Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-9842 | 6.8 |
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
|
28-08-2024 - 16:07 | 23-05-2017 - 04:29 | |
CVE-2016-9840 | 6.8 |
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
|
16-08-2022 - 13:16 | 23-05-2017 - 04:29 | |
CVE-2016-9841 | 7.5 |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
|
16-08-2022 - 13:02 | 23-05-2017 - 04:29 | |
CVE-2016-9843 | 7.5 |
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
|
16-08-2022 - 13:02 | 23-05-2017 - 04:29 | |
CVE-2017-9233 | 5.0 |
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
|
28-07-2022 - 11:30 | 25-07-2017 - 20:29 | |
CVE-2016-9063 | 7.5 |
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
|
27-06-2022 - 16:42 | 11-06-2018 - 21:29 | |
CVE-2016-9042 | 4.3 |
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate repl
|
19-04-2022 - 20:15 | 04-06-2018 - 20:29 | |
CVE-2017-11103 | 6.8 |
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name
|
18-08-2020 - 15:05 | 13-07-2017 - 13:29 | |
CVE-2017-7084 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Application Firewall" component. It allows remote attackers to bypass intended settings in opportunistic circumstances by leveraging incorrect
|
03-10-2019 - 00:03 | 23-10-2017 - 01:29 | |
CVE-2017-7086 | 7.8 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a den
|
03-10-2019 - 00:03 | 23-10-2017 - 01:29 | |
CVE-2017-7078 | 5.0 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext t
|
03-10-2019 - 00:03 | 23-10-2017 - 01:29 | |
CVE-2017-7143 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwords in opportunistic circumstances by sniffing the
|
03-10-2019 - 00:03 | 23-10-2017 - 01:29 | |
CVE-2017-10989 | 7.5 |
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
|
03-10-2019 - 00:03 | 07-07-2017 - 12:29 | |
CVE-2017-0381 | 9.3 |
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access
|
03-10-2019 - 00:03 | 12-01-2017 - 20:59 | |
CVE-2017-7127 | 9.3 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" componen
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7080 | 5.0 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7114 | 9.3 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrar
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7083 | 4.0 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers t
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7130 | 7.5 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7128 | 7.5 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7129 | 7.5 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow
|
08-03-2019 - 16:06 | 23-10-2017 - 01:29 | |
CVE-2017-7144 | 4.3 |
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
|
26-10-2017 - 18:23 | 23-10-2017 - 01:29 | |
CVE-2017-7138 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.
|
26-10-2017 - 18:20 | 23-10-2017 - 01:29 | |
CVE-2017-7141 | 5.0 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently
|
26-10-2017 - 18:19 | 23-10-2017 - 01:29 | |
CVE-2017-7082 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Screen Lock" component. It allows physically proximate attackers to read Application Firewall prompts.
|
26-10-2017 - 12:54 | 23-10-2017 - 01:29 | |
CVE-2017-7077 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupt
|
26-10-2017 - 12:50 | 23-10-2017 - 01:29 | |
CVE-2017-7074 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.
|
26-10-2017 - 12:32 | 23-10-2017 - 01:29 | |
CVE-2017-7119 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
25-10-2017 - 20:05 | 23-10-2017 - 01:29 | |
CVE-2017-6451 | 4.6 |
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, whic
|
24-10-2017 - 01:29 | 27-03-2017 - 17:59 | |
CVE-2017-6455 | 4.4 |
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
|
24-10-2017 - 01:29 | 27-03-2017 - 17:59 | |
CVE-2017-6452 | 4.6 |
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
|
24-10-2017 - 01:29 | 27-03-2017 - 17:59 | |
CVE-2017-1000373 | 6.4 |
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack
|
24-10-2017 - 01:29 | 19-06-2017 - 16:29 |