Max CVSS 10.0 Min CVSS 1.5 Total Count401
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7518 4.6
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr
30-07-2018 - 11:29 30-07-2018 - 11:29
CVE-2017-7482 7.2
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This
30-07-2018 - 10:29 30-07-2018 - 10:29
CVE-2016-9604 2.1
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
11-07-2018 - 09:29 11-07-2018 - 09:29
CVE-2017-12608 6.8
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
20-11-2017 - 15:29 20-11-2017 - 15:29
CVE-2017-12607 6.8
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary c
20-11-2017 - 14:29 20-11-2017 - 14:29
CVE-2017-7132 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted O
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13852 4.3
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13849 4.3
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (applic
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13846 10.0
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unsp
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13843 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13842 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13841 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13840 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13838 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) vi
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13836 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13834 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13832 7.5
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13831 5.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13830 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13828 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13826 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-10140. Reason: This candidate is a reservation duplicate of CVE-2017-10140. Notes: All CVE users should reference CVE-2017-10140 instead of this candidate. All references and de
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13825 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted fon
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13824 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13823 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13822 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13821 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13820 5.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruptio
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13819 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13818 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13817 2.1
An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13816 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application cra
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13815 10.0
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unsp
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13814 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cras
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13813 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application cra
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13812 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application c
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13811 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13810 2.1
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to obtain sensitive information by leveraging an error in packet counters.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13809 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted AppleScript file that is mishandled by osadecompil
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13808 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corr
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13807 6.8
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickT
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13804 4.3
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attacker
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13803 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13802 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13801 2.1
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13800 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13799 9.3
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13798 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13797 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13796 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13795 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13794 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13793 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13792 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13791 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13788 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13786 2.1
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13785 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13784 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13783 6.8
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-13782 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a /dev/dtracehelper attack involving the dtrace_dif_va
12-11-2017 - 22:29 12-11-2017 - 22:29
CVE-2017-3736 4.0
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very
02-11-2017 - 13:29 02-11-2017 - 13:29
CVE-2017-14375 10.0
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) ver
31-10-2017 - 21:29 31-10-2017 - 21:29
CVE-2017-14358 5.8
A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow URL redirection to untrusted site.
31-10-2017 - 11:29 31-10-2017 - 11:29
CVE-2017-14357 4.3
A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow Reflected and Stored
31-10-2017 - 11:29 31-10-2017 - 11:29
CVE-2017-14356 7.5
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.
31-10-2017 - 11:29 31-10-2017 - 11:29
CVE-2017-14373 4.3
EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
31-10-2017 - 03:29 31-10-2017 - 03:29
CVE-2017-15955 4.3
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.
28-10-2017 - 17:29 28-10-2017 - 17:29
CVE-2017-15954 4.3
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.
28-10-2017 - 17:29 28-10-2017 - 17:29
CVE-2017-15953 4.3
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.
28-10-2017 - 17:29 28-10-2017 - 17:29
CVE-2017-1375 5.0
IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126868.
24-10-2017 - 17:29 24-10-2017 - 17:29
CVE-2017-15649 4.6
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) t
19-10-2017 - 18:29 19-10-2017 - 18:29
CVE-2017-10388 5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unau
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10378 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privile
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10357 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows un
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10356 2.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10355 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitabl
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10350 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-10349 5.0