|
251861
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-3159
|
2024-11-21 12:24 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251862
|
9.8 |
CRITICAL
Network
|
justsystems
|
ichitaro
|
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2790
|
2024-11-21 12:24 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251863
|
7.8 |
HIGH
Local
|
justsystems
|
ichitaro
|
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2791
|
2024-11-21 12:24 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251864
|
9.8 |
CRITICAL
Network
|
justsystems
|
ichitaro
|
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2789
|
2024-11-21 12:24 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251865
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2996
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251866
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
|
CWE-843
Type Confusion
|
CVE-2017-2995
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251867
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2017-2994
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251868
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2017-2993
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251869
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2992
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251870
|
8.8 |
HIGH
Network
|
adobe
|
flash_player
flash_player_desktop_runtime
|
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary co…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-2991
|
2024-11-21 12:24 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
