Max CVSS 10.0 Min CVSS 6.8 Total Count17
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9769 10.0
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-8464 9.3
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers t
14-06-2017 - 21:29 14-06-2017 - 21:29
CVE-2014-4113 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
13-03-2017 - 21:59 15-10-2014 - 06:55
CVE-2016-10045 7.5
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal esca
25-01-2017 - 21:59 30-12-2016 - 14:59
CVE-2016-10033 7.5
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
25-01-2017 - 21:59 30-12-2016 - 14:59
CVE-2014-6271 10.0
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman
06-01-2017 - 22:00 24-09-2014 - 14:48
CVE-2014-4971 7.2
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the M
06-01-2017 - 22:00 26-07-2014 - 11:55
CVE-2015-1701 7.2
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vul
02-01-2017 - 21:59 21-04-2015 - 06:59
CVE-2015-0096 9.3
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to
02-01-2017 - 21:59 11-03-2015 - 06:59
CVE-2013-2492 6.8
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during
06-12-2016 - 22:00 15-03-2013 - 18:55
CVE-2014-1761 9.3
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Of
08-12-2014 - 13:48 25-03-2014 - 09:24
CVE-2013-3881 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
19-12-2013 - 23:36 09-10-2013 - 10:53
CVE-2006-6199 7.5
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
12-12-2013 - 22:37 30-11-2006 - 20:28
CVE-2013-3563 7.5
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001.
05-07-2013 - 00:00 04-07-2013 - 10:33
CVE-2011-2763 7.5
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
13-02-2012 - 23:07 02-09-2011 - 12:55
CVE-2011-2005 7.2
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary F
26-01-2012 - 23:00 11-10-2011 - 22:52
CVE-2007-1373 10.0
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
13-11-2008 - 01:34 09-03-2007 - 19:19
Back to Top Mark selected
Back to Top