|
258091
|
7.8 |
HIGH
Local
|
microsoft
|
malware_protection_engine
|
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Se…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11937
|
2024-11-21 12:08 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258092
|
5.3 |
MEDIUM
Network
|
synology
|
photo_station
|
An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information…
|
CWE-200
Information Exposure
|
CVE-2017-12080
|
2024-11-21 12:08 |
2017-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258093
|
7.5 |
HIGH
Network
|
synology
|
photo_station
|
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via p…
|
CWE-200
Information Exposure
|
CVE-2017-12079
|
2024-11-21 12:08 |
2017-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258094
|
6.7 |
MEDIUM
Local
|
postgresql
|
postgresql
|
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database su…
|
CWE-59
Link Following
|
CVE-2017-12172
|
2024-11-21 12:08 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258095
|
7.8 |
HIGH
Local
|
libxls_project
|
libxls
|
An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code ex…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-12111
|
2024-11-21 12:08 |
2017-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258096
|
7.8 |
HIGH
Local
|
libxls_project
|
libxls
|
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-12110
|
2024-11-21 12:08 |
2017-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258097
|
7.8 |
HIGH
Local
|
microsoft
|
excel
|
Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11884
|
2024-11-21 12:08 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258098
|
7.5 |
HIGH
Network
|
microsoft
|
aspnetcore
|
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Deni…
|
NVD-CWE-noinfo
|
CVE-2017-11883
|
2024-11-21 12:08 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258099
|
8.8 |
HIGH
Network
|
microsoft
|
asp.net_core
|
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
|
CWE-601
Open Redirect
|
CVE-2017-11879
|
2024-11-21 12:08 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258100
|
3.1 |
LOW
Network
|
microsoft
|
chakracore
edge
|
Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to …
|
NVD-CWE-noinfo
|
CVE-2017-11874
|
2024-11-21 12:08 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
