Search Results (18983 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-11267 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11268 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11269 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11271 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11281 6 Adobe, Apple, Google and 3 more 11 Flash Player, Macos, Chrome Os and 8 more 2025-04-20 N/A
Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVE-2017-11282 6 Adobe, Apple, Google and 3 more 11 Flash Player, Macos, Chrome Os and 8 more 2025-04-20 N/A
Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVE-2017-11294 2 Adobe, Microsoft 2 Shockwave, Windows 2025-04-20 N/A
An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
CVE-2017-8564 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability".
CVE-2017-8562 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2025-04-20 N/A
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".
CVE-2017-8558 1 Microsoft 9 Endpoint Protection, Forefront Endpoint Protection, Security Essentials and 6 more 2025-04-20 N/A
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
CVE-2017-8555 1 Microsoft 2 Edge, Windows 10 2025-04-20 N/A
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8530.
CVE-2017-8553 1 Microsoft 5 Windows 8.1, Windows Rt 8.1, Windows Server 2008 and 2 more 2025-04-20 N/A
An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".
CVE-2017-11742 2 Libexpat Project, Microsoft 2 Libexpat, Windows 2025-04-20 N/A
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.
CVE-2017-11763 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-11763.
CVE-2017-11764 1 Microsoft 3 Edge, Windows 10, Windows Server 2016 2025-04-20 N/A
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-8756.
CVE-2017-11779 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2025-04-20 N/A
The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability".
CVE-2017-11781 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".
CVE-2017-11782 1 Microsoft 2 Windows 10, Windows Server 2016 2025-04-20 N/A
The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability".
CVE-2017-11783 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2025-04-20 N/A
Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability".
CVE-2017-11784 1 Microsoft 6 Windows 10, Windows 7, Windows 8.1 and 3 more 2025-04-20 N/A
The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11765, CVE-2017-11785, and CVE-2017-11814.