|
247451
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mish…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8826
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247452
|
7.8 |
HIGH
Local
|
mh-nexus
|
hex_editor
|
Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8803
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247453
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8785
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247454
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, beca…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8781
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247455
|
7.8 |
HIGH
Local
|
irfanview
|
irfanview
|
IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8766
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247456
|
6.5 |
MEDIUM
Network
|
swftools
|
swftools
|
SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. This issue can be triggered by a malforme…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8420
|
2024-11-21 12:34 |
2017-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247457
|
8.1 |
HIGH
Network
|
aeroadmin
|
aeroadmin
|
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.
|
CWE-444
HTTP Request Smuggling
|
CVE-2017-8894
|
2024-11-21 12:34 |
2017-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247458
|
7.5 |
HIGH
Network
|
aeroadmin
|
aeroadmin
|
AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8893
|
2024-11-21 12:34 |
2017-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247459
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker.…
|
CWE-129
Improper Validation of Array Index
|
CVE-2017-8797
|
2024-11-21 12:34 |
2017-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247460
|
6.5 |
MEDIUM
Network
|
elastic
|
kibana
|
In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters crede…
|
CWE-200
Information Exposure
|
CVE-2017-8443
|
2024-11-21 12:34 |
2017-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
