CVE-2017-9608
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
Source: CVE-2017-9608
[월:] 2017년 12월
CVE-2017-11697
CVE-2017-11697
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
Source: CVE-2017-11697
CVE-2017-16768
CVE-2017-16768
Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter.
Source: CVE-2017-16768
CVE-2017-13056
CVE-2017-13056
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
Source: CVE-2017-13056
CVE-2016-6914
CVE-2016-6914
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
Source: CVE-2016-6914
CVE-2017-9944
CVE-2017-9944
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.
Source: CVE-2017-9944
CVE-2017-7154 (apple_tv, iphone_os, mac_os_x)
CVE-2017-7154 (apple_tv, iphone_os, mac_os_x)
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (system crash).
CVE-2017-7163 (mac_os_x)
CVE-2017-7163 (mac_os_x)
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Source: CVE-2017-7163 (mac_os_x)
CVE-2017-7152 (iphone_os)
CVE-2017-7152 (iphone_os)
An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web site.
Source: CVE-2017-7152 (iphone_os)
CVE-2017-7155 (mac_os_x)
CVE-2017-7155 (mac_os_x)
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Source: CVE-2017-7155 (mac_os_x)