Vulnerabilities > Microsoft > Windows
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-22 | CVE-2017-15803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150." | 6.8 |
2017-10-22 | CVE-2017-15802 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087." | 6.8 |
2017-10-22 | CVE-2017-15801 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." | 6.8 |
2017-10-16 | CVE-2017-0316 | Improper Input Validation vulnerability in Nvidia Geforce Experience In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges. | 4.6 |
2017-10-03 | CVE-2017-8018 | Improper Input Validation vulnerability in EMC Appsync 2.0/3.0.0/3.5 EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 5.0 |
2017-09-30 | CVE-2017-14947 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359." | 6.8 |
2017-09-30 | CVE-2017-14946 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e." | 6.8 |
2017-09-30 | CVE-2017-14945 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at KERNELBASE!RaiseException+0x0000000000000068." | 6.8 |
2017-09-28 | CVE-2017-12814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable. | 7.5 |
2017-09-22 | CVE-2017-6277 | Improper Input Validation vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges. | 7.2 |