just published a new set of classified documents linked to another CIA project, dubbed 'Imperial,' which reveals details of at least three CIA-developed hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems. ...

7.3AI score
Exploits0
Rows per page
Query Builder