Max CVSS 10.0 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-6831 4.3
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
16-10-2020 - 21:15 20-03-2017 - 16:59
CVE-2017-7697 4.3
In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file.
03-10-2019 - 00:03 11-04-2017 - 23:59
CVE-2017-6440 1.9
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
03-10-2019 - 00:03 15-03-2017 - 14:59
CVE-2017-10256 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker
03-10-2019 - 00:03 08-08-2017 - 15:29
CVE-2006-4244 7.5
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie
17-10-2018 - 21:34 31-08-2006 - 01:04
CVE-2008-2747 2.1
No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the (1) TrayPassword, (2) U
11-10-2018 - 20:42 18-06-2008 - 19:41
CVE-2016-6812 4.3
The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the ba
05-01-2018 - 02:31 10-08-2017 - 16:29
CVE-2016-10251 6.8
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
05-01-2018 - 02:30 15-03-2017 - 14:59
CVE-2017-6832 4.3
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
04-11-2017 - 01:29 20-03-2017 - 16:59
CVE-2004-0333 10.0
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. This was fixed in WinZip 8.1
11-07-2017 - 01:30 23-11-2004 - 05:00
CVE-2017-7689 10.0
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.
18-04-2017 - 12:16 11-04-2017 - 21:59
CVE-2017-6435 1.9
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
14-04-2017 - 01:59 15-03-2017 - 14:59
Back to Top Mark selected
Back to Top